Dear friends, 

Using sssd, for a long time, I have come across with a problem recently, which I would like to solve with your help.

I provide centralized authentication and authorization service for a huge heterogeneous network. And in my case it would be "nice and easy" if sssd used only shells(5). I believe this mechanism is sufficient for identification of an allowed shell.

I take a liberty to offer you this tiny patch, which will let use wildcard (*) in param allowed_shells in sssd.conf

What do you think about it?

Denis Kutin