diff options
| author | Pavel Reichl <preichl@redhat.com> | 2015-04-16 03:41:58 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-07-06 20:19:09 +0200 |
| commit | 0aa18cc0bf3447ca734476926724f1632e160807 (patch) | |
| tree | 5dd2d0e24e80753849e41fa3e574d1fa1743fa08 /src/man/sssd.conf.5.xml | |
| parent | 32cc237aa0f3c70a4e0bc0491ec0cba0016aaf5a (diff) | |
| download | sssd-0aa18cc0bf3447ca734476926724f1632e160807.tar.gz sssd-0aa18cc0bf3447ca734476926724f1632e160807.tar.xz sssd-0aa18cc0bf3447ca734476926724f1632e160807.zip | |
PAM: authenticate agains cache
Enable authenticating users from cache even when SSSD is in online mode.
Introduce new option `cached_auth_timeout`.
Resolves:
https://fedorahosted.org/sssd/ticket/1807
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/man/sssd.conf.5.xml')
| -rw-r--r-- | src/man/sssd.conf.5.xml | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 75d13a631..7d3a57b0e 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -2176,6 +2176,30 @@ pam_account_expired_message = Account expired, please call help desk. </para> </listitem> </varlistentry> + <varlistentry> + <term>cached_auth_timeout (int)</term> + <listitem> + <para> + Specifies time in seconds since last successful + online authentication for which user will be + authenticated using cached credentials while + SSSD is in the online mode. + </para> + <para> + Special value 0 implies that this feature is + disabled. + </para> + <para> + Please note that if <quote>cached_auth_timeout</quote> + is longer than <quote>pam_id_timeout</quote> then the + back end could be called to handle + <quote>initgroups.</quote> + </para> + <para> + Default: 0 + </para> + </listitem> + </varlistentry> </variablelist> </para> |