Bug 588412
| Summary: | Need list of services for hbac | ||
|---|---|---|---|
| Product: | [Retired] freeIPA | Reporter: | Rob Crittenden <rcritten> |
| Component: | Documentation | Assignee: | Sumit Bose <sbose> |
| Status: | CLOSED ERRATA | QA Contact: | Chandrasekar Kannan <ckannan> |
| Severity: | medium | Docs Contact: | |
| Priority: | low | ||
| Version: | 2.0 | CC: | benl, dpal, jgalipea, o.burtchen, sgallagh |
| Target Milestone: | --- | ||
| Target Release: | --- | ||
| Hardware: | All | ||
| OS: | Linux | ||
| Whiteboard: | |||
| Fixed In Version: | freeipa-2.0.0-1.fc15 | Doc Type: | Bug Fix |
| Doc Text: | Story Points: | --- | |
| Clone Of: | Environment: | ||
| Last Closed: | 2012-03-28 11:21:34 UTC | Type: | --- |
| Regression: | --- | Mount Type: | --- |
| Documentation: | --- | CRM: | |
| Verified Versions: | Category: | --- | |
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
| Cloudforms Team: | --- | Target Upstream Version: | |
| Embargoed: | |||
|
Description
Rob Crittenden
2010-05-03 17:07:35 UTC
Sumit, can you provide the list of services for HBAC, or the mechanism that sssd uses to determine the requested service? The service is compared to the string that is returned by pam_get_item(pam_handle, PAM_SERVICE, &item) which is the same as the service name in the PAM configuration in /etc/pam.d/. So the filenames in /etc/pam.d are the service names. Please note that there are services which can have multiple service name, like e.g. su and su-l. Sumit, here are those that I picked: sssd, ftp, su, login, su-l, sudo and sudo-i. Is this is enough to start with? I think you mean sshd instead of sssd. Maybe adding gdm and/or gdm-password would make sense. The KDE folks would like kdm, too. Ok, adding all three. master: d76ead6ccea2b41d3cb603124860fb3f84d8e1cc |