From 4182b3a1f9f6e1823db9832533c6c9e51d13da8e Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Sun, 29 Jan 2012 22:11:45 +0100 Subject: Include sudo manual pages only conditionally --- src/man/Makefile.am | 13 +++++++++++-- src/man/sssd-ldap.5.xml | 31 +++++++++++++++++++++++++------ src/man/sssd.conf.5.xml | 11 ++++++++--- 3 files changed, 44 insertions(+), 11 deletions(-) (limited to 'src/man') diff --git a/src/man/Makefile.am b/src/man/Makefile.am index 09af8985..36c3921d 100644 --- a/src/man/Makefile.am +++ b/src/man/Makefile.am @@ -5,11 +5,20 @@ top_builddir = ../.. # MANPAGES # ############ + +# If no conditions are given, *all* conditionals are expanded. We don't +# to include any conditions by default, so we need to pass a phony conditional +CONDS=with_false +if BUILD_SUDO +# conditionals are delimeted with a semicolon +CONDS+=;with_sudo +endif + #Special Rules: export SGML_CATALOG_FILES -DOCBOOK_XSLT = http://docbook.sourceforge.net/release/xsl/current/manpages/docbook.xsl +DOCBOOK_XSLT = http://docbook.sourceforge.net/release/xsl/current/manpages/profile-docbook.xsl XMLLINT_FLAGS = --catalogs --postvalid --nonet --xinclude --noout -XSLTPROC_FLAGS = --catalogs --xinclude --nonet +XSLTPROC_FLAGS = --stringparam profile.condition "$(CONDS)" --catalogs --xinclude --nonet man_MANS = \ sss_useradd.8 sss_userdel.8 sss_usermod.8 \ diff --git a/src/man/sssd-ldap.5.xml b/src/man/sssd-ldap.5.xml index 5afa9ad7..3228e624 100644 --- a/src/man/sssd-ldap.5.xml +++ b/src/man/sssd-ldap.5.xml @@ -1553,7 +1553,15 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com + + + + + SUDO OPTIONS + + + ldap_sudorule_object_class (string) @@ -1597,7 +1605,8 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com The LDAP attribute that corresponds to the - host name. + host name (or host IP address, host IP network, + or host netgroup) Default: sudoHost @@ -1610,7 +1619,7 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com The LDAP attribute that corresponds to the - user name. + user name (or UID, group name or user's netgroup) Default: sudoUser @@ -1648,8 +1657,8 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com ldap_sudorule_runasgroup (string) - The LDAP attribute that corresponds to the - group name that commands may be run as. + The LDAP attribute that corresponds to the group + name or group GID that commands may be run as. Default: sudoRunAsGroup @@ -1722,9 +1731,16 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com - + + This manual page only describes attribute name mapping. + For detailed explanation of sudo related attribute sematics, + see + + sudoers.ldap5 + + @@ -1835,7 +1851,7 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com - + ldap_sudo_search_base (string) @@ -1851,6 +1867,9 @@ ldap_access_filter = memberOf=cn=allowedusers,ou=Groups,dc=example,dc=com Default: the value of ldap_search_base + + + diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 93f82303..fee40a6a 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -85,7 +85,8 @@ started when sssd itself starts. - Supported services: nss, pam, sudo + Supported services: nss, pam + , sudo @@ -866,9 +867,13 @@ - + + sudo_provider (string) + + + The SUDO provider used for the domain. Supported SUDO providers are: @@ -884,7 +889,7 @@ none disables SUDO explicitly. - Default: id_provider is used if it + Default: The value of id_provider is used if it is set. -- cgit