diff options
author | Fabiano Fidêncio <fidencio@redhat.com> | 2016-11-02 00:15:16 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-08-28 20:41:04 +0200 |
commit | f982039c75ec064894deb676ae53ee57de868590 (patch) | |
tree | 65f7f24feae6cd2cdbe9813345e855ac1bda0d17 /src/config | |
parent | 6f466e0a3d950d21bd750ef53cb93b75dc023f9e (diff) | |
download | sssd-f982039c75ec064894deb676ae53ee57de868590.tar.gz sssd-f982039c75ec064894deb676ae53ee57de868590.tar.xz sssd-f982039c75ec064894deb676ae53ee57de868590.zip |
DESKPROFILE: Introduce the new IPA session provider
In order to provide FleetCommander[0] integration, a session provider
has been introduced for IPA. The design of this feature and more
technical details can be found at [1] and [2], which are the design
pages of both freeIPA and SSSD parts.
As there's no way to test freeIPA integration with our upstream tests,
no test has been provided yet.
Is also worth to mention that the name "deskprofile" has been chosen
instead of "fleetcmd" in order to match with the freeIPA plugin. It
means that, for consistence, all source files, directories created,
options added, functions prefixes and so on are following the choice
accordingly.
[0]: https://wiki.gnome.org/Projects/FleetCommander
[1]: https://github.com/abbra/freeipa-desktop-profile/blob/master/plugin/Feature.mediawiki
[2]: https://docs.pagure.org/SSSD.sssd/design_pages/fleet_commander_integration.html
Resolves:
https://pagure.io/SSSD/sssd/issue/2995
Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/config')
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 3 | ||||
-rw-r--r-- | src/config/SSSDConfig/sssd_upgrade_config.py | 1 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 3 | ||||
-rw-r--r-- | src/config/cfg_rules.ini | 3 | ||||
-rw-r--r-- | src/config/etc/sssd.api.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 2 |
6 files changed, 13 insertions, 0 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index de757521c..2a19b60a9 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -154,6 +154,7 @@ option_strings = { 'autofs_provider' : _('Autofs provider'), 'hostid_provider' : _('Host identity provider'), 'selinux_provider' : _('SELinux provider'), + 'session_provider' : _('Session management provider'), # [domain] 'domain_type' : _('Whether the domain is usable by the OS or by applications'), @@ -217,6 +218,8 @@ option_strings = { 'ipa_anchor_uuid': _("Attribute with the reference to the original object"), 'ipa_user_override_object_class': _("Objectclass for user override objects"), 'ipa_group_override_object_class': _("Objectclass for group override objects"), + 'ipa_deskprofile_search_base': _("Search base for Desktop Profile related objects"), + 'ipa_deskprofile_refresh': _("The amount of time in seconds between lookups of the Desktop Profile rules against the IPA server"), # [provider/ad] 'ad_domain' : _('Active Directory domain'), diff --git a/src/config/SSSDConfig/sssd_upgrade_config.py b/src/config/SSSDConfig/sssd_upgrade_config.py index 767d06ddc..d2d94b21e 100644 --- a/src/config/SSSDConfig/sssd_upgrade_config.py +++ b/src/config/SSSDConfig/sssd_upgrade_config.py @@ -148,6 +148,7 @@ class SSSDConfigFile(SSSDChangeConf): 'auth_provider' : 'auth-module', 'access_provider' : 'access-module', 'chpass_provider' : 'chpass-module', + 'session_provider' : 'session-module', 'use_fully_qualified_names' : 'useFullyQualifiedNames', 'store_legacy_passwords' : 'store-legacy-passwords', } diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 5f3ff3958..d0e97f02b 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -616,6 +616,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'hostid_provider', 'subdomains_provider', 'selinux_provider', + 'session_provider', 'realmd_tags', 'subdomain_refresh_interval', 'subdomain_inherit', @@ -986,6 +987,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'hostid_provider', 'subdomains_provider', 'selinux_provider', + 'session_provider', 'realmd_tags', 'subdomain_refresh_interval', 'subdomain_inherit', @@ -1381,6 +1383,7 @@ class SSSDConfigTestSSSDConfig(unittest.TestCase): 'id_provider', 'auth_provider', 'access_provider', + 'session_provider', 'default_shell', 'fallback_homedir', 'cache_credentials', diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index cba59d2c3..3ebd39e93 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -330,6 +330,7 @@ option = autofs_provider option = hostid_provider option = subdomains_provider option = selinux_provider +option = session_provider # Options available to all domains option = domain_type @@ -438,6 +439,8 @@ option = ad_site option = ipa_anchor_uuid option = ipa_automount_location option = ipa_backup_server +option = ipa_deskprofile_refresh +option = ipa_deskprofile_search_base option = ipa_domain option = ipa_dyndns_iface option = ipa_dyndns_ttl diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 0d11771ae..9eb6aeb83 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -139,6 +139,7 @@ autofs_provider = str, None, false hostid_provider = str, None, false subdomains_provider = str, None, false selinux_provider = str, None, false +session_provider = str, None, false [domain] # Options available to all domains diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index f36b568c3..8178b123e 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -3,6 +3,7 @@ ipa_domain = str, None, false ipa_server = str, None, false ipa_backup_server = str, None, false ipa_hostname = str, None, false +ipa_deskprofile_search_base = str, None, false ipa_dyndns_update = bool, None, false ipa_dyndns_ttl = int, None, false ipa_dyndns_iface = str, None, false @@ -193,6 +194,7 @@ ldap_autofs_search_base = str, None, false [provider/ipa/chpass] [provider/ipa/session] +ipa_deskprofile_refresh = int, None, false ipa_host_object_class = str, None, false ipa_host_name = str, None, false ipa_host_fqdn = str, None, false |