diff options
| author | Jan Zeleny <jzeleny@redhat.com> | 2011-11-04 13:16:47 -0400 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-11-29 14:21:08 -0500 |
| commit | 6fb75e297bf7fc83e3db1f5ae8560624656ef319 (patch) | |
| tree | 3c7fe79f6ffb5ab3c5403f71a5a08adbb09d5d3a /src/config | |
| parent | 6d99c0f5616969a999d78248565a47b18d40d472 (diff) | |
| download | sssd-6fb75e297bf7fc83e3db1f5ae8560624656ef319.tar.gz sssd-6fb75e297bf7fc83e3db1f5ae8560624656ef319.tar.bz2 sssd-6fb75e297bf7fc83e3db1f5ae8560624656ef319.zip | |
Add ipa_hbac_support_srchost option to IPA provider
don't fetch all host groups if this option is false
https://fedorahosted.org/sssd/ticket/1078
Diffstat (limited to 'src/config')
| -rw-r--r-- | src/config/SSSDConfig.py | 1 | ||||
| -rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 |
2 files changed, 2 insertions, 0 deletions
diff --git a/src/config/SSSDConfig.py b/src/config/SSSDConfig.py index 6858ce49..d39949f9 100644 --- a/src/config/SSSDConfig.py +++ b/src/config/SSSDConfig.py @@ -102,6 +102,7 @@ option_strings = { 'ipa_hbac_search_base' : _("Search base for HBAC related objects"), 'ipa_hbac_refresh' : _("The amount of time between lookups of the HBAC rules against the IPA server"), 'ipa_hbac_treat_deny_as' : _("If DENY rules are present, either DENY_ALL or IGNORE"), + 'ipa_hbac_support_srchost' : _("If set to false, host argument given by PAM will be ignored"), # [provider/krb5] 'krb5_kdcip' : _('Kerberos server address'), diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index 8688dc8d..bfa364eb 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -112,6 +112,7 @@ krb5_fast_principal = str, None, false [provider/ipa/access] ipa_hbac_refresh = int, None, false ipa_hbac_treat_deny_as = str, None, false +ipa_hbac_support_srchost = bool, None, false [provider/ipa/chpass] |