From f219254d793c259a8eef6f272ff8d3fd8f349e7a Mon Sep 17 00:00:00 2001
From: Joe Rafaniello <jrafanie@gmail.com>
Date: Fri, 22 Sep 2023 17:17:57 -0400
Subject: [PATCH] Add manageiq user to allowed_uids for sssd

When we moved to using a manageiq user, we need to add this user so it has permission in sssd.conf.

See also https://github.com/ManageIQ/manageiq-documentation/pull/1743
---
 .../external_httpd_configuration.rb                             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/lib/manageiq/appliance_console/external_httpd_authentication/external_httpd_configuration.rb b/lib/manageiq/appliance_console/external_httpd_authentication/external_httpd_configuration.rb
index 8131d629c..477b6cc5f 100644
--- a/lib/manageiq/appliance_console/external_httpd_authentication/external_httpd_configuration.rb
+++ b/lib/manageiq/appliance_console/external_httpd_authentication/external_httpd_configuration.rb
@@ -124,7 +124,7 @@ def configure_sssd_service(config)
       def configure_sssd_ifp(config)
         user_attributes = LDAP_ATTRS.keys.collect { |k| "+#{k}" }.join(", ")
         ifp_config      = "
-  allowed_uids = #{APACHE_USER}, root
+  allowed_uids = #{APACHE_USER}, root, manageiq
   user_attributes = #{user_attributes}
 "
         if config.include?("[ifp]")