Add new options to override shell value

https://fedorahosted.org/sssd/ticket/742
author: Jakub Hrozek <jhrozek@redhat.com> 2011-05-17 16:49:19 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2011-05-20 05:49:25 -0400
commit: 068dbee9ca7bf5b37330eff91c94ae10f288d09f (patch)
tree: a11f08234e2b6043aa13826d59d999550f9da980 /src/man
parent: d9d716b547d256c03df97b0ff8282349a0f365ad (diff)
download: sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.tar.gz
sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.tar.bz2
sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.zip
1 files changed, 44 insertions, 0 deletions
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 57454dd8..b4f38465 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -391,6 +391,50 @@
                         </para>
                     </listitem>
                 </varlistentry>
+                <varlistentry>
+                    <term>allowed_shells (string)</term>
+                    <listitem>
+                        <para>
+                            Restrict user shell to one of the listed values. The order of evaluation is:
+                        </para>
+                        <para>
+                            1. If the shell is present in
+                            <quote>/etc/shells</quote>, it is used.
+                        </para>
+                        <para>
+                            2. If the shell is in the allowed_shells list but
+                            not in <quote>/etc/shells</quote>, use the
+                            value of the shell_fallback parameter.
+                        </para>
+                        <para>
+                            3. If the shell is not in the allowed_shells list and
+                            not in <quote>/etc/shells</quote>, a nologin shell
+                            is used.
+                        </para>
+                        <para>
+                            An empty string for shell is passed as-is to libc.
+                        </para>
+                        <para>
+                            The <quote>/etc/shells</quote> is only read on SSSD start up, which means that
+                            a restart of the SSSD is required in case a new shell is installed.
+                        </para>
+                        <para>
+                            Default: Not set. The user shell is automatically used.
+                        </para>
+                    </listitem>
+                </varlistentry>
+                <varlistentry>
+                    <term>shell_fallback (string)</term>
+                    <listitem>
+                        <para>
+                            The default shell to use if an allowed shell is not
+                            installed on the machine.
+                        </para>
+                        <para>
+                            Default: /bin/sh
+                        </para>
+                    </listitem>
+                </varlistentry>
             </variablelist>
         </refsect2>
         <refsect2 id='PAM'>
author	Jakub Hrozek <jhrozek@redhat.com>	2011-05-17 16:49:19 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2011-05-20 05:49:25 -0400
commit	068dbee9ca7bf5b37330eff91c94ae10f288d09f (patch)
tree	a11f08234e2b6043aa13826d59d999550f9da980 /src/man
parent	d9d716b547d256c03df97b0ff8282349a0f365ad (diff)
download	sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.tar.gz sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.tar.bz2 sssd-068dbee9ca7bf5b37330eff91c94ae10f288d09f.zip