nss_domain attribute patch 3, Miroslav Grepl
This commit is contained in:
parent
330b13a4a2
commit
b35c647481
@ -5,6 +5,14 @@ policy_module(authlogin, 2.3.1)
|
||||
# Declarations
|
||||
#
|
||||
|
||||
|
||||
## <desc>
|
||||
## <p>
|
||||
## Allow users to resolve user passwd entries directly from ldap rather then using a sssd server
|
||||
## </p>
|
||||
## </desc>
|
||||
gen_tunable(authlogin_nsswitch_use_ldap, false)
|
||||
|
||||
attribute can_read_shadow_passwords;
|
||||
attribute can_write_shadow_passwords;
|
||||
attribute can_relabelto_shadow_passwords;
|
||||
@ -407,17 +415,23 @@ files_list_var_lib(nsswitch_domain)
|
||||
# read /etc/nsswitch.conf
|
||||
files_read_etc_files(nsswitch_domain)
|
||||
|
||||
miscfiles_read_generic_certs(nsswitch_domain)
|
||||
|
||||
sysnet_dns_name_resolve(nsswitch_domain)
|
||||
sysnet_use_ldap(nsswitch_domain)
|
||||
|
||||
optional_policy(`
|
||||
avahi_stream_connect(nsswitch_domain)
|
||||
tunable_policy(`authlogin_nsswitch_use_ldap',`
|
||||
files_list_var_lib(nsswitch_domain)
|
||||
|
||||
miscfiles_read_generic_certs(nsswitch_domain)
|
||||
sysnet_use_ldap(nsswitch_domain)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
ldap_stream_connect(nsswitch_domain)
|
||||
tunable_policy(`authlogin_nsswitch_use_ldap',`
|
||||
ldap_stream_connect(nsswitch_domain)
|
||||
')
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
avahi_stream_connect(nsswitch_domain)
|
||||
')
|
||||
|
||||
optional_policy(`
|
||||
|
Loading…
Reference in New Issue
Block a user