72 lines
3.5 KiB
Diff
72 lines
3.5 KiB
Diff
From c939585dc440e2b2ccaeea82ce3cf42c990dbe23 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
Date: Mon, 12 Nov 2018 12:49:39 +0100
|
|
Subject: [PATCH 03/15] compat: add support for with-smartcard-required
|
|
(--enablerequiresmartcard)
|
|
|
|
Resolves:
|
|
https://github.com/pbrezina/authselect/issues/109
|
|
---
|
|
src/compat/authcompat.py.in.in | 15 ++++++++-------
|
|
src/compat/authcompat_Options.py | 4 ++--
|
|
2 files changed, 10 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/src/compat/authcompat.py.in.in b/src/compat/authcompat.py.in.in
|
|
index 42cc6f3c0e38d8e14d62bd5acdc171176a6cb51f..accb3385ade908c07451ee4824d6b62b012ea317 100755
|
|
--- a/src/compat/authcompat.py.in.in
|
|
+++ b/src/compat/authcompat.py.in.in
|
|
@@ -518,13 +518,14 @@ class AuthCompat:
|
|
|
|
def runAuthselect(self):
|
|
map = {
|
|
- 'smartcard' : 'with-smartcard',
|
|
- 'fingerprint' : 'with-fingerprint',
|
|
- 'ecryptfs' : 'with-ecryptfs',
|
|
- 'mkhomedir' : 'with-mkhomedir',
|
|
- 'faillock' : 'with-faillock',
|
|
- 'pamaccess' : 'with-pamaccess',
|
|
- 'winbindkrb5' : 'with-krb5'
|
|
+ 'smartcard' : 'with-smartcard',
|
|
+ 'requiresmartcard' : 'with-smartcard-required',
|
|
+ 'fingerprint' : 'with-fingerprint',
|
|
+ 'ecryptfs' : 'with-ecryptfs',
|
|
+ 'mkhomedir' : 'with-mkhomedir',
|
|
+ 'faillock' : 'with-faillock',
|
|
+ 'pamaccess' : 'with-pamaccess',
|
|
+ 'winbindkrb5' : 'with-krb5'
|
|
}
|
|
|
|
# Read current configuration first.
|
|
diff --git a/src/compat/authcompat_Options.py b/src/compat/authcompat_Options.py
|
|
index e77b4407c7cd385b66a8a97795cece7f33571ff6..c8f52ab6773c4cd5371f32121dba8053f3443261 100644
|
|
--- a/src/compat/authcompat_Options.py
|
|
+++ b/src/compat/authcompat_Options.py
|
|
@@ -13,7 +13,7 @@
|
|
# This program is distributed in the hope that it will be useful,
|
|
# but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
-# GNU General Public License for more details.
|
|
+# GNU General Public License for morerequi details.
|
|
#
|
|
# You should have received a copy of the GNU General Public License
|
|
# along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
@@ -91,6 +91,7 @@ class Options:
|
|
Option.Feature("rfc2307bis", _("use of RFC-2307bis schema for LDAP user information lookups")),
|
|
Option.Feature("smartcard", _("authentication with smart card by default")),
|
|
Option.Valued ("smartcardaction", _("<0=Lock|1=Ignore>"), _("action to be taken on smart card removal")),
|
|
+ Option.Feature("requiresmartcard",_("require smart card for authentication by default")),
|
|
Option.Feature("fingerprint", _("authentication with fingerprint readers by default")),
|
|
Option.Feature("ecryptfs", _("automatic per-user ecryptfs")),
|
|
Option.Feature("krb5", _("Kerberos authentication by default")),
|
|
@@ -146,7 +147,6 @@ class Options:
|
|
Option.UnsupportedSwitch ("usemd5"),
|
|
Option.UnsupportedValued ("passalgo", _("<descrypt|bigcrypt|md5|sha256|sha512>")),
|
|
Option.UnsupportedValued ("ldaploadcacert", _("<URL>")),
|
|
- Option.UnsupportedFeature("requiresmartcard"),
|
|
Option.UnsupportedValued ("smartcardmodule", _("<module>")),
|
|
Option.UnsupportedValued ("smbsecurity", _("<user|server|domain|ads>")),
|
|
Option.UnsupportedValued ("smbrealm", _("<realm>")),
|
|
--
|
|
2.17.2
|
|
|