Learn more about these different git repos.
Other Git URLs
Splitting this ticket off from #670
From pam_ldap(5):
pam_check_host_attr <yes|no> Specifies whether the "host" attribute should be checked for logon authorization ("account" in the PAM stack). The default is not to. If set to "yes" and a user has no value for the "host" attribute, then the user will be unable to login.
11/07/10 18:59:07 changed by ossman
I got a bit bored and had a look at the pam_ldap code to get details about the implementation. This is what I found:
The local names to try for "host" is determined by calling gethostname() and feeding that into gethostbyname(). The names tried are are then h_name and all h_aliases. Normally this means both the FQDN as well as just the first portion.
It first looks for entries starting with '!' to indicate explicit denies.
Only '*' has special meaning. I.e. no generic wild card support.
attachment 0001-Add-host-access-control-support.patch
Fields changed
owner: sgallagh => jzeleny upgrade: => 0
status: new => assigned
Fixed in: 3612c73
resolution: => fixed status: assigned => closed
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=771412
Linked to Bugzilla bug: https://bugzilla.redhat.com/show_bug.cgi?id=755506
Ticket has been cloned to Bugzilla: https://bugzilla.redhat.com/show_bug.cgi?id=785878
rhbz: => [https://bugzilla.redhat.com/show_bug.cgi?id=785878 785878]
Metadata Update from @sgallagh: - Issue assigned to jzeleny - Issue set to the milestone: SSSD 1.6.0
SSSD is moving from Pagure to Github. This means that new issues and pull requests will be accepted only in SSSD's github repository.
This issue has been cloned to Github and is available here: - https://github.com/SSSD/sssd/issues/1788
If you want to receive further updates on the issue, please navigate to the github issue and click on subscribe button.
subscribe
Thank you for understanding. We apologize for all inconvenience.
Login to comment on this ticket.