diff options
| author | Sumit Bose <sbose@redhat.com> | 2016-10-20 18:40:01 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-11-02 11:30:20 +0100 |
| commit | ce43f710c9638fbbeae077559cd7514370a10c0c (patch) | |
| tree | 05864e3aa032e64c376de3acd48d62085a094c2f /src/config | |
| parent | c8fe1d922b254aa92e74f428135ada3c8bde87a1 (diff) | |
| download | sssd-ce43f710c9638fbbeae077559cd7514370a10c0c.tar.gz sssd-ce43f710c9638fbbeae077559cd7514370a10c0c.tar.xz sssd-ce43f710c9638fbbeae077559cd7514370a10c0c.zip | |
PAM: add pam_response_filter option
Currently the main use-case for this new option is to not set the
KRB5CCNAME environment varible for services like 'sudo-i'.
Resolves https://fedorahosted.org/sssd/ticket/2296
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rw-r--r-- | src/config/cfg_rules.ini | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.conf | 1 |
3 files changed, 3 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index cde196478..381ff9596 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -88,6 +88,7 @@ option_strings = { 'offline_failed_login_attempts' : _('How many failed logins attempts are allowed when offline'), 'offline_failed_login_delay' : _('How long (minutes) to deny login after offline_failed_login_attempts has been reached'), 'pam_verbosity' : _('What kind of messages are displayed to the user during authentication'), + 'pam_response_filter' : _('Filter PAM responses send the pam_sss'), 'pam_id_timeout' : _('How many seconds to keep identity information cached for PAM requests'), 'pam_pwd_expiration_warning' : _('How many days before password expiration a warning should be displayed'), 'pam_trusted_users' : _('List of trusted uids or user\'s name'), diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index b6316be8c..ec716b558 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -99,6 +99,7 @@ option = offline_credentials_expiration option = offline_failed_login_attempts option = offline_failed_login_delay option = pam_verbosity +option = pam_response_filter option = pam_id_timeout option = pam_pwd_expiration_warning option = get_domains_timeout diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 567d52efe..be24bcea0 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -58,6 +58,7 @@ offline_credentials_expiration = int, None, false offline_failed_login_attempts = int, None, false offline_failed_login_delay = int, None, false pam_verbosity = int, None, false +pam_response_filter = str, None, false pam_id_timeout = int, None, false pam_pwd_expiration_warning = int, None, false get_domains_timeout = int, None, false |