On 25.08.2011 14:36, Rob Crittenden wrote: > Alexander Bokovoy wrote: >> On 25.08.2011 00:35, Rob Crittenden wrote: >>> Add a few more ftp HBAC services. This adds vsftpd, proftpd, pure-ftpd >>> and gssftp. An HBAC service equates to a pam service and since there is >>> no Linux ftp daemon that uses ftp as its service name it wasn't very >>> useful. >>> >>> I added a ftp HBAC service group to tie them all together. >> ACK >> >> What about other services? There are 'sudo', 'sudo-i', 'su', 'su-l', >> 'runuser', 'runuser-l' in Fedora which represent 'sudo' and 'su', and >> 'runuser' and dash-variants are used when launched with appropriate >> options. >> >> For gdm there are gdm{,-autologin,-fingerprint,-password} which are >> different PAM services to use with different GDM options. >> >> I think is is worth to create HBAC service groups for them as well but >> this is clearly distribution-dependent behaviour. > > We have some of these sudo services already, but not all of them. I'm > certainly open to adding more services and service groups by default. > Can you open a ticket with your suggestions? I'll make a task ticket for 3.0 Core effort.
-- / Alexander Bokovoy _______________________________________________ Freeipa-devel mailing list Freeipa-devel@redhat.com https://www.redhat.com/mailman/listinfo/freeipa-devel