diff options
| -rw-r--r-- | src/man/sssd-ad.5.xml | 5 | ||||
| -rw-r--r-- | src/providers/ad/ad_gpo.c | 4 |
2 files changed, 8 insertions, 1 deletions
diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 7997b780..c9bb653a 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -579,6 +579,11 @@ ad_gpo_map_permit = +my_pam_service, -sudo sudo-i </para> </listitem> + <listitem> + <para> + systemd-user + </para> + </listitem> </itemizedlist> </para> </listitem> diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c index 1ab40af0..a9879b41 100644 --- a/src/providers/ad/ad_gpo.c +++ b/src/providers/ad/ad_gpo.c @@ -187,6 +187,7 @@ int ad_gpo_process_cse_recv(struct tevent_req *req); #define GPO_CROND "crond" #define GPO_SUDO "sudo" #define GPO_SUDO_I "sudo-i" +#define GPO_SYSTEMD_USER "systemd-user" struct gpo_map_option_entry { enum gpo_map_type gpo_map_type; @@ -203,7 +204,8 @@ const char *gpo_map_remote_interactive_defaults[] = {GPO_SSHD, NULL}; const char *gpo_map_network_defaults[] = {GPO_FTP, GPO_SAMBA, NULL}; const char *gpo_map_batch_defaults[] = {GPO_CROND, NULL}; const char *gpo_map_service_defaults[] = {NULL}; -const char *gpo_map_permit_defaults[] = {GPO_SUDO, GPO_SUDO_I, NULL}; +const char *gpo_map_permit_defaults[] = {GPO_SUDO, GPO_SUDO_I, + GPO_SYSTEMD_USER, NULL}; const char *gpo_map_deny_defaults[] = {NULL}; struct gpo_map_option_entry gpo_map_option_entries[] = { |