diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-26 18:28:41 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-03-30 14:09:52 +0200 |
commit | 3e789aa0bd6b7bb6e62f91458b76753498030fb5 (patch) | |
tree | d8c01ead785cc60ac9360cc8a49d91147acaa5ef /src/config/cfg_rules.ini | |
parent | 57eeec5d735c7a3bbe58299fded97414626d85f1 (diff) | |
download | sssd-3e789aa0bd6b7bb6e62f91458b76753498030fb5.tar.gz sssd-3e789aa0bd6b7bb6e62f91458b76753498030fb5.tar.xz sssd-3e789aa0bd6b7bb6e62f91458b76753498030fb5.zip |
PAM: Add application services
Related to:
https://pagure.io/SSSD/sssd/issue/3310
Adds a new PAM responder option 'pam_app_services'. This option can hold
a list of PAM services that are allowed to contact the application
non-POSIX domains. These services are NOT allowed to contact any of the
POSIX domains.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Diffstat (limited to 'src/config/cfg_rules.ini')
-rw-r--r-- | src/config/cfg_rules.ini | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index 8fd2d2c52..1a749db75 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -119,6 +119,7 @@ option = pam_account_locked_message option = pam_cert_auth option = pam_cert_db_path option = p11_child_timeout +option = pam_app_services [rule/allowed_sudo_options] validator = ini_allowed_options |