diff options
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 | ||||
| -rw-r--r-- | src/db/sysdb_sudo.h | 1 | ||||
| -rw-r--r-- | src/providers/ldap/ldap_opts.h | 1 | ||||
| -rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 1 |
7 files changed, 7 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index a4a5770db..8be6f8db4 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -350,6 +350,7 @@ option_strings = { 'ldap_sudorule_host' : _('Sudo rule host attribute'), 'ldap_sudorule_user' : _('Sudo rule user attribute'), 'ldap_sudorule_option' : _('Sudo rule option attribute'), + 'ldap_sudorule_runas' : _('Sudo rule runas attribute'), 'ldap_sudorule_runasuser' : _('Sudo rule runasuser attribute'), 'ldap_sudorule_runasgroup' : _('Sudo rule runasgroup attribute'), 'ldap_sudorule_notbefore' : _('Sudo rule notbefore attribute'), diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 5d5263268..3a0dda8bd 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -150,6 +150,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index c1cedf088..198076d6f 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -215,6 +215,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index af9dfa841..ca1dee08d 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -152,6 +152,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/db/sysdb_sudo.h b/src/db/sysdb_sudo.h index 7a34591cd..4a7c16f03 100644 --- a/src/db/sysdb_sudo.h +++ b/src/db/sysdb_sudo.h @@ -39,6 +39,7 @@ #define SYSDB_SUDO_CACHE_AT_HOST "sudoHost" #define SYSDB_SUDO_CACHE_AT_COMMAND "sudoCommand" #define SYSDB_SUDO_CACHE_AT_OPTION "sudoOption" +#define SYSDB_SUDO_CACHE_AT_RUNAS "sudoRunAs" #define SYSDB_SUDO_CACHE_AT_RUNASUSER "sudoRunAsUser" #define SYSDB_SUDO_CACHE_AT_RUNASGROUP "sudoRunAsGroup" #define SYSDB_SUDO_CACHE_AT_NOTBEFORE "sudoNotBefore" diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index 3da527474..217436113 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -319,6 +319,7 @@ struct sdap_attr_map native_sudorule_map[] = { { "ldap_sudorule_host", "sudoHost", SYSDB_SUDO_CACHE_AT_HOST, NULL }, { "ldap_sudorule_user", "sudoUser", SYSDB_SUDO_CACHE_AT_USER, NULL }, { "ldap_sudorule_option", "sudoOption", SYSDB_SUDO_CACHE_AT_OPTION, NULL }, + { "ldap_sudorule_runas", "sudoRunAs", SYSDB_SUDO_CACHE_AT_RUNAS, NULL }, { "ldap_sudorule_runasuser", "sudoRunAsUser", SYSDB_SUDO_CACHE_AT_RUNASUSER, NULL }, { "ldap_sudorule_runasgroup", "sudoRunAsGroup", SYSDB_SUDO_CACHE_AT_RUNASGROUP, NULL }, { "ldap_sudorule_notbefore", "sudoNotBefore", SYSDB_SUDO_CACHE_AT_NOTBEFORE, NULL }, diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 9333bfe78..48a40af30 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -539,6 +539,7 @@ static errno_t sudosrv_get_sudorules_from_cache(TALLOC_CTX *mem_ctx, SYSDB_SUDO_CACHE_AT_HOST, SYSDB_SUDO_CACHE_AT_COMMAND, SYSDB_SUDO_CACHE_AT_OPTION, + SYSDB_SUDO_CACHE_AT_RUNAS, SYSDB_SUDO_CACHE_AT_RUNASUSER, SYSDB_SUDO_CACHE_AT_RUNASGROUP, SYSDB_SUDO_CACHE_AT_NOTBEFORE, |