diff options
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 | ||||
-rw-r--r-- | src/db/sysdb_sudo.h | 1 | ||||
-rw-r--r-- | src/providers/ldap/ldap_opts.h | 1 | ||||
-rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 1 |
7 files changed, 7 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index d9b186f73..439378ff8 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -354,6 +354,7 @@ option_strings = { 'ldap_sudorule_host' : _('Sudo rule host attribute'), 'ldap_sudorule_user' : _('Sudo rule user attribute'), 'ldap_sudorule_option' : _('Sudo rule option attribute'), + 'ldap_sudorule_runas' : _('Sudo rule runas attribute'), 'ldap_sudorule_runasuser' : _('Sudo rule runasuser attribute'), 'ldap_sudorule_runasgroup' : _('Sudo rule runasgroup attribute'), 'ldap_sudorule_notbefore' : _('Sudo rule notbefore attribute'), diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 33d460e82..74ca49ab9 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -151,6 +151,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 11484e7d4..459db0627 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -216,6 +216,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index fa9cdd698..c1c030976 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -152,6 +152,7 @@ ldap_sudorule_command = str, None, false ldap_sudorule_host = str, None, false ldap_sudorule_user = str, None, false ldap_sudorule_option = str, None, false +ldap_sudorule_runas = str, None, false ldap_sudorule_runasuser = str, None, false ldap_sudorule_runasgroup = str, None, false ldap_sudorule_notbefore = str, None, false diff --git a/src/db/sysdb_sudo.h b/src/db/sysdb_sudo.h index f8e214f9f..fc896c385 100644 --- a/src/db/sysdb_sudo.h +++ b/src/db/sysdb_sudo.h @@ -39,6 +39,7 @@ #define SYSDB_SUDO_CACHE_AT_HOST "sudoHost" #define SYSDB_SUDO_CACHE_AT_COMMAND "sudoCommand" #define SYSDB_SUDO_CACHE_AT_OPTION "sudoOption" +#define SYSDB_SUDO_CACHE_AT_RUNAS "sudoRunAs" #define SYSDB_SUDO_CACHE_AT_RUNASUSER "sudoRunAsUser" #define SYSDB_SUDO_CACHE_AT_RUNASGROUP "sudoRunAsGroup" #define SYSDB_SUDO_CACHE_AT_NOTBEFORE "sudoNotBefore" diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index adf200caa..39c247332 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -321,6 +321,7 @@ struct sdap_attr_map native_sudorule_map[] = { { "ldap_sudorule_host", "sudoHost", SYSDB_SUDO_CACHE_AT_HOST, NULL }, { "ldap_sudorule_user", "sudoUser", SYSDB_SUDO_CACHE_AT_USER, NULL }, { "ldap_sudorule_option", "sudoOption", SYSDB_SUDO_CACHE_AT_OPTION, NULL }, + { "ldap_sudorule_runas", "sudoRunAs", SYSDB_SUDO_CACHE_AT_RUNAS, NULL }, { "ldap_sudorule_runasuser", "sudoRunAsUser", SYSDB_SUDO_CACHE_AT_RUNASUSER, NULL }, { "ldap_sudorule_runasgroup", "sudoRunAsGroup", SYSDB_SUDO_CACHE_AT_RUNASGROUP, NULL }, { "ldap_sudorule_notbefore", "sudoNotBefore", SYSDB_SUDO_CACHE_AT_NOTBEFORE, NULL }, diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 9d8ef5d2a..4b35a1aed 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -537,6 +537,7 @@ static errno_t sudosrv_get_sudorules_from_cache(TALLOC_CTX *mem_ctx, SYSDB_SUDO_CACHE_AT_HOST, SYSDB_SUDO_CACHE_AT_COMMAND, SYSDB_SUDO_CACHE_AT_OPTION, + SYSDB_SUDO_CACHE_AT_RUNAS, SYSDB_SUDO_CACHE_AT_RUNASUSER, SYSDB_SUDO_CACHE_AT_RUNASGROUP, SYSDB_SUDO_CACHE_AT_NOTBEFORE, |