Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sssd: add with-files-access-provider to use SSSD's account management for local users #181

Closed
pbrezina opened this issue Sep 16, 2019 · 1 comment
Closed

sssd: add with-files-access-provider to use SSSD's account management for local users #181

pbrezina opened this issue Sep 16, 2019 · 1 comment
Assignees
@pbrezina
Labels
pull request available
Milestone
authselect-1.2

Comments

@pbrezina
Copy link
Member

pbrezina commented Sep 16, 2019
edited

Since SSSD is capable of handling local system users, there can exist configurations that combines local users with other authentication/access mechanisms. SSSD profile should support such configurations.

RHBZ: https://bugzilla.redhat.com/show_bug.cgi?id=1734094
@pbrezina pbrezina changed the title Conditionally allow all PAM phases to go through pam_sss for local users sssd: skip pam_sss for local users only if files provider is disabled Jan 14, 2020
@pbrezina pbrezina added this to the authselect-1.2 milestone Jan 14, 2020
pbrezina referenced this issue Jan 14, 2020
@pbrezina
sssd: skip pam_sss for local users only if files provider is disabled
a4deaaa 
Because SSSD now handles local users it is a valid use case to call
account management in pam_sss for those users as well.

Resolves:
https://github.com/pbrezina/authselect/issues/181
@pbrezina pbrezina mentioned this issue Jan 14, 2020
Closed
@pbrezina pbrezina self-assigned this Jan 14, 2020
pbrezina referenced this issue Jan 16, 2020
@pbrezina
sssd: add with-files-access-provider to use SSSD's account manageme…
95979f7 
…nt for local users

To support the following use case:

```
[domain/local]
id_provider = files
auth_provider = krb5
krb5_realm = AD.VM
krb5_server = root-dc.ad.vm
access_provider = krb5
```

Resolves:
https://github.com/pbrezina/authselect/issues/181
@pbrezina pbrezina changed the title sssd: skip pam_sss for local users only if files provider is disabled sssd: add with-files-access-provider to use SSSD's account management for local users Jan 16, 2020
@pbrezina
Copy link
Member Author

  • master
    • 6fca96e - sssd: add with-files-access-provider to use SSSD's account management for local users

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@pbrezina pbrezina

Labels
pull request available
Projects
None yet
Milestone
authselect-1.2
Development

No branches or pull requests
1 participant
@pbrezina