From b24e4bec819b29f1ec8e77083d4e7610c5dd9c77 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Wed, 24 Apr 2013 20:26:40 +0200
Subject: SUDO: IPA provider

This patch added auto configuration SUDO with ipa provider and compat tree.

https://fedorahosted.org/sssd/ticket/1733
---
 src/config/SSSDConfigTest.py            |  4 ++--
 src/config/etc/sssd.api.d/sssd-ipa.conf | 21 +++++++++++++++++++++
 2 files changed, 23 insertions(+), 2 deletions(-)

(limited to 'src/config')

diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index 6ae458b1a..9c0e34e64 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -715,8 +715,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
         domain = SSSDConfig.SSSDDomain('sssd', self.schema)
 
         control_provider_dict = {
-            'ipa': ['id', 'auth', 'access', 'chpass', 'autofs', 'session',
-                    'hostid', 'subdomains'],
+            'ipa': ['id', 'auth', 'access', 'chpass', 'sudo', 'autofs',
+                    'session', 'hostid', 'subdomains'],
             'ad': ['id', 'auth', 'access', 'chpass'],
             'local': ['id', 'auth', 'chpass'],
             'ldap': ['id', 'auth', 'access', 'chpass', 'sudo', 'autofs'],
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index e88e32b1a..e6f1bb0a8 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -194,3 +194,24 @@ ipa_selinux_usermap_uuid = str, None, false
 
 [provider/ipa/subdomains]
 ipa_subdomains_search_base = str, None, false
+
+[provider/ipa/sudo]
+ldap_sudo_search_base = str, None, false
+ldap_sudo_full_refresh_interval = int, None, false
+ldap_sudo_smart_refresh_interval = int, None, false
+ldap_sudo_use_host_filter = bool, None, false
+ldap_sudo_hostnames = str, None, false
+ldap_sudo_ip = str, None, false
+ldap_sudo_include_netgroups = bool, None, false
+ldap_sudo_include_regexp = bool, None, false
+ldap_sudorule_object_class = str, None, false
+ldap_sudorule_name = str, None, false
+ldap_sudorule_command = str, None, false
+ldap_sudorule_host = str, None, false
+ldap_sudorule_user = str, None, false
+ldap_sudorule_option = str, None, false
+ldap_sudorule_runasuser = str, None, false
+ldap_sudorule_runasgroup = str, None, false
+ldap_sudorule_notbefore = str, None, false
+ldap_sudorule_notafter = str, None, false
+ldap_sudorule_order = str, None, false
-- 
cgit