diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2011-11-04 13:16:47 -0400 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-08-21 12:12:35 +0200 |
commit | 49c06899c6b8e06fa0c371dbd8a16ead32c651d9 (patch) | |
tree | 535b5ee29705c3d943e54609498aaedd5bf815b5 /src/config | |
parent | ee0a1b3f94846fb19fbe3b72304d7ea2c989669c (diff) | |
download | sssd_unused-49c06899c6b8e06fa0c371dbd8a16ead32c651d9.tar.gz sssd_unused-49c06899c6b8e06fa0c371dbd8a16ead32c651d9.tar.xz sssd_unused-49c06899c6b8e06fa0c371dbd8a16ead32c651d9.zip |
Add ipa_hbac_support_srchost option to IPA provider
don't fetch all host groups if this option is false
https://fedorahosted.org/sssd/ticket/1078
Diffstat (limited to 'src/config')
-rw-r--r-- | src/config/SSSDConfig.py | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index a20ac972..2f71c7ee 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -103,6 +103,7 @@ option_strings = { 'ipa_hbac_search_base' : _("Search base for HBAC related objects"), 'ipa_hbac_refresh' : _("The amount of time between lookups of the HBAC rules against the IPA server"), 'ipa_hbac_treat_deny_as' : _("If DENY rules are present, either DENY_ALL or IGNORE"), + 'ipa_hbac_support_srchost' : _("If set to false, host argument given by PAM will be ignored"), # [provider/krb5] 'krb5_kdcip' : _('Kerberos server address'), diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index d7992b60..1a19300a 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -102,6 +102,7 @@ krb5_use_fast = str, None, false [provider/ipa/access] ipa_hbac_refresh = int, None, false ipa_hbac_treat_deny_as = str, None, false +ipa_hbac_support_srchost = bool, None, false [provider/ipa/chpass] |