dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0042-config-allow-prompting-options-in-configuration.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   1bb59547f916a26aeb39c414aab131c9f260e8e2
  2.   SOURCES
  3.   0042-config-allow-prompting-options-in-configuration.patch
Blob History Raw
1bb595 
From 4526858adb58736066a0b2cf2dc793ddfe671b2b Mon Sep 17 00:00:00 2001
1bb595 
From: ikerexxe <ipedrosa@redhat.com>
1bb595 
Date: Tue, 4 Aug 2020 15:39:51 +0200
1bb595 
Subject: [PATCH] config: allow prompting options in configuration
1bb595
1bb595 
False warnings were logged after enabling prompting options in
1bb595 
configuration file. This change modifies the configuration rules to
1bb595 
allow prompting options.
1bb595
1bb595 
Resolves:
1bb595 
https://github.com/SSSD/sssd/issues/5259
1bb595
1bb595 
Reviewed-by: Sumit Bose <sbose@redhat.com>
1bb595 
---
1bb595 
 src/config/cfg_rules.ini | 34 ++++++++++++++++++++++++++++++++++
1bb595 
 1 file changed, 34 insertions(+)
1bb595
1bb595 
diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini
1bb595 
index 2874ea048..2d4e7b51d 100644
1bb595 
--- a/src/config/cfg_rules.ini
1bb595 
+++ b/src/config/cfg_rules.ini
1bb595 
@@ -14,6 +14,10 @@ section = session_recording
1bb595 
 section_re = ^secrets/users/[0-9]\+$
1bb595 
 section_re = ^secrets/secrets$
1bb595 
 section_re = ^secrets/kcm$
1bb595 
+section_re = ^prompting/password$
1bb595 
+section_re = ^prompting/password/[^/\@]\+$
1bb595 
+section_re = ^prompting/2fa$
1bb595 
+section_re = ^prompting/2fa/[^/\@]\+$
1bb595 
 section_re = ^domain/[^/\@]\+$
1bb595 
 section_re = ^domain/[^/\@]\+/[^/\@]\+$
1bb595 
 section_re = ^application/[^/\@]\+$
1bb595 
@@ -332,6 +336,36 @@ option = scope
1bb595 
 option = users
1bb595 
 option = groups
1bb595
1bb595 
+# Prompting during authentication
1bb595 
+[rule/allowed_prompting_password_options]
1bb595 
+validator = ini_allowed_options
1bb595 
+section_re = ^prompting/password$
1bb595 
+
1bb595 
+option = password_prompt
1bb595 
+
1bb595 
+[rule/allowed_prompting_2fa_options]
1bb595 
+validator = ini_allowed_options
1bb595 
+section_re = ^prompting/2fa$
1bb595 
+
1bb595 
+option = single_prompt
1bb595 
+option = first_prompt
1bb595 
+option = second_prompt
1bb595 
+
1bb595 
+[rule/allowed_prompting_password_subsec_options]
1bb595 
+validator = ini_allowed_options
1bb595 
+section_re = ^prompting/password/[^/\@]\+$
1bb595 
+
1bb595 
+option = password_prompt
1bb595 
+
1bb595 
+[rule/allowed_prompting_2fa_subsec_options]
1bb595 
+validator = ini_allowed_options
1bb595 
+section_re = ^prompting/2fa/[^/\@]\+$
1bb595 
+
1bb595 
+option = single_prompt
1bb595 
+option = first_prompt
1bb595 
+option = second_prompt
1bb595 
+
1bb595 
+
1bb595 
 [rule/allowed_domain_options]
1bb595 
 validator = ini_allowed_options
1bb595 
 section_re = ^\(domain\|application\)/[^/]\+$
1bb595 
--
1bb595 
2.21.3
1bb595

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation