diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-09 10:14:04 -0500 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-12-13 07:30:24 -0500 |
commit | 1b474ef7011f4bf9ce4aac85dbc9827a9486d5eb (patch) | |
tree | 6e1e86dfbddffac5a89201f26dd4be9ed92eaab1 /src/config/etc | |
parent | 583a018d792c7a28762ecfba74ef1adc48724f22 (diff) | |
download | sssd-1b474ef7011f4bf9ce4aac85dbc9827a9486d5eb.tar.gz sssd-1b474ef7011f4bf9ce4aac85dbc9827a9486d5eb.tar.bz2 sssd-1b474ef7011f4bf9ce4aac85dbc9827a9486d5eb.zip |
Add group support to the simple access provider
This patch adds simple_allow_groups and simple_deny_groups options
to the simple access provider. It makes it possible to grant or
deny access based on a user's group memberships within the domain.
This patch makes one minor change to previous functionality: now
all deny rules will supersede allow rules. Previously, if both
simple_allow_users and simple_deny_users were set with the same
value, the allow would win.
https://fedorahosted.org/sssd/ticket/440
Diffstat (limited to 'src/config/etc')
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-simple.conf | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/config/etc/sssd.api.d/sssd-simple.conf b/src/config/etc/sssd.api.d/sssd-simple.conf index 13fbeb9e..e14ea45d 100644 --- a/src/config/etc/sssd.api.d/sssd-simple.conf +++ b/src/config/etc/sssd.api.d/sssd-simple.conf @@ -3,3 +3,5 @@ [provider/simple/access] simple_allow_users = str, None, false simple_deny_users = str, None, false +simple_allow_groups = str, None, false +simple_deny_groups = str, None, false |