Include pac_check patch
This commit is contained in:
parent
ec123cd550
commit
450f45b104
49
0001-pac-relax-default-for-pac_check-option.patch
Normal file
49
0001-pac-relax-default-for-pac_check-option.patch
Normal file
@ -0,0 +1,49 @@
|
|||||||
|
From 55e93cf1cf4d61c6de7975cbdc97a723545586c0 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Sumit Bose <sbose@redhat.com>
|
||||||
|
Date: Wed, 8 Jun 2022 10:11:15 +0200
|
||||||
|
Subject: [PATCH] pac: relax default for pac_check option
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
PAC might not be always present, especially in IPA environments. So the
|
||||||
|
default of pac_check should not contain 'pac_present'.
|
||||||
|
|
||||||
|
Resolves: https://github.com/SSSD/sssd/issues/5868
|
||||||
|
|
||||||
|
Reviewed-by: Iker Pedrosa <ipedrosa@redhat.com>
|
||||||
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
||||||
|
---
|
||||||
|
src/confdb/confdb.h | 2 +-
|
||||||
|
src/man/sssd.conf.5.xml | 2 +-
|
||||||
|
2 files changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
|
||||||
|
index d9fe571ded2d4ed19fe8e18466eab81b81148844..83f6be7f9a142464d63c06bc6d8828ffffa9625b 100644
|
||||||
|
--- a/src/confdb/confdb.h
|
||||||
|
+++ b/src/confdb/confdb.h
|
||||||
|
@@ -181,7 +181,7 @@
|
||||||
|
#define CONFDB_PAC_LIFETIME "pac_lifetime"
|
||||||
|
#define CONFDB_PAC_CHECK "pac_check"
|
||||||
|
#define CONFDB_PAC_CHECK_DEFAULT "no_check"
|
||||||
|
-#define CONFDB_PAC_CHECK_IPA_AD_DEFAULT "pac_present, check_upn, check_upn_dns_info_ex"
|
||||||
|
+#define CONFDB_PAC_CHECK_IPA_AD_DEFAULT "check_upn, check_upn_dns_info_ex"
|
||||||
|
|
||||||
|
/* InfoPipe */
|
||||||
|
#define CONFDB_IFP_CONF_ENTRY "config/ifp"
|
||||||
|
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
|
||||||
|
index 70544742740946f3e0ba1568d34e8bdebface072..e921ba575c2f2f69d9d7abe0211f80b44dca9cf4 100644
|
||||||
|
--- a/src/man/sssd.conf.5.xml
|
||||||
|
+++ b/src/man/sssd.conf.5.xml
|
||||||
|
@@ -2298,7 +2298,7 @@ pam_gssapi_indicators_map = sudo:pkinit, sudo-i:pkinit
|
||||||
|
</para>
|
||||||
|
<para>
|
||||||
|
Default: no_check (AD and IPA provider
|
||||||
|
- 'pac_present, check_upn, check_upn_dns_info_ex')
|
||||||
|
+ 'check_upn, check_upn_dns_info_ex')
|
||||||
|
</para>
|
||||||
|
</listitem>
|
||||||
|
</varlistentry>
|
||||||
|
--
|
||||||
|
2.34.3
|
||||||
|
|
Loading…
Reference in New Issue
Block a user