authorized services

This commit is contained in:
Roland Gruber 2011-08-21 17:43:41 +00:00
parent 0f39ef3ba7
commit 7e8b4679cd
3 changed files with 47 additions and 1 deletions

View File

@ -1854,6 +1854,34 @@ Have fun!
</screenshot>
</section>
<section>
<title>Authorized services</title>
<para>You can setup PAM to check if a user is allowed to run a
specific service (e.g. sshd) by reading the LDAP attribute
"authorizedService". This way you can manage all allowed services via
LAM.</para>
<para></para>
<para>To activate this PAM feature please setup your <emphasis
role="bold">/etc/libnss-ldap.conf</emphasis> and set
"pam_check_service_attr" to "yes".</para>
<para></para>
<para>Inside LAM you can now set the allowed services. You may also
setup default services in your account profiles.</para>
<screenshot>
<mediaobject>
<imageobject>
<imagedata fileref="images/mod_authorizedServices.png" />
</imageobject>
</mediaobject>
</screenshot>
</section>
<section>
<title>IMAP mailboxes</title>
@ -3714,6 +3742,24 @@ Have fun!
Pro.</entry>
</row>
<row>
<entry><inlinemediaobject>
<imageobject>
<imagedata fileref="images/schema_authorizedServices.png" />
</imageobject>
</inlinemediaobject></entry>
<entry>Authorized services</entry>
<entry>authorizedServiceObject</entry>
<entry>ldapns.schema</entry>
<entry>Part of libpam-ldap installation</entry>
<entry></entry>
</row>
<row>
<entry><inlinemediaobject>
<imageobject>

Binary file not shown.

After

Width:  |  Height:  |  Size: 31 KiB

Binary file not shown.

After

Width:  |  Height:  |  Size: 3.4 KiB