#2135 [RFE] Ability of sssd to override shell and homedir per group and per netgroup
Opened 5 years ago by dpal. Modified 2 years ago

Ticket was cloned from Red Hat Bugzilla (product RHEL RFE): Bug 986394

Please note that this Bug is private and may not be accessible as it contains confidential Red Hat customer information.

The core of the requirement:
Allow different groups or netgroups of users to have different shell and home dir overrides.
It should be applicable to any provider whether the user comes from AD, IPA or pure ldap.
It is expected to be a local override so it will be set on per host basis.

Fields changed

blockedby: =>
blocking: =>
changelog: =>
coverity: =>
design: =>
design_review: => 0
feature_milestone: =>
fedora_test_page: =>
milestone: NEEDS_TRIAGE => Temp milestone
review: True => 0
selected: =>
testsupdated: => 0

More details:

This request is to mimic functionality of NIS compat mode that is currently used in the deployment. It turn our that NIS compat supports some kind of override. More investigation would be needed to determine what actually has to happen here.

For now putting into 1.12 beta at least to take a look and understand the implications.

milestone: Temp milestone => SSSD 1.12 beta
priority: major => minor

It seems that this functionality can be accomplished by using a compat capability of the nsswitch.conf. I suggest we put it in needs triage and if this is something that can be accomplished by compat I would rather close this ticket.

milestone: SSSD 1.12 beta => NEEDS_TRIAGE

First bug is closed with NIS compat workaround but the second one is not. So this ticket would remain open linked to the second BZ.

Fields changed

milestone: NEEDS_TRIAGE => SSSD 1.12 beta

Fields changed

owner: somebody => preichl
status: new => assigned

Fields changed

milestone: SSSD 1.12 beta => SSSD 1.12.1

Fields changed

review: 0 => 1

Mass-moving all tickets that didn't make 1.12.1 into 1.12.2

milestone: SSSD 1.12.1 => SSSD 1.12.2

We need to do a release as requested by downstream. Moving tickets that are not fixed already or very close to acking to 1.12.3

milestone: SSSD 1.12.2 => SSSD 1.12.3

Per the downstream RFE, the requestee is no longer interested in pursuing this enhancement. Moving to Deferred.

mark: => 0
milestone: SSSD 1.12.3 => SSSD Deferred

This would be very useful for us as we have users split up into different volumes by primary group to avoid going over 2 TB. Either completely configurable with different paths per group, or a %g/%G expansion for override_homedir would work.

I note that #2668 is suggesting being able to run a script to determine the path to be used, and that would probably have the most flexibility.

sensitive: => 0

Fields changed

review: 1 => 0

Metadata Update from @dpal:
- Issue assigned to preichl
- Issue set to the milestone: SSSD Patches welcome

2 years ago

Login to comment on this ticket.