diff options
author | Pavel Reichl <preichl@redhat.com> | 2014-09-25 14:52:31 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-09-29 18:27:07 +0200 |
commit | 830ded27453015080a54d6ba85fd4999ee7e9af1 (patch) | |
tree | 2dcdecd4d211c25e7e1dd909e062e534348227db /src/responder/pam/pamsrv.h | |
parent | cb7644495e76ffa3e19ba10efb4a0f5f3817ba33 (diff) | |
download | sssd-830ded27453015080a54d6ba85fd4999ee7e9af1.tar.gz sssd-830ded27453015080a54d6ba85fd4999ee7e9af1.tar.xz sssd-830ded27453015080a54d6ba85fd4999ee7e9af1.zip |
PAM: new options pam_trusted_users & pam_public_domains
pam_public_domains option is a list of numerical UIDs or user names
that are trusted.
pam_public_domains option is a list of domains accessible even for
untrusted users.
Based on:
https://fedorahosted.org/sssd/wiki/DesignDocs/RestrictDomainsInPAM
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/responder/pam/pamsrv.h')
-rw-r--r-- | src/responder/pam/pamsrv.h | 7 |
1 files changed, 7 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv.h b/src/responder/pam/pamsrv.h index 1e37a77a1..f92e7f7db 100644 --- a/src/responder/pam/pamsrv.h +++ b/src/responder/pam/pamsrv.h @@ -37,6 +37,13 @@ struct pam_ctx { int neg_timeout; time_t id_timeout; hash_table_t *id_table; + size_t trusted_uids_count; + uid_t *trusted_uids; + bool is_uid_trusted; + + /* List of domains that are accessible even for untrusted users. */ + char **public_domains; + int public_domains_count; }; struct pam_auth_dp_req { |