1SSSD-IFP(5)              File Formats and Conventions              SSSD-IFP(5)
2
3
4

NAME

6       sssd-ifp - SSSD InfoPipe responder
7

DESCRIPTION

9       This manual page describes the configuration of the InfoPipe responder
10       for sssd(8). For a detailed syntax reference, refer to the “FILE
11       FORMAT” section of the sssd.conf(5) manual page.
12
13       The InfoPipe responder provides a public D-Bus interface accessible
14       over the system bus. The interface allows the user to query information
15       about remote users and groups over the system bus.
16

CONFIGURATION OPTIONS

18       These options can be used to configure the InfoPipe responder.
19
20       allowed_uids (string)
21           Specifies the comma-separated list of UID values or user names that
22           are allowed to access the InfoPipe responder. User names are
23           resolved to UIDs at startup.
24
25           Default: 0 (only the root user is allowed to access the InfoPipe
26           responder)
27
28           Please note that although the UID 0 is used as the default it will
29           be overwritten with this option. If you still want to allow the
30           root user to access the InfoPipe responder, which would be the
31           typical case, you have to add 0 to the list of allowed UIDs as
32           well.
33
34       user_attributes (string)
35           Specifies the comma-separated list of white or blacklisted
36           attributes.
37
38           By default, the InfoPipe responder only allows the default set of
39           POSIX attributes to be requested. This set is the same as returned
40           by getpwnam(3) and includes:
41
42           name
43               user's login name
44
45           uidNumber
46               user ID
47
48           gidNumber
49               primary group ID
50
51           gecos
52               user information, typically full name
53
54           homeDirectory
55               home directory
56
57           loginShell
58               user shell
59
60           It is possible to add another attribute to this set by using
61           “+attr_name” or explicitly remove an attribute using “-attr_name”.
62           For example, to allow “telephoneNumber” but deny “loginShell”, you
63           would use the following configuration:
64
65               user_attributes = +telephoneNumber, -loginShell
66
67
68           Default: not set. Only the default set of POSIX attributes is
69           allowed.
70
71       wildcard_limit (integer)
72           Specifies an upper limit on the number of entries that are
73           downloaded during a wildcard lookup that overrides caller-supplied
74           limit.
75
76           Default: 0 (let the caller set an upper limit)
77

SEE ALSO

79       sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5),
80       sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd-sudo(5), sssd-session-
81       recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8),
82       sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8),
83       sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8).  sss_rpcidmapd(5)
84       sssd-systemtap(5)
85

AUTHORS

87       The SSSD upstream - https://pagure.io/SSSD/sssd/
88
89
90
91SSSD                              02/26/2020                       SSSD-IFP(5)
Impressum