diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-07 11:28:35 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-10 21:03:01 +0200 |
commit | 14452cd066b51e32ca0ebad6c45ae909a1debe57 (patch) | |
tree | 5c89a40d71008b0b2853b831d937a995e4a424ef /src/config | |
parent | 7b5e7e539ae9312ab55d75aa94feaad549b2a708 (diff) | |
download | sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.gz sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.tar.bz2 sssd-14452cd066b51e32ca0ebad6c45ae909a1debe57.zip |
A new option krb5_use_kdcinfo
https://fedorahosted.org/sssd/ticket/1883
The patch introduces a new Kerberos provider option called
krb5_use_kdcinfo. The option is true by default in all providers. When
set to false, the SSSD will not create krb5 info files that the locator
plugin consumes and the user would have to set up the Kerberos options
manually in krb5.conf
Diffstat (limited to 'src/config')
-rw-r--r-- | src/config/SSSDConfig/__init__.py.in | 1 | ||||
-rwxr-xr-x | src/config/SSSDConfigTest.py | 9 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ad.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ipa.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-krb5.conf | 1 | ||||
-rw-r--r-- | src/config/etc/sssd.api.d/sssd-ldap.conf | 1 |
6 files changed, 11 insertions, 3 deletions
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in index b6e722fc..4d7629e1 100644 --- a/src/config/SSSDConfig/__init__.py.in +++ b/src/config/SSSDConfig/__init__.py.in @@ -165,6 +165,7 @@ option_strings = { 'krb5_backup_server' : _('Kerberos backup server address'), 'krb5_realm' : _('Kerberos realm'), 'krb5_auth_timeout' : _('Authentication timeout'), + 'krb5_use_kdcinfo' : _('Whether to create kdcinfo files'), # [provider/krb5/auth] 'krb5_ccachedir' : _('Directory to store credential caches'), diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index f44fac72..ca344ad4 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -614,7 +614,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal']) + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo']) options = domain.list_options() @@ -773,7 +774,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal'] + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo'] self.assertTrue(type(options) == dict, "Options should be a dictionary") @@ -967,7 +969,8 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'krb5_use_fast', 'krb5_fast_principal', 'krb5_canonicalize', - 'krb5_use_enterprise_principal']) + 'krb5_use_enterprise_principal', + 'krb5_use_kdcinfo']) options = domain.list_options() diff --git a/src/config/etc/sssd.api.d/sssd-ad.conf b/src/config/etc/sssd.api.d/sssd-ad.conf index 3be25e8d..120c8275 100644 --- a/src/config/etc/sssd.api.d/sssd-ad.conf +++ b/src/config/etc/sssd.api.d/sssd-ad.conf @@ -29,6 +29,7 @@ krb5_backup_server = str, None, false krb5_realm = str, None, false krb5_auth_timeout = int, None, false krb5_canonicalize = bool, None, false +krb5_use_kdcinfo = bool, None, false ldap_krb5_keytab = str, None, false ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ipa.conf b/src/config/etc/sssd.api.d/sssd-ipa.conf index e6f1bb0a..8a7e75f2 100644 --- a/src/config/etc/sssd.api.d/sssd-ipa.conf +++ b/src/config/etc/sssd.api.d/sssd-ipa.conf @@ -35,6 +35,7 @@ krb5_server = str, None, false krb5_backup_server = str, None, false krb5_realm = str, None, false krb5_auth_timeout = int, None, false +krb5_use_kdcinfo = bool, None, false krb5_kpasswd = str, None, false krb5_backup_kpasswd = str, None, false krb5_canonicalize = bool, None, false diff --git a/src/config/etc/sssd.api.d/sssd-krb5.conf b/src/config/etc/sssd.api.d/sssd-krb5.conf index 89d16d77..e65ed01b 100644 --- a/src/config/etc/sssd.api.d/sssd-krb5.conf +++ b/src/config/etc/sssd.api.d/sssd-krb5.conf @@ -4,6 +4,7 @@ krb5_server = str, None, false krb5_backup_server = str, None, false krb5_realm = str, None, true krb5_auth_timeout = int, None, false +krb5_use_kdcinfo = bool, None, false krb5_kpasswd = str, None, false krb5_backup_kpasswd = str, None, false diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf index 14e979da..870cf20f 100644 --- a/src/config/etc/sssd.api.d/sssd-ldap.conf +++ b/src/config/etc/sssd.api.d/sssd-ldap.conf @@ -21,6 +21,7 @@ krb5_kdcip = str, None, false krb5_server = str, None, false krb5_realm = str, None, false krb5_canonicalize = bool, None, false +krb5_use_kdcinfo = bool, None, false ldap_krb5_keytab = str, None, false ldap_krb5_init_creds = bool, None, false ldap_entry_usn = str, None, false |