diff options
| author | Fabiano FidĂȘncio <fidencio@redhat.com> | 2016-09-25 21:52:10 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-10-03 15:32:23 +0200 |
| commit | 47aea8d2fc19fedb0a774f2e72c02ac2c87d1723 (patch) | |
| tree | b0f785184233672bd89845366c6b71165e2cf080 /src/config | |
| parent | ba96228853da4981cc5c12904c52cd7242417d6d (diff) | |
| download | sssd-47aea8d2fc19fedb0a774f2e72c02ac2c87d1723.tar.gz sssd-47aea8d2fc19fedb0a774f2e72c02ac2c87d1723.tar.xz sssd-47aea8d2fc19fedb0a774f2e72c02ac2c87d1723.zip | |
CONFIG: Add secrets provider options
Related:
https://fedorahosted.org/sssd/ticket/3207
Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 11 | ||||
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 6 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.conf | 12 |
3 files changed, 27 insertions, 2 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index e616ce3dc..15b9cd195 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -118,6 +118,17 @@ option_strings = { 'allowed_uids': _('List of UIDs or user names allowed to access the InfoPipe responder'), 'user_attributes': _('List of user attributes the InfoPipe is allowed to publish'), + # [secrets] + 'provider': _('The provider where the secrets will be stored in'), + # secrets - proxy + 'proxy_url': _('The URL Custodia server is listening on'), + 'auth_type': _('The method to use when authenticating to a Custodia server'), + 'auth_header_name': _('The name of the headers that will be added into a HTTP request with the value defined in auth_header_value'), + 'auth_header_value': _('The value sssd-secrets would use for auth_header_name'), + 'forward_headers': _('The list of the headers to forward to the Custodia server together with the request'), + 'username': _('The username to use when authenticating to a Custodia server using basic_auth'), + 'password': _('The password to use when authenticating to a Custodia server using basic_auth'), + # [provider] 'id_provider' : _('Identity provider'), 'auth_provider' : _('Authentication provider'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 006a03447..4850073fa 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -1352,7 +1352,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'autofs', 'ssh', 'pac', - 'ifp'] + 'ifp', + 'secrets'] for section in control_list: self.assertTrue(sssdconfig.has_section(section), "Section [%s] missing" % @@ -1445,7 +1446,8 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'autofs', 'ssh', 'pac', - 'ifp'] + 'ifp', + 'secrets'] service_list = sssdconfig.list_services() for service in control_list: self.assertTrue(service in service_list, diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 9e4bf2f6e..f94c8d17f 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -94,6 +94,18 @@ pac_lifetime = int, None, false allowed_uids = str, None, false user_attributes = str, None, false +[secrets] +# Secrets service +provider = str, None, false +# Secrets service - proxy +proxy_url = str, None, false +auth_type = str, None, false +auth_header_name = str, None, false +auth_header_value = str, None, false +forward_headers = list, None, false +username = str, None, false +password = str, None, false + [provider] #Available provider types id_provider = str, None, true |