d150393de4
This commit updates SSSD configuration to support SSSD sudo capabilities for ldap users and groups. Remote WAD ldap users as well as local openldap users can be configured to get "sudo" and "sys_protected" privileges on the stx platform when connecting using SSH. Configuration updates were done by adding SSSD sudo service and supporting parameters in the SSSD configuration file. Test Plan: PASS: Verify SSSD configuration in "/etc/sssd/sssd.conf" gets updated with sudo parameters. PASS: Create a user with sudo privileges in openldap and verify that the sudo privileges are available in the stx platform when the user connects with SSH. PASS: Create a user with sys_protected privileges in openldap and verify that the sys_protected privileges are available in the stx platform when user connects with SSH. PASS: Configure a sys_protected group in a remote WAD server and verify it has been cached in the stx platform. PASS: Add a WAD user to the sys_protected WAD group and verify the user has sys_protected privileges in the stx platform. PASS: Configure a sudo rule for a remote WAD user and verify the user has sudo privileges in the stx platform. PASS: Verify that a regular WAD user that has no sudo rules defined, does not have sudo privileges in the stx platform. Story: 2010589 Task: 47588 Depends-On: https://review.opendev.org/c/starlingx/stx-puppet/+/876393 Signed-off-by: Carmen Rata <carmen.rata@windriver.com> Change-Id: Id505d462cca26daad3fd82a49929e41a3d2cc1f4 |
||
---|---|---|
api-ref/source | ||
config-gate | ||
controllerconfig | ||
devstack | ||
doc | ||
releasenotes | ||
storageconfig | ||
sysinv | ||
tmp/patch-scripts/EXAMPLE_SYSINV/scripts | ||
tools/docker/images | ||
tsconfig | ||
workerconfig | ||
.gitignore | ||
.gitreview | ||
.yamllint | ||
.zuul.yaml | ||
CONTRIBUTORS.wrs | ||
LICENSE | ||
README.rst | ||
bindep.txt | ||
centos_build_layer.cfg | ||
centos_dev_wheels.inc | ||
centos_iso_image.inc | ||
centos_pkg_dirs | ||
centos_pkg_dirs_containers | ||
centos_stable_wheels.inc | ||
debian_build_layer.cfg | ||
debian_iso_image.inc | ||
debian_pkg_dirs | ||
debian_stable_wheels.inc | ||
test-requirements.txt | ||
tox.ini |
README.rst
stx-config
StarlingX Configuration Management