[SSSD] [sssd PR#295][synchronized] MAN: Document that the secrets provider can only be specified in a per-client section

[jhrozek]

   URL: https://github.com/SSSD/sssd/pull/295
Author: jhrozek
 Title: #295: MAN: Document that the secrets provider can only be specified in 
a per-client section
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/295/head:pr295
git checkout pr295

From 34edb2428a95441e0402911431436362d0963bd6 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Thu, 1 Jun 2017 10:04:21 +0200
Subject: [PATCH] MAN: Document that the secrets provider can only be specified
 in a per-client section

Resolves:
    https://pagure.io/SSSD/sssd/issue/3417
---
 src/man/sssd-secrets.5.xml | 25 +++++++++++++++++--------
 1 file changed, 17 insertions(+), 8 deletions(-)

diff --git a/src/man/sssd-secrets.5.xml b/src/man/sssd-secrets.5.xml
index d43dcf21c..a41e67fd6 100644
--- a/src/man/sssd-secrets.5.xml
+++ b/src/man/sssd-secrets.5.xml
@@ -128,19 +128,28 @@ systemctl enable sssd-secrets.service
             </citerefentry> manual page for a complete list. In addition,
             there are some secrets-specific options as well.
         </para>
+        <para>
+            The secrets responder is configured with a global [secrets]
+            section and an optional per-user [secrets/users/$uid] section
+            in sssd.conf. Please note that some options, notably as the
+            provider type, can only be specified in the per-user subsections.
+        </para>
         <variablelist>
             <varlistentry>
                 <term>provider (string)</term>
                 <listitem>
                 <para>
-                    This option specifies where should the secrets
-                    be stored. The secrets responder can configure a
-                    per-user subsections that define which provider store
-                    the secrets for this particular user. The per-user
-                    subsections should contain all options for that user's
-                    provider. If a per-user section does not exist, the
-                    global settings from the secret responder's section
-                    are used.  The following providers are supported:
+                    This option specifies where should the secrets be
+                    stored. The secrets responder can configure a per-user
+                    subsections (e.g. [secrets/users/123] - see bottom of
+                    this manual page for a full example using Custodia
+                    for a particular user) that define which provider
+                    store the secrets for this particular user. The
+                    per-user subsections should contain all options for
+                    that user's provider. Please note that currently the
+                    global provider is always local, the proxy provider can
+                    only be specified in a per-user section. The following
+                    providers are supported:
                     <variablelist>
                         <varlistentry>
                             <term>local</term>

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org