summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--src/config/SSSDConfig.py5
-rwxr-xr-xsrc/config/SSSDConfigTest.py6
-rw-r--r--src/config/etc/sssd.api.conf5
3 files changed, 14 insertions, 2 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py
index a789e785b..1a241430d 100644
--- a/src/config/SSSDConfig.py
+++ b/src/config/SSSDConfig.py
@@ -73,11 +73,16 @@ option_strings = {
'pam_id_timeout' : _('How many seconds to keep identity information cached for PAM requests'),
'pam_pwd_expiration_warning' : _('How many days before password expiration a warning should be displayed'),
+ # [sudo]
+ 'sudo_timed' : _('Whether to evaluate the time-based attributes in sudo rules'),
+ 'sudo_cache_timeout' : _('How many seconds to keep sudorules cached before asking the provider again'),
+
# [provider]
'id_provider' : _('Identity provider'),
'auth_provider' : _('Authentication provider'),
'access_provider' : _('Access control provider'),
'chpass_provider' : _('Password change provider'),
+ 'sudo_provider' : _('SUDO provider'),
# [domain]
'min_id' : _('Minimum user ID'),
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index c44e6ba8f..66b3f9c7a 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -1145,7 +1145,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase):
control_list = [
'sssd',
'nss',
- 'pam']
+ 'pam',
+ 'sudo']
for section in control_list:
self.assertTrue(sssdconfig.has_section(section),
"Section [%s] missing" %
@@ -1186,7 +1187,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase):
control_list = [
'sssd',
'pam',
- 'nss']
+ 'nss',
+ 'sudo']
service_list = sssdconfig.list_services()
for service in control_list:
self.assertTrue(service in service_list,
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index 8a5449c4c..6eb08a5d9 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -43,6 +43,11 @@ pam_verbosity = int, None, false
pam_id_timeout = int, None, false
pam_pwd_expiration_warning = int, None, false
+[sudo]
+# sudo service
+sudo_timed = bool, None, false
+sudo_cache_timeout = int, None, false
+
[provider]
#Available provider types
id_provider = str, None, true