On Thu, Feb 25, 2010 at 08:50:43PM +0100, Sumit Bose wrote:
> On Thu, Feb 25, 2010 at 01:27:34PM -0500, Stephen Gallagher wrote:
> > -----BEGIN PGP SIGNED MESSAGE-----
> > Hash: SHA1
> >
> > On 02/25/2010 12:31 PM, Sumit Bose wrote:
> > > Hi,
> > >
> > > this is the second try to fix #392. This patch adds a new provider
> > > called simple wuth na access target which can allow/deny access based on
> > > a list of user names.
> >
> >
> > Nack.
> >
> > You didn't update the SSSDConfigTest.py. It's failing.
> >
> > The manpages are very hard to follow. Might I suggest that they read:
> >
> >
> > NAME
> > sssd-simple - the configuration file for SSSD's 'simple'
access-control
> > provider
> >
> >
> > DESCRIPTION
> > This manual page describes the configuration of the simple
> > access-control provider for sssd(8). For a detailed syntax reference,
> > refer to the “FILE FORMAT” section of the sssd.conf(5) manual page.
> >
> > The simple access provider grants or denies access based on an access
> > or deny list of user names. Here the following rules apply:
> >
> > · If both lists are empty, access is granted
> >
> > · If simple_allow_users is set, only users from this list are allowed
> > access.
> > This setting supersedes the simple_deny_users list (which would be
> > redundant.
> >
> > · If the simple_allow_users list is empty, users are allowed access
> > unless they appear in the simple_deny_users list
> >
> > CONFIGURATION OPTIONS
> > Refer to the section “DOMAIN SECTIONS” of the sssd.conf(5) manual
> > page
> > for details on the configuration of an SSSD domain.
> >
> > simple_allow_users (string)
> > Comma separated list of users who are allowed to log in.
> >
> > simple_deny_users (string)
> > Comma separated list of users who are rejected if
> > simple_allow_users is not set.
> >
> > EXAMPLE
> > The following example assumes that SSSD is correctly configured and
> >
example.com is one of the domains in the [sssd] section. This
> > examples
> > shows only the simple access provider-specific options.
> >
> > [
domain/example.com]
> > access_provider = simple
> > simple_allow_users = user1, user2
> >
> > SEE ALSO
> > sssd.conf(5), sssd(8)
> >
> > AUTHORS
> > The SSSD upstream -
http://fedorahosted.org/sssd
> >
> >
> > - --
> > Stephen Gallagher
> > RHCE 804006346421761
> >
> > Delivering value year after year.
> > Red Hat ranks #1 in value among software vendors.
> >
http://www.redhat.com/promo/vendor/
> > -----BEGIN PGP SIGNATURE-----
> > Version: GnuPG v1.4.10 (GNU/Linux)
> > Comment: Using GnuPG with Fedora -
http://enigmail.mozdev.org/
> >
> > iEYEARECAAYFAkuGwRYACgkQeiVVYja6o6NDHQCeOpet+8kppGGyxVUkhCm+Za4I
> > J74AoJN6Koz74cdXKsNEz6qE0kQhy9D8
> > =7923
> > -----END PGP SIGNATURE-----
>
> new version attached.
>
Hi,
I forgot to include a hunk in the Makefile.am patch. New version
attached.
bye,
Sumit