#! /bin/sh

. /etc/control.d/functions-local-policy

CONFIG=/etc/sssd/sssd.conf

new_help disabled 'Disable SSSD users credentials cached in the local LDB cache'
new_help enabled 'Enable SSSD users credentials cached in the local LDB cache'
new_help default 'Disable SSSD users credentials cached in the local LDB cache'

new_subst default \
	'^\s*[#;]?\s*cache_credentials\s*=\s*([Tt][Rr][Uu][Ee]|[Ff][Aa][Ll][Ss][Ee])\s*' \
	's/^\s*[#;]\?\s*\(cache_credentials\)\s*=.*/; \1 = false/'

new_subst enabled \
	'^\s*cache_credentials\s*=\s*[Tt][Rr][Uu][Ee]\s*' \
	's/^\s*[#;]\?\s*\(cache_credentials\)\s*\=.*/\1 = true/'

new_subst disabled \
	'^\s*cache_credentials\s*=\s*[Ff][Aa][Ll][Ss][Ee]\s*' \
	's/^\s*[#;]\?\s*\(cache_credentials\)\s*=.*/\1 = false/'

new_summary 'Determines SSSD user credentials are also cached in the local LDB cache'

check_default_sssd_domain_option "$CONFIG" "$*" "cache_credentials" "false" "enabled disabled default" || exit $?
control_subst_with_file_check "$CONFIG" "$*" "enabled disabled default"

