summaryrefslogtreecommitdiff
path: root/src/config
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-06-07 11:28:35 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-06-10 21:03:01 +0200
commit14452cd066b51e32ca0ebad6c45ae909a1debe57 (patch)
tree5c89a40d71008b0b2853b831d937a995e4a424ef /src/config
parent7b5e7e539ae9312ab55d75aa94feaad549b2a708 (diff)
downloadsssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.gz
sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.bz2
sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.zip
A new option krb5_use_kdcinfo
https://fedorahosted.org/sssd/ticket/1883 The patch introduces a new Kerberos provider option called krb5_use_kdcinfo. The option is true by default in all providers. When set to false, the SSSD will not create krb5 info files that the locator plugin consumes and the user would have to set up the Kerberos options manually in krb5.conf
Diffstat (limited to 'src/config')
-rw-r--r--src/config/SSSDConfig/__init__.py.in1
-rwxr-xr-xsrc/config/SSSDConfigTest.py9
-rw-r--r--src/config/etc/sssd.api.d/sssd-ad.conf1
-rw-r--r--src/config/etc/sssd.api.d/sssd-ipa.conf1
-rw-r--r--src/config/etc/sssd.api.d/sssd-krb5.conf1
-rw-r--r--src/config/etc/sssd.api.d/sssd-ldap.conf1
6 files changed, 11 insertions, 3 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index b6e722fc..4d7629e1 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -165,6 +165,7 @@ option_strings = {
'krb5_backup_server' : _('Kerberos backup server address'),
'krb5_realm' : _('Kerberos realm'),
'krb5_auth_timeout' : _('Authentication timeout'),
+ 'krb5_use_kdcinfo' : _('Whether to create kdcinfo files'),
# [provider/krb5/auth]
'krb5_ccachedir' : _('Directory to store credential caches'),
diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py
index f44fac72..ca344ad4 100755
--- a/src/config/SSSDConfigTest.py
+++ b/src/config/SSSDConfigTest.py
@@ -614,7 +614,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
- 'krb5_use_enterprise_principal'])
+ 'krb5_use_enterprise_principal',
+ 'krb5_use_kdcinfo'])
options = domain.list_options()
@@ -773,7 +774,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
- 'krb5_use_enterprise_principal']
+ 'krb5_use_enterprise_principal',
+ 'krb5_use_kdcinfo']
self.assertTrue(type(options) == dict,
"Options should be a dictionary")
@@ -967,7 +969,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase):
'krb5_use_fast',
'krb5_fast_principal',
'krb5_canonicalize',
- 'krb5_use_enterprise_principal'])
+ 'krb5_use_enterprise_principal',
+ 'krb5_use_kdcinfo'])
options = domain.list_options()
diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf
index 3be25e8d..120c8275 100644
--- a/src/config/etc/sssd.api.d/sssd-ad.conf
+++ b/src/config/etc/sssd.api.d/sssd-ad.conf
@@ -29,6 +29,7 @@ krb5_backup_server = str, None, false
krb5_realm = str, None, false
krb5_auth_timeout = int, None, false
krb5_canonicalize = bool, None, false
+krb5_use_kdcinfo = bool, None, false
ldap_krb5_keytab = str, None, false
ldap_krb5_init_creds = bool, None, false
ldap_entry_usn = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf
index e6f1bb0a..8a7e75f2 100644
--- a/src/config/etc/sssd.api.d/sssd-ipa.conf
+++ b/src/config/etc/sssd.api.d/sssd-ipa.conf
@@ -35,6 +35,7 @@ krb5_server = str, None, false
krb5_backup_server = str, None, false
krb5_realm = str, None, false
krb5_auth_timeout = int, None, false
+krb5_use_kdcinfo = bool, None, false
krb5_kpasswd = str, None, false
krb5_backup_kpasswd = str, None, false
krb5_canonicalize = bool, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf
index 89d16d77..e65ed01b 100644
--- a/src/config/etc/sssd.api.d/sssd-krb5.conf
+++ b/src/config/etc/sssd.api.d/sssd-krb5.conf
@@ -4,6 +4,7 @@ krb5_server = str, None, false
krb5_backup_server = str, None, false
krb5_realm = str, None, true
krb5_auth_timeout = int, None, false
+krb5_use_kdcinfo = bool, None, false
krb5_kpasswd = str, None, false
krb5_backup_kpasswd = str, None, false
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 14e979da..870cf20f 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -21,6 +21,7 @@ krb5_kdcip = str, None, false
krb5_server = str, None, false
krb5_realm = str, None, false
krb5_canonicalize = bool, None, false
+krb5_use_kdcinfo = bool, None, false
ldap_krb5_keytab = str, None, false
ldap_krb5_init_creds = bool, None, false
ldap_entry_usn = str, None, false