starlingx
/
config
Code Issues Proposed changes
StarlingX System Configuration Management
4,519 Commits 22 Branches 10 Tags 77 MiB
Python 97.3%
Shell 2.3%
CSS 0.2%
Go to file
Carmen Rata d150393de4 Add SSSD sudo configuration in sysinv 
This commit updates SSSD configuration to support SSSD sudo
capabilities for ldap users and groups.
Remote WAD ldap users as well as local openldap users can be
configured to get "sudo" and "sys_protected" privileges on
the stx platform when connecting using SSH.
Configuration updates were done by adding SSSD sudo service
and supporting parameters in the SSSD configuration file.

Test Plan:
PASS: Verify SSSD configuration in "/etc/sssd/sssd.conf" gets
updated with sudo parameters.
PASS: Create a user with sudo privileges in openldap and verify
that the sudo privileges are available in the stx platform
when the user connects with SSH.
PASS: Create a user with sys_protected privileges in openldap
and verify that the sys_protected privileges are available in
the stx platform when user connects with SSH.
PASS: Configure a sys_protected group in a remote WAD server and
verify it has been cached in the stx platform.
PASS: Add a WAD user to the sys_protected WAD group and verify the
user has sys_protected privileges in the stx platform.
PASS: Configure a sudo rule for a remote WAD user and verify the user
has sudo privileges in the stx platform.
PASS: Verify that a regular WAD user that has no sudo rules defined,
does not have sudo privileges in the stx platform.

Story: 2010589
Task: 47588
Depends-On: https://review.opendev.org/c/starlingx/stx-puppet/+/876393

Signed-off-by: Carmen Rata <carmen.rata@windriver.com>
Change-Id: Id505d462cca26daad3fd82a49929e41a3d2cc1f4
 		2023-03-07 18:08:10 +00:00
api-ref/source Add runtime reconfiguration of kubelet 2022-06-09 17:59:35 -04:00
config-gate Update debian package versions to use git commits 2023-02-10 20:11:06 +00:00
controllerconfig Update debian package versions to use git commits 2023-02-10 20:11:06 +00:00
devstack Deprecate old policy engine and restrict access 2022-08-10 11:18:38 -03:00
doc Fix tox-docs failing sphinx 2022-05-31 13:56:30 +00:00
releasenotes Remove host hardware sysinv profile 2021-10-18 18:01:40 -03:00
storageconfig Update debian package versions to use git commits 2023-02-10 20:11:06 +00:00
sysinv Add SSSD sudo configuration in sysinv 2023-03-07 18:08:10 +00:00
tmp/patch-scripts/EXAMPLE_SYSINV/scripts StarlingX open source release updates 2018-05-31 07:35:52 -07:00
tools/docker/images Enable kubernetes SCTPSupport feature 2019-09-03 19:23:05 +00:00
tsconfig Update debian package versions to use git commits 2023-02-10 20:11:06 +00:00
workerconfig Update debian package versions to use git commits 2023-02-10 20:11:06 +00:00
.gitignore Minor zuul and tox file cleanup after manifest re-org 2019-09-06 15:40:37 -05:00
.gitreview OpenDev Migration Patch 2019-04-19 19:52:42 +00:00
.yamllint clear yamllint errors under stx-config 2018-09-12 21:11:57 +08:00
.zuul.yaml Merge "Remove python2 jobs from zuul for this repo" 2023-02-07 22:30:51 +00:00
CONTRIBUTORS.wrs StarlingX open source release updates 2018-05-31 07:35:52 -07:00
LICENSE StarlingX open source release updates 2018-05-31 07:35:52 -07:00
README.rst StarlingX open source release updates 2018-05-31 07:35:52 -07:00
bindep.txt py3: Add py39 gate for sysinv 2021-08-27 08:39:06 -04:00
centos_build_layer.cfg Build layering, add layer build config file 2019-10-15 12:29:05 +08:00
centos_dev_wheels.inc Config file changes to add 'tsconfig' after relocation from 'update' 2019-09-05 11:51:05 -04:00
centos_iso_image.inc Merge sysinv_fpga_agent with sysinv_agent 2022-10-03 14:12:28 -04:00
centos_pkg_dirs Merge sysinv_fpga_agent with sysinv_agent 2022-10-03 14:12:28 -04:00
centos_pkg_dirs_containers Config file changes for packages relocated to repo 'openstack-armada-app' 2019-09-05 10:42:00 -04:00
centos_stable_wheels.inc Config file changes to add 'tsconfig' after relocation from 'update' 2019-09-05 11:51:05 -04:00
debian_build_layer.cfg Add debian_build_layer.cfg file 2021-10-05 14:50:08 -04:00
debian_iso_image.inc Debian: config: update debian_iso_image.inc 2022-11-08 15:48:04 +08:00
debian_pkg_dirs Merge sysinv_fpga_agent with sysinv_agent 2022-10-03 14:12:28 -04:00
debian_stable_wheels.inc debian: Add sysinv wheel to the build 2022-11-21 13:33:24 +00:00
test-requirements.txt Calling an additional shell lint command from zuul 2021-06-03 17:35:50 -05:00
tox.ini Update tox.ini to work with tox 4 2022-12-26 18:55:39 +00:00

README.rst

stx-config

StarlingX Configuration Management