https://fedorahosted.org/sssd/ticket/2085
From 2a6573c0ceeaaa51e155a01719bbb283164705cf Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <[email protected]>
Date: Fri, 13 Sep 2013 15:48:10 +0200
Subject: [PATCH] man: improve sssd-sudo manual page

Resolves:
https://fedorahosted.org/sssd/ticket/2085
---
 src/man/sssd-sudo.5.xml | 23 +++++++++++++++++++++--
 1 file changed, 21 insertions(+), 2 deletions(-)

diff --git a/src/man/sssd-sudo.5.xml b/src/man/sssd-sudo.5.xml
index 361fdb7b210df280cffce8c9147257bd0b3ecacb..3262eeababe25e6bdae509c91c22cee493f4a2bd 100644
--- a/src/man/sssd-sudo.5.xml
+++ b/src/man/sssd-sudo.5.xml
@@ -66,11 +66,30 @@ sudoers: files sss
                 <manvolnum>5</manvolnum>
             </citerefentry>.
         </para>
+        <para>
+            <emphasis>Note</emphasis>: in order to use netgroups or IPA
+            hostgroups in sudo rules, you also need to correctly set
+            <citerefentry>
+                <refentrytitle>nisdomainname</refentrytitle>
+                <manvolnum>1</manvolnum>
+            </citerefentry>
+            to your domain name.
+        </para>
     </refsect1>
 
     <refsect1 id='sssd'>
         <title>Configuring SSSD to fetch sudo rules</title>
         <para>
+            All configuration that is needed on SSSD side is to put "sudo"
+            to <emphasis>services</emphasis> in [sssd] section of
+            <citerefentry>
+                <refentrytitle>sssd.conf</refentrytitle>
+                <manvolnum>5</manvolnum>
+            </citerefentry>. To speed up the LDAP lookups, you can also set
+            search base for sudo rules using
+            <emphasis>ldap_sudo_search_base</emphasis> option.
+        </para>
+        <para>
             The following example shows how to configure SSSD to download sudo
             rules from an LDAP server.
         </para>
@@ -89,8 +108,8 @@ ldap_sudo_search_base = ou=sudoers,dc=example,dc=com
 </programlisting>
         </para>
         <para>
-            When the SSSD is configured to use the IPA provider, the sudo
-            provider is automatically enabled. The sudo search base
+            When the SSSD is configured to use IPA as the ID provider,
+            the sudo provider is automatically enabled. The sudo search base
             is configured to use the compat tree (ou=sudoers,$DC).
         </para>
     </refsect1>
-- 
1.7.11.7

_______________________________________________
sssd-devel mailing list
[email protected]
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel

Reply via email to