From a10ac1d0a7210def232205a48c53a075930e82f6 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Tue, 5 Aug 2014 13:52:48 +0200 Subject: SSSD: Load a user to run a service as from configuration Related: https://fedorahosted.org/sssd/ticket/2370 Adds a option, user to run as, that is specified in the [sssd] section. When this option is specified, SSSD will run as this user and his private group. When these are not specified, SSSD will run as the configure-time user and group (usually root). Currently all services and providers are started as root. There is a temporary svc_supported_as_nonroot() function that returns true for a service if that service runs and was tested as nonroot and false otherwise. Currently this function always returns false, but will be amended in future patches. Reviewed-by: Pavel Reichl Reviewed-by: Simo Sorce --- src/man/sssd.conf.5.xml | 13 +++++++++++++ 1 file changed, 13 insertions(+) (limited to 'src/man/sssd.conf.5.xml') diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index d57341661..d6bc42ca0 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -296,6 +296,19 @@ + + user (string) + + + The user to drop the privileges to where + appropriate to avoid running as the + root user. + + + Default: not set, process will run as root + + + default_domain_suffix (string) -- cgit