On (27/01/16 16:30), Nikolai Kondrashov wrote: >On 01/27/2016 04:17 PM, Lukas Slebodnik wrote: >>You mention many options which could be possibly passed to tlog. >>e.g. >> TLOG_REC_CONF='{ >> "shell": "/bin/bash", >> "warning": "WARNING! Your session is being recorded!\n", >> "latency": 10, >> "writer": "syslog", >> "syslog": { >> "facility": "authpriv", >> "level": "info" >> } >> }' >> >>Where will be these option stored? In LDAP? > >No idea yet. Some of them definitely will, but likely not all. > In this case I would prefer to have the simplest change in sssd as possible. https://fedorahosted.org/sssd/ticket/2893
SSSD should just enforce using tlog as a shell and provide name of profile. This profile will be used by tlog to download configuration (json) from webservice. The similar approach was discussed with IPA integration with GNOME. IIRC there is already POC; Alexander might know more. LS _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org