diff options
author | Fabiano Fidêncio <fidencio@redhat.com> | 2016-10-17 17:07:56 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-11-10 22:20:16 +0100 |
commit | da8801c363716533f60bc78e10f3a2100cebc3a1 (patch) | |
tree | 01f946707c442b2b8c5c85eabe7d82999ed67fb6 /src/config/cfg_rules.ini | |
parent | ea11ed3ea6291488dd762033246edc4ce3951aeb (diff) | |
download | sssd-da8801c363716533f60bc78e10f3a2100cebc3a1.tar.gz sssd-da8801c363716533f60bc78e10f3a2100cebc3a1.tar.xz sssd-da8801c363716533f60bc78e10f3a2100cebc3a1.zip |
SECRETS: Fix secrets rule in the allowed sections
We have been matching an invalid subsection of the secrets' section,
like:
[secrets/users/]
Let's ensure that we only match the following cases:
[secrets]
[secrets/users/[0-9]+]
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/config/cfg_rules.ini')
-rw-r--r-- | src/config/cfg_rules.ini | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index ec716b558..24937c969 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -8,7 +8,7 @@ section = autofs section = ssh section = pac section = ifp -section_re = ^secrets\(/users/\([0-9]\+\)\?\)\?$ +section_re = ^secrets\(/users/[0-9]\+\)\?$ section_re = ^domain/.*$ [rule/allowed_sssd_options] @@ -213,7 +213,7 @@ option = user_attributes [rule/allowed_sec_options] validator = ini_allowed_options -section_re = ^secrets\(/users/\([0-9]\+\)\?\)\?$ +section_re = ^secrets\(/users/[0-9]\+\)\?$ option = timeout option = debug |