diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2017-06-01 10:04:21 +0200 |
---|---|---|
committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-09-06 08:04:44 +0200 |
commit | e8bad995fb1219df2a4fef8f55c80284c6ab36d3 (patch) | |
tree | 40158cdc241bec22ef6048f6a9eab9c8ff8e427f /src/man/sssd-secrets.5.xml | |
parent | 3bcf6b17a1bd8fbef99e1f8bfc33f4312b40e48b (diff) | |
download | sssd-e8bad995fb1219df2a4fef8f55c80284c6ab36d3.tar.gz sssd-e8bad995fb1219df2a4fef8f55c80284c6ab36d3.tar.xz sssd-e8bad995fb1219df2a4fef8f55c80284c6ab36d3.zip |
MAN: Document that the secrets provider can only be specified in a per-client section
Resolves:
https://pagure.io/SSSD/sssd/issue/3417
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com>
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
Diffstat (limited to 'src/man/sssd-secrets.5.xml')
-rw-r--r-- | src/man/sssd-secrets.5.xml | 27 |
1 files changed, 19 insertions, 8 deletions
diff --git a/src/man/sssd-secrets.5.xml b/src/man/sssd-secrets.5.xml index d43dcf21c..08ab371c6 100644 --- a/src/man/sssd-secrets.5.xml +++ b/src/man/sssd-secrets.5.xml @@ -128,19 +128,30 @@ systemctl enable sssd-secrets.service </citerefentry> manual page for a complete list. In addition, there are some secrets-specific options as well. </para> + <para> + The secrets responder is configured with a global + <quote>[secrets]</quote> section and an optional per-user + <quote>[secrets/users/$uid]</quote> section in + <filename>sssd.conf</filename>. Please note that some options, + notably as the provider type, can only be specified in the per-user + subsections. + </para> <variablelist> <varlistentry> <term>provider (string)</term> <listitem> <para> - This option specifies where should the secrets - be stored. The secrets responder can configure a - per-user subsections that define which provider store - the secrets for this particular user. The per-user - subsections should contain all options for that user's - provider. If a per-user section does not exist, the - global settings from the secret responder's section - are used. The following providers are supported: + This option specifies where should the secrets be + stored. The secrets responder can configure a per-user + subsections (e.g. <quote>[secrets/users/123]</quote> + - see bottom of this manual page for a full example + using Custodia for a particular user) that define + which provider store the secrets for this particular + user. The per-user subsections should contain all + options for that user's provider. Please note that + currently the global provider is always local, the + proxy provider can only be specified in a per-user + section. The following providers are supported: <variablelist> <varlistentry> <term>local</term> |