Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-25593

[REF] Improve sssd-simple man page description

XMLWordPrintable

    • Icon: Story Story
    • Resolution: Unresolved
    • Icon: Undefined Undefined
    • None
    • None
    • sssd
    • None
    • rhel-sst-idm-sssd
    • ssg_idm
    • None
    • False
    • Hide

      None

      Show
      None
    • None
    • None
    • None
    • None
    • None

      Description in man page "man sssd-simple" is not clear when two allow lists are defined.

      The simple access provider grants or denies access based on an access or deny list of user or group names. The following rules apply:

       - If either or both "allow" lists are provided, all users are denied unless they appear in the list.

      It is not very clear whether user can be granted access when in either list (simple_allow_users OR simple_allow_groups), or must be in both lists (simple_allow_users AND simple_allow_groups).

      Recommend to consider:

      • If either or both "allow" lists are provided, all users are denied unless they appear in any of the list.
      • If either or both "allow" lists are provided, all users are denied unless they appear in all of the lists.

      Impacted version:

      rpm -qa | grep sssd-common

      sssd-common-2.9.1-4.el9_3.5.x86_64

              aboscatt@redhat.com Andre Boscatto
              rhn-support-suwu Sunny Wu
              SSSD Maintainers SSSD Maintainers
              SSSD QE SSSD QE
              Louise McGarry Louise McGarry
              Votes:
              0 Vote for this issue
              Watchers:
              12 Start watching this issue

                Created:
                Updated: