2 files changed, 10 insertions, 0 deletions

diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index 2bd6e349..99ccc5ab 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -294,6 +294,11 @@ option_strings = {
     'ldap_sudo_search_base' : _('Base DN for sudo rules lookups'),
     'ldap_sudo_full_refresh_interval' : _('Automatic full refresh period'),
     'ldap_sudo_smart_refresh_interval' : _('Automatic smart refresh period'),
+    'ldap_sudo_use_host_filter' : _('Whether to filter rules by hostname, IP addresses and network'),
+    'ldap_sudo_hostnames' : _('Hostnames and/or fully qualified domain names of this machine to filter sudo rules'),
+    'ldap_sudo_ip' : _('IPv4 or IPv6 addresses or network of this machine to filter sudo rules'),
+    'ldap_sudo_include_netgroups' : _('Whether to include rules that contains netgroup in host attribute'),
+    'ldap_sudo_include_regexp' : _('Whether to include rules that contains regular expression in host attribute'),
     'ldap_sudorule_object_class' : _('Object class for sudo rules'),
     'ldap_sudorule_name' : _('Sudo rule name'),
     'ldap_sudorule_command' : _('Sudo rule command attribute'),
diff --git a/src/config/etc/sssd.api.d/sssd-ldap.conf b/src/config/etc/sssd.api.d/sssd-ldap.conf
index 6838a71f..2af849ff 100644
--- a/src/config/etc/sssd.api.d/sssd-ldap.conf
+++ b/src/config/etc/sssd.api.d/sssd-ldap.conf
@@ -130,6 +130,11 @@ ldap_chpass_dns_service_name = str, None, false
 ldap_sudo_search_base = str, None, false
 ldap_sudo_full_refresh_interval = int, None, false
 ldap_sudo_smart_refresh_interval = int, None, false
+ldap_sudo_use_host_filter = bool, None, false
+ldap_sudo_hostnames = str, None, false
+ldap_sudo_ip = str, None, false
+ldap_sudo_include_netgroups = bool, None, false
+ldap_sudo_include_regexp = bool, None, false
 ldap_sudorule_object_class = str, None, false
 ldap_sudorule_name = str, None, false
 ldap_sudorule_command = str, None, false