On Tue, Feb 23, 2016 at 01:29:42PM +0100, Pavel Březina wrote: > On 02/23/2016 12:09 PM, Jakub Hrozek wrote: > >Reported in https://bugzilla.redhat.com/show_bug.cgi?id=1310141 > > Ack.
Attached patches are rebased on top of Sumit's addition to subdomains_inherit.
>From 8c849dc6e13ad82273267b7686d65002719a1f80 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Tue, 23 Feb 2016 14:56:13 +0100 Subject: [PATCH 1/2] MAN: Move subdomain_inherit to the correct man section The option was in the general section, belongs to the domain section. --- src/man/sssd.conf.5.xml | 81 +++++++++++++++++++++++++------------------------ 1 file changed, 41 insertions(+), 40 deletions(-) diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index c6ed2e0eefdac701168c71c975c55787ec6fb6c3..ce4507d3907570fba1243c0098b6fd5e4085c7d1 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -508,46 +508,6 @@ </para> </listitem> </varlistentry> - <varlistentry> - <term>subdomain_inherit (string)</term> - <listitem> - <para> - Specifies a list of configuration parameters that - should be inherited by a subdomain. Please note - that only selected parameters can be inherited. - Currently the following options can be inherited: - </para> - <para> - ignore_group_members - </para> - <para> - ldap_purge_cache_timeout - </para> - <para> - ldap_use_tokengroups - </para> - <para> - ldap_user_principal - </para> - <para> - ldap_krb5_keytab (the value of krb5_keytab will be - used if ldap_krb5_keytab is not set explicitly) - </para> - <para> - Example: - <programlisting> -subdomain_inherit = ldap_purge_cache_timeout - </programlisting> - </para> - <para> - Default: none - </para> - <para> - Note: This option only works with the IPA and - AD provider. - </para> - </listitem> - </varlistentry> </variablelist> </refsect2> @@ -2268,6 +2228,47 @@ pam_account_locked_message = Account locked, please call help desk. </varlistentry> <varlistentry> + <term>subdomain_inherit (string)</term> + <listitem> + <para> + Specifies a list of configuration parameters that + should be inherited by a subdomain. Please note + that only selected parameters can be inherited. + Currently the following options can be inherited: + </para> + <para> + ignore_group_members + </para> + <para> + ldap_purge_cache_timeout + </para> + <para> + ldap_use_tokengroups + </para> + <para> + ldap_user_principal + </para> + <para> + ldap_krb5_keytab (the value of krb5_keytab will be + used if ldap_krb5_keytab is not set explicitly) + </para> + <para> + Example: + <programlisting> +subdomain_inherit = ldap_purge_cache_timeout + </programlisting> + </para> + <para> + Default: none + </para> + <para> + Note: This option only works with the IPA and + AD provider. + </para> + </listitem> + </varlistentry> + + <varlistentry> <term>proxy_fast_alias (boolean)</term> <listitem> <para> -- 2.4.3
>From 7a11eaabafdd5845f4d73b211bbe79c549a15922 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <[email protected]> Date: Tue, 23 Feb 2016 14:56:59 +0100 Subject: [PATCH 2/2] MAN: Move proxy_fast_alias to the correct man section The option was in the general section, belongs to the proxy section. --- src/man/sssd.conf.5.xml | 35 ++++++++++++++++++----------------- 1 file changed, 18 insertions(+), 17 deletions(-) diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index ce4507d3907570fba1243c0098b6fd5e4085c7d1..c5d509ea9b5186944ae467a20ef8b6a3fe2720a0 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -2269,23 +2269,6 @@ subdomain_inherit = ldap_purge_cache_timeout </varlistentry> <varlistentry> - <term>proxy_fast_alias (boolean)</term> - <listitem> - <para> - When a user or group is looked up by name in - the proxy provider, a second lookup by ID is - performed to "canonicalize" the name in case - the requested name was an alias. Setting this - option to true would cause the SSSD to perform - the ID lookup from cache for performance reasons. - </para> - <para> - Default: false - </para> - </listitem> - </varlistentry> - - <varlistentry> <term>subdomain_homedir (string)</term> <listitem> <para> @@ -2377,6 +2360,24 @@ subdomain_inherit = ldap_purge_cache_timeout </para> </listitem> </varlistentry> + + <varlistentry> + <term>proxy_fast_alias (boolean)</term> + <listitem> + <para> + When a user or group is looked up by name in + the proxy provider, a second lookup by ID is + performed to "canonicalize" the name in case + the requested name was an alias. Setting this + option to true would cause the SSSD to perform + the ID lookup from cache for performance reasons. + </para> + <para> + Default: false + </para> + </listitem> + </varlistentry> + </variablelist> </para> -- 2.4.3
_______________________________________________ sssd-devel mailing list [email protected] https://lists.fedorahosted.org/admin/lists/[email protected]
