summaryrefslogtreecommitdiff
path: root/src/man/sssd.conf.5.xml
AgeCommit message (Collapse)AuthorFilesLines
2012-08-03Fix various typos in documentation.Yuri Chornoivan1-1/+1
2012-07-27Renamed session provider to selinux providerJan Zeleny1-7/+8
2012-07-20NSS: Add override_shell optionStephen Gallagher1-0/+14
If override_shell is specified in the [nss] section, all users managed by SSSD will have their shell set to this value. If it is specified in the [domain/DOMAINNAME] section, it will apply to only that domain (and override the [nss] value, if any). https://fedorahosted.org/sssd/ticket/1087
2012-07-20MAN: Improvements to the AD provider manpageStephen Gallagher1-0/+16
Add information about ID mapping (including how to disable it) as well as information on how to handle homedir and shell. https://fedorahosted.org/sssd/ticket/1433
2012-07-20MAN: List all available backends for provider optionsStephen Gallagher1-14/+84
https://fedorahosted.org/sssd/ticket/1432
2012-07-10Fix typo: exhasution->exhaustion.Yuri Chornoivan1-1/+1
2012-07-10pac responder: limit access by checking UIDsSumit Bose1-4/+27
A check for allowed UIDs is added in the common responder code directly after accept(). If the platform does not support reading the UID of the peer but allowed UIDs are configured, access is denied. Currently only the PAC responder sets the allowed UIDs for a socket. The default is that only root is allowed to access the socket of the PAC responder. Fixes: https://fedorahosted.org/sssd/ticket/1382
2012-07-06MAN: Unify "SEE ALSO" sectionsStephen Gallagher1-32/+2
2012-06-29sudo: manpage updatedPavel Březina1-26/+14
Removes old options and adds new ones.
2012-06-25Set default for subdomain_homedirSumit Bose1-0/+3
2012-06-25Add man page section for the PAC responderSumit Bose1-0/+36
2012-06-18Make the client idle timeout configurableStephen Gallagher1-0/+15
2012-06-12Clarify how comments work in sssd.confAriel Barria1-1/+2
2012-06-12Make re_expression and full_name_format per domain optionsStef Walter1-18/+49
* Allows different user/domain qualified names for different domains. For example Domain\User or user@domain. * The global re_expression and full_name_format options remain as defaults for the domains. * Subdomains get the re_expression and full_name_format of their parent domain. https://bugzilla.redhat.com/show_bug.cgi?id=811663
2012-06-10Allow fast memcache timeout to be configurableJan Zeleny1-0/+12
https://fedorahosted.org/sssd/ticket/1318
2012-05-14Fix typos in message and man pages.Yuri Chornoivan1-2/+2
2012-05-11Bad check for id_provider=local and access_provider=permitAriel Barria1-1/+1
documentation-access_provider Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2012-05-09NSS: Add default_shell optionStephen Gallagher1-0/+15
This option will allow administrators to set a default shell to be used if a user does not have one set in the identity provider. https://fedorahosted.org/sssd/ticket/1289
2012-05-09NSS: Add fallback_homedir optionStephen Gallagher1-0/+18
This option is similar to override_homedir, except that it will take effect only for users that do not have an explicit home directory specified in LDAP. https://fedorahosted.org/sssd/ticket/1250
2012-05-09Clearer documentation for use_fully_qualified_namesStef Walter1-0/+5
* Previously only the side effect was described.
2012-05-04Modify behavior of pam_pwd_expiration_warningJan Zeleny1-1/+34
New option pwd_expiration_warning is introduced which can be set per domain and can override the value specified by the original pam_pwd_expiration_warning. If the value of expiration warning is set to zero, the filter isn't apllied at all - if backend server returns the warning, it will be automatically displayed. Default value for Kerberos: 7 days Default value for LDAP: don't apply the filter Technical note: default value when creating the domain is -1. This is important so we can distinguish between "no value set" and 0. Without this possibility it would be impossible to set different values for LDAP and Kerberos provider.
