diff options
Diffstat (limited to 'sys-auth/sssd/files/sssd-2.9.1-sssct-allow-cert-show-and-cert-eval-rule-as-non-root.patch')
-rw-r--r-- | sys-auth/sssd/files/sssd-2.9.1-sssct-allow-cert-show-and-cert-eval-rule-as-non-root.patch | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/sys-auth/sssd/files/sssd-2.9.1-sssct-allow-cert-show-and-cert-eval-rule-as-non-root.patch b/sys-auth/sssd/files/sssd-2.9.1-sssct-allow-cert-show-and-cert-eval-rule-as-non-root.patch new file mode 100644 index 000000000000..3a724363382b --- /dev/null +++ b/sys-auth/sssd/files/sssd-2.9.1-sssct-allow-cert-show-and-cert-eval-rule-as-non-root.patch @@ -0,0 +1,39 @@ +From 15d7d34b20219e2fd45c43881088f5d542e9603e Mon Sep 17 00:00:00 2001 +From: Sumit Bose <sbose@redhat.com> +Date: Tue, 4 Jul 2023 18:56:35 +0200 +Subject: [PATCH 2/3] sssct: allow cert-show and cert-eval-rule as non-root +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The cert-show and cert-eval-rule sub-commands do not need root access and +do not require SSSD to be configured on the host. + +Resolves: https://github.com/SSSD/sssd/issues/6802 + +Reviewed-by: Alejandro López <allopez@redhat.com> +Reviewed-by: Alexey Tikhonov <atikhono@redhat.com> +(cherry picked from commit 8466f0e4d0c6cd2b98d2789970847b9adc01d7d4) +--- + src/tools/sssctl/sssctl.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/tools/sssctl/sssctl.c b/src/tools/sssctl/sssctl.c +index 855260aed..04c41aa9a 100644 +--- a/src/tools/sssctl/sssctl.c ++++ b/src/tools/sssctl/sssctl.c +@@ -340,9 +340,9 @@ int main(int argc, const char **argv) + SSS_TOOL_COMMAND_FLAGS("config-check", "Perform static analysis of SSSD configuration", 0, sssctl_config_check, SSS_TOOL_FLAG_SKIP_CMD_INIT), + #endif + SSS_TOOL_DELIMITER("Certificate related tools:"), +- SSS_TOOL_COMMAND("cert-show", "Print information about the certificate", 0, sssctl_cert_show), ++ SSS_TOOL_COMMAND_FLAGS("cert-show", "Print information about the certificate", 0, sssctl_cert_show, SSS_TOOL_FLAG_SKIP_CMD_INIT|SSS_TOOL_FLAG_SKIP_ROOT_CHECK), + SSS_TOOL_COMMAND("cert-map", "Show users mapped to the certificate", 0, sssctl_cert_map), +- SSS_TOOL_COMMAND("cert-eval-rule", "Check mapping and matching rule with a certificate", 0, sssctl_cert_eval_rule), ++ SSS_TOOL_COMMAND_FLAGS("cert-eval-rule", "Check mapping and matching rule with a certificate", 0, sssctl_cert_eval_rule, SSS_TOOL_FLAG_SKIP_CMD_INIT|SSS_TOOL_FLAG_SKIP_ROOT_CHECK), + #ifdef BUILD_PASSKEY + SSS_TOOL_DELIMITER("Passkey related tools:"), + SSS_TOOL_COMMAND_FLAGS("passkey-register", "Perform passkey registration", 0, sssctl_passkey_register, SSS_TOOL_FLAG_SKIP_CMD_INIT|SSS_TOOL_FLAG_SKIP_ROOT_CHECK), +-- +2.38.1 + |