diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2017-02-21 16:34:45 +0100 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-02-27 19:14:15 +0100 |
| commit | 78bb3676fe8326e0fe2b60daad8bf524e4625d4e (patch) | |
| tree | 180f873e99228f72b5cfdfbb58cf7b5e1ab240ee /src/config | |
| parent | eed5bc53a0c823276523d32e76bc1c264db3837e (diff) | |
| download | sssd-78bb3676fe8326e0fe2b60daad8bf524e4625d4e.tar.gz sssd-78bb3676fe8326e0fe2b60daad8bf524e4625d4e.tar.xz sssd-78bb3676fe8326e0fe2b60daad8bf524e4625d4e.zip | |
MONITOR: Enable an implicit files domain if one is not configured
If SSSD is compiled with --enable-files-domain, the loading of the
domains changes such that:
* if no domain with id_provider=files exists in the config file, an
implicit SSSD files domain is added
* this domain is always first in the list
The administrator is free to create a files domain in the config file
himself and either place it at the end of the list or not enable it at
all.
Resolves:
https://pagure.io/SSSD/sssd/issue/3112
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
| -rwxr-xr-x | src/config/SSSDConfigTest.py | 3 | ||||
| -rw-r--r-- | src/config/cfg_rules.ini | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.conf | 1 |
4 files changed, 5 insertions, 1 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index 8c23fd271..44fb777ec 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -64,6 +64,7 @@ option_strings = { 'certificate_verification' : _('Tune certificate verification'), 'override_space': _('All spaces in group or user names will be replaced with this character'), 'disable_netlink' : _('Tune sssd to honor or ignore netlink state changes'), + 'enable_files_domain' : _('Enable or disable the implicit files domain'), # [nss] 'enum_cache_timeout' : _('Enumeration cache timeout length (seconds)'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 0da5d63a1..8cb03adcb 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -312,7 +312,8 @@ class SSSDConfigTestSSSDService(unittest.TestCase): 'description', 'certificate_verification', 'override_space', - 'disable_netlink'] + 'disable_netlink', + 'enable_files_domain'] self.assertTrue(type(options) == dict, "Options should be a dictionary") diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index 51981c3d0..dd0f04b1a 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -41,6 +41,7 @@ option = certificate_verification option = override_space option = config_file_version option = disable_netlink +option = enable_files_domain [rule/allowed_nss_options] validator = ini_allowed_options diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 56540066f..7d21d6b70 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -30,6 +30,7 @@ default_domain_suffix = str, None, false certificate_verification = str, None, false override_space = str, None, false disable_netlink = bool, None, false +enable_files_domain = str, None, false [nss] # Name service |