From 07b7b76d7cd494cbd26263503ba2732c21819941 Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzeleny@redhat.com>
Date: Tue, 5 Jun 2012 15:07:10 -0400
Subject: Primary server support: new options in krb5 provider

This patch adds support for new config options krb5_backup_server and
krb5_backup_kpasswd. The description of this option's functionality
is included in man page in one of previous patches.
---
 src/config/SSSDConfig/__init__.py.in     | 2 ++
 src/config/SSSDConfigTest.py             | 6 ++++++
 src/config/etc/sssd.api.d/sssd-ad.conf   | 2 ++
 src/config/etc/sssd.api.d/sssd-ipa.conf  | 2 ++
 src/config/etc/sssd.api.d/sssd-krb5.conf | 2 ++
 5 files changed, 14 insertions(+)

(limited to 'src/config')

diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index 48568843..c6ccbff0 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -145,6 +145,7 @@ option_strings = {
     # [provider/krb5]
     'krb5_kdcip' : _('Kerberos server address'),
     'krb5_server' : _('Kerberos server address'),
+    'krb5_backup_server' : _('Kerberos backup server address'),
     'krb5_realm' : _('Kerberos realm'),
     'krb5_auth_timeout' : _('Authentication timeout'),
 
@@ -163,6 +164,7 @@ option_strings = {
 
     # [provider/krb5/chpass]
     'krb5_kpasswd' : _('Server where the change password service is running if not on the KDC'),
+    'krb5_backup_kpasswd' : _('Server where the change password service is running if not on the KDC'),
 
     # [provider/ldap]
     'ldap_uri' : _('ldap_uri, The URI of the LDAP server'),
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index 95cb0099..eefbe786 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -581,8 +581,10 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
         backup_list = control_list[:]
         control_list.extend(
             ['krb5_server',
+             'krb5_backup_server',
              'krb5_realm',
              'krb5_kpasswd',
+             'krb5_backup_kpasswd',
              'krb5_ccachedir',
              'krb5_ccname_template',
              'krb5_keytab',
@@ -736,9 +738,11 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
         options = domain.list_provider_options('krb5', 'auth')
         control_list = [
             'krb5_server',
+            'krb5_backup_server',
             'krb5_kdcip',
             'krb5_realm',
             'krb5_kpasswd',
+            'krb5_backup_kpasswd',
             'krb5_ccachedir',
             'krb5_ccname_template',
             'krb5_keytab',
@@ -915,9 +919,11 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
         backup_list = control_list[:]
         control_list.extend(
             ['krb5_server',
+             'krb5_backup_server',
              'krb5_kdcip',
              'krb5_realm',
              'krb5_kpasswd',
+             'krb5_backup_kpasswd',
              'krb5_ccachedir',
              'krb5_ccname_template',
              'krb5_keytab',
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf
index 6c323399..763ea0d4 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -23,6 +23,7 @@ ldap_sasl_authid = str, None, false
 ldap_sasl_minssf = int, None, false
 krb5_kdcip = str, None, false
 krb5_server = str, None, false
+krb5_backup_server = str, None, false
 krb5_realm = str, None, false
 krb5_auth_timeout = int, None, false
 krb5_canonicalize = bool, None, false
@@ -120,3 +121,4 @@ krb5_fast_principal = str, None, false
 
 [provider/ad/chpass]
 krb5_kpasswd = str, None, false
+krb5_backup_kpasswd = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index fa380a67..cf16ea6e 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -29,9 +29,11 @@ ldap_sasl_authid = str, None, false
 ldap_sasl_minssf = int, None, false
 krb5_kdcip = str, None, false
 krb5_server = str, None, false
+krb5_backup_server = str, None, false
 krb5_realm = str, None, false
 krb5_auth_timeout = int, None, false
 krb5_kpasswd = str, None, false
+krb5_backup_kpasswd = str, None, false
 krb5_canonicalize = bool, None, false
 ldap_krb5_keytab = str, None, false
 ldap_krb5_init_creds = bool, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf
index c52df1a6..3a36f5ef 100644
--- a/src/config/etc/sssd.api.d/sssd-krb5.conf
+++ b/src/config/etc/sssd.api.d/sssd-krb5.conf
@@ -1,9 +1,11 @@
 [provider/krb5]
 krb5_kdcip = str, None, false
 krb5_server = str, None, false
+krb5_backup_server = str, None, false
 krb5_realm = str, None, true
 krb5_auth_timeout = int, None, false
 krb5_kpasswd = str, None, false
+krb5_backup_kpasswd = str, None, false
 
 [provider/krb5/auth]
 krb5_ccachedir = str, None, false
-- 
cgit