1SSSD-IFP(5) File Formats and Conventions SSSD-IFP(5)
2
3
4
6 sssd-ifp - SSSD InfoPipe responder
7
9 This manual page describes the configuration of the InfoPipe responder
10 for sssd(8). For a detailed syntax reference, refer to the “FILE
11 FORMAT” section of the sssd.conf(5) manual page.
12
13 The InfoPipe responder provides a public D-Bus interface accessible
14 over the system bus. The interface allows the user to query information
15 about remote users and groups over the system bus.
16
18 These options can be used to configure the InfoPipe responder.
19
20 allowed_uids (string)
21 Specifies the comma-separated list of UID values or user names that
22 are allowed to access the InfoPipe responder. User names are
23 resolved to UIDs at startup.
24
25 Default: 0 (only the root user is allowed to access the InfoPipe
26 responder)
27
28 Please note that although the UID 0 is used as the default it will
29 be overwritten with this option. If you still want to allow the
30 root user to access the InfoPipe responder, which would be the
31 typical case, you have to add 0 to the list of allowed UIDs as
32 well.
33
34 user_attributes (string)
35 Specifies the comma-separated list of white or blacklisted
36 attributes.
37
38 By default, the InfoPipe responder only allows the default set of
39 POSIX attributes to be requested. This set is the same as returned
40 by getpwnam(3) and includes:
41
42 name
43 user's login name
44
45 uidNumber
46 user ID
47
48 gidNumber
49 primary group ID
50
51 gecos
52 user information, typically full name
53
54 homeDirectory
55 home directory
56
57 loginShell
58 user shell
59
60 It is possible to add another attribute to this set by using
61 “+attr_name” or explicitly remove an attribute using “-attr_name”.
62 For example, to allow “telephoneNumber” but deny “loginShell”, you
63 would use the following configuration:
64
65 user_attributes = +telephoneNumber, -loginShell
66
67
68 Default: not set. Only the default set of POSIX attributes is
69 allowed.
70
71 wildcard_limit (integer)
72 Specifies an upper limit on the number of entries that are
73 downloaded during a wildcard lookup that overrides caller-supplied
74 limit.
75
76 Default: 0 (let the caller set an upper limit)
77
79 sssd(8), sssd.conf(5), sssd-ldap(5), sssd-krb5(5), sssd-simple(5),
80 sssd-ipa(5), sssd-ad(5), sssd-files(5), sssd-sudo(5), sssd-session-
81 recording(5), sss_cache(8), sss_debuglevel(8), sss_obfuscate(8),
82 sss_seed(8), sssd_krb5_locator_plugin(8), sss_ssh_authorizedkeys(8),
83 sss_ssh_knownhostsproxy(8), sssd-ifp(5), pam_sss(8). sss_rpcidmapd(5)
84 sssd-systemtap(5)
85
87 The SSSD upstream - https://pagure.io/SSSD/sssd/
88
89
90
91SSSD 10/22/2019 SSSD-IFP(5)