diff options
author | Sumit Bose <sbose@redhat.com> | 2010-02-25 17:30:47 +0100 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-03-08 17:03:11 -0500 |
commit | 16ac0d6e148b1e07e579d47de1da7ac541447bd2 (patch) | |
tree | ba8fb7ce106004196fe250d148e6e1dd56bc40c1 /src/man | |
parent | be808d684da855e09741a1dcfec0865e57c46321 (diff) | |
download | sssd-16ac0d6e148b1e07e579d47de1da7ac541447bd2.tar.gz sssd-16ac0d6e148b1e07e579d47de1da7ac541447bd2.tar.xz sssd-16ac0d6e148b1e07e579d47de1da7ac541447bd2.zip |
Add simple access provider
Diffstat (limited to 'src/man')
-rw-r--r-- | src/man/sssd-simple.5.xml | 124 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 7 |
2 files changed, 131 insertions, 0 deletions
diff --git a/src/man/sssd-simple.5.xml b/src/man/sssd-simple.5.xml new file mode 100644 index 000000000..260d15ab8 --- /dev/null +++ b/src/man/sssd-simple.5.xml @@ -0,0 +1,124 @@ +<?xml version="1.0" encoding="UTF-8"?> +<!DOCTYPE reference PUBLIC "-//OASIS//DTD DocBook V4.4//EN" +"http://www.oasis-open.org/docbook/xml/4.4/docbookx.dtd"> +<reference> +<title>SSSD Manual pages</title> +<refentry> + <xi:include xmlns:xi="http://www.w3.org/2001/XInclude" href="include/upstream.xml" /> + + <refmeta> + <refentrytitle>sssd-simple</refentrytitle> + <manvolnum>5</manvolnum> + <refmiscinfo class="manual">File Formats and Conventions</refmiscinfo> + </refmeta> + + <refnamediv id='name'> + <refname>sssd-simple</refname> + <refpurpose>the configuration file for SSSD's 'simple' access-control + provider</refpurpose> + </refnamediv> + + <refsect1 id='description'> + <title>DESCRIPTION</title> + <para> + This manual page describes the configuration of the simple + access-control provider for + <citerefentry> + <refentrytitle>sssd</refentrytitle> + <manvolnum>8</manvolnum> + </citerefentry>. + For a detailed syntax reference, refer to the + <quote>FILE FORMAT</quote> section of the + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> manual page. + </para> + <para> + The simple access provider grants or denies access based on an + access or deny list of user names. Here to following rules apply: + <itemizedlist> + <listitem> + <para>If both lists are empty, access is granted</para> + </listitem> + <listitem> + <para>If simple_allow_users is set, only users from this + list are allowed access.</para> + <para>This setting supersedes the simple_deny_users list + (which would be redundant).</para> + </listitem> + <listitem> + <para>If the simple_allow_users list is empty, users are + allowed access unless they appear in the + simple_deny_users list</para> + </listitem> + </itemizedlist> + </para> + </refsect1> + + <refsect1 id='file-format'> + <title>CONFIGURATION OPTIONS</title> + <para>Refer to the section <quote>DOMAIN SECTIONS</quote> of the + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle> + <manvolnum>5</manvolnum> + </citerefentry> manual page for details on the configuration of an + SSSD domain. + <variablelist> + <varlistentry> + <term>simple_allow_users (string)</term> + <listitem> + <para> + Comma separated list of users who are allowed to log + in. + </para> + </listitem> + </varlistentry> + + <varlistentry> + <term>simple_deny_users (string)</term> + <listitem> + <para> + Comma separated list of users who are rejected if + simple_allow_users is not set. + </para> + </listitem> + </varlistentry> + </variablelist> + </para> + <para> + Please note that it is an configuration error if both, + simple_allow_users and simple_deny_users, are defined. + </para> + </refsect1> + + <refsect1 id='example'> + <title>EXAMPLE</title> + <para> + The following example assumes that SSSD is correctly + configured and example.com is one of the domains in the + <replaceable>[sssd]</replaceable> section. This examples shows only + the simple access provider-specific options. + </para> + <para> +<programlisting> + [domain/example.com] + access_provider = simple + simple_allow_users = user1, user2 +</programlisting> + </para> + </refsect1> + + <refsect1 id='see_also'> + <title>SEE ALSO</title> + <para> + <citerefentry> + <refentrytitle>sssd.conf</refentrytitle><manvolnum>5</manvolnum> + </citerefentry>, + <citerefentry> + <refentrytitle>sssd</refentrytitle><manvolnum>8</manvolnum> + </citerefentry> + </para> + </refsect1> +</refentry> +</reference> diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 6303fcbc9..daf61afc4 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -565,6 +565,13 @@ <quote>deny</quote> always deny access. </para> <para> + <quote>simple</quote> access control based on access + or deny lists. See <citerefentry> + <refentrytitle>sssd-simple</refentrytitle> + <manvolnum>5</manvolnum></citerefentry> for more + information on configuring the simple access module. + </para> + <para> Default: <quote>permit</quote> </para> </listitem> |