URL: https://github.com/SSSD/sssd/pull/295 Author: jhrozek Title: #295: MAN: Document that the secrets provider can only be specified in a per-client section Action: synchronized
To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/295/head:pr295 git checkout pr295
From 34edb2428a95441e0402911431436362d0963bd6 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Thu, 1 Jun 2017 10:04:21 +0200 Subject: [PATCH] MAN: Document that the secrets provider can only be specified in a per-client section Resolves: https://pagure.io/SSSD/sssd/issue/3417 --- src/man/sssd-secrets.5.xml | 25 +++++++++++++++++-------- 1 file changed, 17 insertions(+), 8 deletions(-) diff --git a/src/man/sssd-secrets.5.xml b/src/man/sssd-secrets.5.xml index d43dcf21c..a41e67fd6 100644 --- a/src/man/sssd-secrets.5.xml +++ b/src/man/sssd-secrets.5.xml @@ -128,19 +128,28 @@ systemctl enable sssd-secrets.service </citerefentry> manual page for a complete list. In addition, there are some secrets-specific options as well. </para> + <para> + The secrets responder is configured with a global [secrets] + section and an optional per-user [secrets/users/$uid] section + in sssd.conf. Please note that some options, notably as the + provider type, can only be specified in the per-user subsections. + </para> <variablelist> <varlistentry> <term>provider (string)</term> <listitem> <para> - This option specifies where should the secrets - be stored. The secrets responder can configure a - per-user subsections that define which provider store - the secrets for this particular user. The per-user - subsections should contain all options for that user's - provider. If a per-user section does not exist, the - global settings from the secret responder's section - are used. The following providers are supported: + This option specifies where should the secrets be + stored. The secrets responder can configure a per-user + subsections (e.g. [secrets/users/123] - see bottom of + this manual page for a full example using Custodia + for a particular user) that define which provider + store the secrets for this particular user. The + per-user subsections should contain all options for + that user's provider. Please note that currently the + global provider is always local, the proxy provider can + only be specified in a per-user section. The following + providers are supported: <variablelist> <varlistentry> <term>local</term>
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org