2012-04-24SSH: Add support for hashed known_hostsJan Cholasta1-0/+25
https://fedorahosted.org/sssd/ticket/1203
2012-04-24New config option for subdomainsJan Zeleny1-0/+15
subdomain_homedir - if set, it contains default value, can be overriden in further processing
2012-04-24data provider: added subdomainsSumit Bose1-0/+24
2012-04-24Responder part of the subdomain retrieval workJan Zeleny1-0/+24
2012-04-20Fix typo: retreiving->retrievingYuri Chornoivan1-1/+1
2012-04-20Two manual pages fixesMarco Pizzoli1-0/+2
2012-04-20Make the monitor SIGKILL time configurableJakub Hrozek1-0/+16
https://fedorahosted.org/sssd/ticket/1119
2012-04-20proxy: new option proxy_fast_aliasJakub Hrozek1-0/+17
2012-04-18MAN: document the hostid and autofs providersJakub Hrozek1-0/+60
2012-04-18MAN: timeout can be specified for services, tooJakub Hrozek1-14/+13
2012-04-18Remove the "command" option from documentationJakub Hrozek1-16/+0
It is a low-level developer option not indended to be consumed by users https://fedorahosted.org/sssd/ticket/1174
2012-02-17RESPONDERS: Make the fd_limit setting configurableStephen Gallagher1-0/+17
This code will now attempt first to see if it has privilege to set the value as specified, and if not it will fall back to the previous behavior. So on systems with the CAP_SYS_RESOURCE capability granted to SSSD, it will be able to ignore the limits.conf hard limit. https://fedorahosted.org/sssd/ticket/1197
2012-02-07fix typos in manualYuri Chornoivan1-1/+1
2012-02-06Man pages for the session target and SELinux user maps fetchingJan Zeleny1-0/+25
2012-02-05AUTOFS: responderJakub Hrozek1-0/+28
2012-02-04Fixes for sudo_timedJakub Hrozek1-0/+13
https://fedorahosted.org/sssd/ticket/1116
2012-02-04SUDO Integration - in-memory cache in responderPavel Březina1-0/+38
New sudo responder option: cache_timeout https://fedorahosted.org/sssd/ticket/1111
2012-02-04NSS: Add individual timeouts for entry typesStephen Gallagher1-0/+53
https://fedorahosted.org/sssd/ticket/1016
2012-01-30Include sudo manual pages only conditionallyJakub Hrozek1-3/+8
2012-01-30SUDO Integration - manual pagePavel Březina1-1/+24
https://fedorahosted.org/sssd/ticket/1109
2011-12-16Use the case sensitivity flag in respondersJakub Hrozek1-0/+14
2011-11-10Fix typos in manual pagesYuri Chornoivan1-1/+1
2011-09-21Enable the midpoint cache update by defaultStephen Gallagher1-1/+1
https://fedorahosted.org/sssd/ticket/918
2011-09-20MAN: Add more information about internal credential storageStephen Gallagher1-0/+4
2011-09-08DEBUG timestamps offer higher precision - man page updatedPavel Březina1-0/+11
https://fedorahosted.org/sssd/ticket/956
2011-09-02Add option to specify the kerberos replay cache dirStephen Gallagher1-0/+20
Adds a configure option to set the distribution default as well as an sssd.conf option to override it. https://fedorahosted.org/sssd/ticket/980
2011-08-25New DEBUG facility - man pagesPavel Březina1-10/+1
https://fedorahosted.org/sssd/ticket/925 Modified sssd and sssd.conf man pages to reflect new levels. Added new man include: include/debug_levels.xml
2011-07-29Add vetoed_shells optionJohn Hodrien1-0/+8
There may be users in LDAP that have a valid but unwelcome shell set in their account. This adds a blacklist of shells that should always be replaced by the fallback_shell. Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
2011-05-20Add new options to override shell valueJakub Hrozek1-0/+44
https://fedorahosted.org/sssd/ticket/742