diff options
-rw-r--r-- | src/confdb/confdb.c | 13 | ||||
-rw-r--r-- | src/confdb/confdb.h | 2 | ||||
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
-rw-r--r-- | src/config/etc/sssd.api.conf | 1 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 20 |
6 files changed, 40 insertions, 3 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index 87960c4db..9af754912 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1256,6 +1256,19 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, } } + tmp = ldb_msg_find_attr_as_string(res->msgs[0], + CONFDB_DOMAIN_SUBDOMAIN_INHERIT, + NULL); + if (tmp != NULL) { + ret = split_on_separator(domain, tmp, ',', true, true, + &domain->sd_inherit, NULL); + if (ret != 0) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Cannot parse %s\n", CONFDB_SUBDOMAIN_ENUMERATE); + goto done; + } + } + ret = get_entry_as_uint32(res->msgs[0], &domain->subdomain_refresh_interval, CONFDB_DOMAIN_SUBDOMAIN_REFRESH, 14400); if (ret != EOK || domain->subdomain_refresh_interval == 0) { diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index c8c91288c..93fbce5e5 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -187,6 +187,7 @@ #define CONFDB_DOMAIN_PWD_EXPIRATION_WARNING "pwd_expiration_warning" #define CONFDB_DOMAIN_REFRESH_EXPIRED_INTERVAL "refresh_expired_interval" #define CONFDB_DOMAIN_OFFLINE_TIMEOUT "offline_timeout" +#define CONFDB_DOMAIN_SUBDOMAIN_INHERIT "subdomain_inherit" /* Local Provider */ #define CONFDB_LOCAL_DEFAULT_SHELL "default_shell" @@ -268,6 +269,7 @@ struct sss_domain_info { struct sss_domain_info *next; bool disabled; + char **sd_inherit; }; /** diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index f58c52faf..af7f1bffb 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -148,6 +148,7 @@ option_strings = { 'dyndns_auth' : _("What kind of authentication should be used to perform the DNS update"), 'subdomain_enumerate' : _('Control enumeration of trusted domains'), 'subdomain_refresh_interval' : _('How often should subdomains list be refreshed'), + 'subdomain_inherit' : _('List of options that should be inherited into a subdomain'), # [provider/ipa] 'ipa_domain' : _('IPA domain'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 60f51ca76..c6ba9f051 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -546,7 +546,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'hostid_provider', 'subdomains_provider', 'realmd_tags', - 'subdomain_refresh_interval'] + 'subdomain_refresh_interval', + 'subdomain_inherit'] self.assertTrue(type(options) == dict, "Options should be a dictionary") @@ -908,7 +909,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'hostid_provider', 'subdomains_provider', 'realmd_tags', - 'subdomain_refresh_interval'] + 'subdomain_refresh_interval', + 'subdomain_inherit'] self.assertTrue(type(options) == dict, "Options should be a dictionary") diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index f1ac6366c..7ad84cd82 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -132,6 +132,7 @@ default_shell = str, None, false description = str, None, false realmd_tags = str, None, false subdomain_refresh_interval = int, None, false +subdomain_inherit = str, None, false #Entry cache timeouts entry_cache_user_timeout = int, None, false diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index b5782b794..7d0ba0574 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -479,7 +479,25 @@ </para> </listitem> </varlistentry> - + <varlistentry> + <term>subdomain_inherit (string)</term> + <listitem> + <para> + Specifies a list of configuration parameters that + should be inherited by a subdomain. Please note + that only selected parameters can be inherited. + </para> + <para> + Example: + <programlisting> +subdomain_inherit = ldap_purge_cache_timeout + </programlisting> + </para> + <para> + Default: none + </para> + </listitem> + </varlistentry> </variablelist> </refsect2> |