From 7c30e60c525ea798aaab142766ff00eef4b5df3b Mon Sep 17 00:00:00 2001 From: Pavel Březina Date: Mon, 14 Jul 2014 14:23:50 +0200 Subject: sudo: fetch sudoRunAs attribute This attribute was used in pre 1.7 versions of sudo and it is now deprecated by sudoRunAsUser and sudoRunAsGroup. However, some users still use this attribute so we need to support it to ensure backward compatibility. This patch makes sure that this attribute is downloaded if present and provided to sudo. Sudo than decides how to handle it. The new mapping option is not present in a man page since this attribute is deprecated in sudo for a very long time. Resolves: https://fedorahosted.org/sssd/ticket/2212 Reviewed-by: Jakub Hrozek --- src/providers/ldap/ldap_opts.h | 1 + 1 file changed, 1 insertion(+) (limited to 'src/providers/ldap') diff --git a/src/providers/ldap/ldap_opts.h b/src/providers/ldap/ldap_opts.h index adf200caa..39c247332 100644 --- a/src/providers/ldap/ldap_opts.h +++ b/src/providers/ldap/ldap_opts.h @@ -321,6 +321,7 @@ struct sdap_attr_map native_sudorule_map[] = { { "ldap_sudorule_host", "sudoHost", SYSDB_SUDO_CACHE_AT_HOST, NULL }, { "ldap_sudorule_user", "sudoUser", SYSDB_SUDO_CACHE_AT_USER, NULL }, { "ldap_sudorule_option", "sudoOption", SYSDB_SUDO_CACHE_AT_OPTION, NULL }, + { "ldap_sudorule_runas", "sudoRunAs", SYSDB_SUDO_CACHE_AT_RUNAS, NULL }, { "ldap_sudorule_runasuser", "sudoRunAsUser", SYSDB_SUDO_CACHE_AT_RUNASUSER, NULL }, { "ldap_sudorule_runasgroup", "sudoRunAsGroup", SYSDB_SUDO_CACHE_AT_RUNASGROUP, NULL }, { "ldap_sudorule_notbefore", "sudoNotBefore", SYSDB_SUDO_CACHE_AT_NOTBEFORE, NULL }, -- cgit