LDAP groups and roles mapping
Alexander A. Filippov
a.filippov at yadro.com
Thu Feb 10 21:24:02 AEDT 2022
On Mon, Jan 10, 2022 at 05:12:46PM +0300, Alexander A. Filippov wrote:
> Our customers want LDAP groups and roles mapping working not only by primary
> group, but also by the membership in one of these groups.
> And this requirement seems to me reasonable.
>
> As I can see in the code of phosphor-user-manager it can be easily solved by
> searching the user name in the group members list that already received by the
> `getgrnam` function. But I have doubts - wasn't this restriction done
> intentionally?
>
I've pushed the fix for phosphor-user-manager that fixes the role determination
using the groups membership.
https://gerrit.openbmc-project.xyz/c/openbmc/phosphor-user-manager/+/51114
--
Alexander
More information about the openbmc
mailing list