From 59744cff6edb106ae799b2321cb8731edadf409a Mon Sep 17 00:00:00 2001 From: Stephen Gallagher Date: Tue, 19 Apr 2016 11:58:35 -0400 Subject: CONFIG: Use default config when none provided This patch makes SSSD possibly useful "out of the box" by allowing packagers to provide a default config file located in $LIBDIR/sssd/conf that will be copied by the monitor to /etc/sssd if no file already exists in that location. This will make it possible to have SSSD set up to have distribution-specific default configuration, such as enabling the proxy provider to cache /etc/passwd (such as in the provided example in this patch). Reviewed-by: Jakub Hrozek --- src/examples/sssd-shadowutils | 6 ++++++ src/examples/sssd.conf | 17 +++++++++++++++++ 2 files changed, 23 insertions(+) create mode 100644 src/examples/sssd-shadowutils create mode 100644 src/examples/sssd.conf (limited to 'src/examples') diff --git a/src/examples/sssd-shadowutils b/src/examples/sssd-shadowutils new file mode 100644 index 000000000..626c7d075 --- /dev/null +++ b/src/examples/sssd-shadowutils @@ -0,0 +1,6 @@ +#%PAM-1.0 +auth [success=done ignore=ignore default=die] pam_unix.so nullok try_first_pass +auth required pam_deny.so + +account required pam_unix.so +account required pam_permit.so diff --git a/src/examples/sssd.conf b/src/examples/sssd.conf new file mode 100644 index 000000000..a851dbb7e --- /dev/null +++ b/src/examples/sssd.conf @@ -0,0 +1,17 @@ +[sssd] +config_file_version = 2 +services = nss, pam +domains = shadowutils + +[nss] + +[pam] + +[domain/shadowutils] +id_provider = proxy +proxy_lib_name = files + +auth_provider = proxy +proxy_pam_target = sssd-shadowutils + +proxy_fast_alias = True -- cgit