diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2009-10-22 11:58:06 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-10-22 15:43:01 -0400 |
commit | c2d7b2271eafd27b41736624e4e5da121073279d (patch) | |
tree | 517d165f3f229b4783d5568fd06a1b8a80d089ad /server/responder/pam/pamsrv.c | |
parent | ff75b1a0e342f694589c46d9d59c509ac69be980 (diff) | |
download | sssd-c2d7b2271eafd27b41736624e4e5da121073279d.tar.gz sssd-c2d7b2271eafd27b41736624e4e5da121073279d.tar.bz2 sssd-c2d7b2271eafd27b41736624e4e5da121073279d.zip |
Add support for offline auth cache timeout
This adds a new option (offline_credentials_expiration) to the
[PAM] section of the sssd.conf
If the user does not perform an online authentication within the
timeout (in days), they will be denied auth once the timeout
passes.
Diffstat (limited to 'server/responder/pam/pamsrv.c')
-rw-r--r-- | server/responder/pam/pamsrv.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/server/responder/pam/pamsrv.c b/server/responder/pam/pamsrv.c index 352c0469..626d2c55 100644 --- a/server/responder/pam/pamsrv.c +++ b/server/responder/pam/pamsrv.c @@ -116,6 +116,9 @@ static errno_t pam_get_config(struct pam_ctx *pctx, struct confdb_ctx *cdb) { int ret = EOK; + ret = confdb_get_int(cdb, pctx, CONFDB_PAM_CONF_ENTRY, + CONFDB_PAM_CRED_TIMEOUT, 0, + &pctx->cred_expiration); return ret; } |