On Wed, Apr 22, 2015 at 11:09:33AM +0200, Sumit Bose wrote: > > * extend ''struct pam_auth_req'' > > * add new field `use_cached_auth` (default value is false) > > * extend ''pam_dom_forwarder()'' > > * obtain value of domain option `cached_authentication_timeout` > > I think you can add a new element to pam_ctx for this like we currently > do this e.g. with id_timeout.
The design page is not too specific about this detail, but I think Pavel intended to have a per-domain option, which would then make sense to include in a per-domain data structure, maybe even sss_domain_info. > > Please check if cached_authentication_timeout is not larger than > offline_credentials_expiration (given in days) and use the smaller of > the two. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
