freeipa

Clone
Source Code
GIT

785c496 Allow ipaapi user to access SSSD's info pipe

Authored and Committed by cheimes 5 years ago
raw patch tree parent
3 files changed. 83 lines added. 16 lines removed.
ipaclient/install/client.py
file modified
+34 -7
ipaserver/install/server/upgrade.py
file modified
+18 -9
ipatests/test_integration/test_commands.py
file modified
+31 -0 
    Allow ipaapi user to access SSSD's info pipe
    
    For smart card authentication, ipaapi must be able to access to sss-ifp.
    During installation and upgrade, the ipaapi user is now added to
    [ifp]allowed_uids.
    
    The commit also fixes two related issues:
    
    * The server upgrade code now enables ifp service in sssd.conf. The
      existing code modified sssd.conf but never wrote the changes to disk.
    * sssd_enable_service() no longer fails after it has detected an
      unrecognized service.
    
    Fixes: https://pagure.io/freeipa/issue/7751
    Signed-off-by: Christian Heimes <cheimes@redhat.com>
    Reviewed-By: Rob Crittenden <rcritten@redhat.com>
file modified
+34 -7
file modified
+18 -9
file modified
+31 -0
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.