diff options
| author | Dave Olson <olson@cumulusnetworks.com> | 2018-02-26 09:52:09 -0800 |
|---|---|---|
| committer | Dave Olson <olson@cumulusnetworks.com> | 2018-02-26 10:33:41 -0800 |
| commit | a8b91db168be36606391eb0b96af0ee4aaa6812f (patch) | |
| tree | 487107efe6069f172c7e4454b6bc2335416f4326 /nss_mapuser.5 | |
| parent | 1871475c4a3101aa8136362923f0d3ecdc7bb171 (diff) | |
| download | libnss-mapuser-a8b91db168be36606391eb0b96af0ee4aaa6812f.tar.gz libnss-mapuser-a8b91db168be36606391eb0b96af0ee4aaa6812f.zip | |
Fixed exclude_users to work, added more users, alway skip tacacs[0-9]*
Ticket: CM-19886
Reviewed By: nobody
Testing Done:
Somehow exclude_users wasn't implemented (or got deleted somewhere
along the line).
Make list match tacplus_client, except exclude our own mapped users
by matching config items, and also skip any user starting with
tacacs[0-9] inline instead of listing all 16 in exclude_users field
in config file.
Implemened for mapped_priv_user too, since that work is ongoing.
Listed change in debian/changelog
If debug is set to 2 or higher, print that the name lookup was skipped
due to exclusion.
Diffstat (limited to 'nss_mapuser.5')
| -rw-r--r-- | nss_mapuser.5 | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/nss_mapuser.5 b/nss_mapuser.5 index 2bbabad..3e17aec 100644 --- a/nss_mapuser.5 +++ b/nss_mapuser.5 @@ -18,7 +18,13 @@ Output lookup debugging information via syslog(3). Usernames (accounts) comma separate list. This is used by mapname NSS plugin getpwuid() entry point. The account to be looked up is checked against this list. If a match is found, an immediate NOTFOUND status is returned. This reduces overhead for the standard -local user accounts. +local user accounts. The +.I mapped_user +and +.I mapped_priv_user +fields from the +configuration file are always skipped, as are any names starting with +.BR tacacs[0-9] . .TP .I mapped_user=NAME This is the local account which mapping uses as a template. It must be a local |