diff options
-rw-r--r-- | src/config/SSSDConfig.py | 5 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
-rw-r--r-- | src/config/etc/sssd.api.conf | 5 |
3 files changed, 14 insertions, 2 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index a789e785b..1a241430d 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -73,11 +73,16 @@ option_strings = { 'pam_id_timeout' : _('How many seconds to keep identity information cached for PAM requests'), 'pam_pwd_expiration_warning' : _('How many days before password expiration a warning should be displayed'), + # [sudo] + 'sudo_timed' : _('Whether to evaluate the time-based attributes in sudo rules'), + 'sudo_cache_timeout' : _('How many seconds to keep sudorules cached before asking the provider again'), + # [provider] 'id_provider' : _('Identity provider'), 'auth_provider' : _('Authentication provider'), 'access_provider' : _('Access control provider'), 'chpass_provider' : _('Password change provider'), + 'sudo_provider' : _('SUDO provider'), # [domain] 'min_id' : _('Minimum user ID'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index c44e6ba8f..66b3f9c7a 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -1145,7 +1145,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): control_list = [ 'sssd', 'nss', - 'pam'] + 'pam', + 'sudo'] for section in control_list: self.assertTrue(sssdconfig.has_section(section), "Section [%s] missing" % @@ -1186,7 +1187,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): control_list = [ 'sssd', 'pam', - 'nss'] + 'nss', + 'sudo'] service_list = sssdconfig.list_services() for service in control_list: self.assertTrue(service in service_list, diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 8a5449c4c..6eb08a5d9 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -43,6 +43,11 @@ pam_verbosity = int, None, false pam_id_timeout = int, None, false pam_pwd_expiration_warning = int, None, false +[sudo] +# sudo service +sudo_timed = bool, None, false +sudo_cache_timeout = int, None, false + [provider] #Available provider types id_provider = str, None, true |