dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Source Code
GIT

Blame SOURCES/0058-nss-parse-user_attributes-option.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s
  1.   905b4de0e68274ed1d28be199df37121524b2919
  2.   SOURCES
  3.   0058-nss-parse-user_attributes-option.patch
Blob History Raw
905b4d 
From 3cae708a6deae902ec961e6eef552eeb632bd3ca Mon Sep 17 00:00:00 2001
905b4d 
From: Sumit Bose <sbose@redhat.com>
905b4d 
Date: Tue, 28 Oct 2014 19:42:47 +0100
905b4d 
Subject: [PATCH 58/64] nss: parse user_attributes option
905b4d
905b4d 
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
905b4d 
---
905b4d 
 src/man/sssd.conf.5.xml    | 26 ++++++++++++++++++++++++++
905b4d 
 src/responder/nss/nsssrv.c | 20 ++++++++++++++++++++
905b4d 
 src/responder/nss/nsssrv.h |  2 ++
905b4d 
 3 files changed, 48 insertions(+)
905b4d
905b4d 
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
905b4d 
index e2cb0b81b61063750995064b6ce83f9615049534..fbaca66724f7023dfa6068c225d6f61af0e662bb 100644
905b4d 
--- a/src/man/sssd.conf.5.xml
905b4d 
+++ b/src/man/sssd.conf.5.xml
905b4d 
@@ -711,6 +711,32 @@ fallback_homedir = /home/%u
905b4d 
                         </para>
905b4d 
                     </listitem>
905b4d 
                 </varlistentry>
905b4d 
+                <varlistentry>
905b4d 
+                    <term>user_attributes (string)</term>
905b4d 
+                    <listitem>
905b4d 
+                        <para>
905b4d 
+                            Some of the additional NSS responder requests can
905b4d 
+                            return more attributes than just the POSIX ones
905b4d 
+                            defined by the NSS interface. The list of attributes
905b4d 
+                            is controlled by this option. It is handle the same
905b4d 
+                            way as the <quote>user_attributes</quote> option of
905b4d 
+                            the InfoPipe responder (see
905b4d 
+                            <citerefentry>
905b4d 
+                                <refentrytitle>sssd-ifp</refentrytitle>
905b4d 
+                                <manvolnum>5</manvolnum>
905b4d 
+                            </citerefentry>
905b4d 
+                            for details) but with no default values.
905b4d 
+                        </para>
905b4d 
+                        <para>
905b4d 
+                            To make configuration more easy the NSS responder
905b4d 
+                            will check the InfoPipe option if it is not set for
905b4d 
+                            the NSS responder.
905b4d 
+                        </para>
905b4d 
+                        <para>
905b4d 
+                            Default: not set, fallback to InfoPipe option
905b4d 
+                        </para>
905b4d 
+                    </listitem>
905b4d 
+                </varlistentry>
905b4d 
             </variablelist>
905b4d 
         </refsect2>
905b4d 
         <refsect2 id='PAM'>
905b4d 
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
905b4d 
index 1bbeaa1534ee3e0db72dda13ff9d01ef7fba6adf..bce06c3e8b56f3b09126f43a194c1cd6a60efb2c 100644
905b4d 
--- a/src/responder/nss/nsssrv.c
905b4d 
+++ b/src/responder/nss/nsssrv.c
905b4d 
@@ -214,6 +214,7 @@ static int nss_get_config(struct nss_ctx *nctx,
905b4d 
                           struct confdb_ctx *cdb)
905b4d 
 {
905b4d 
     int ret;
905b4d 
+    char *tmp_str;
905b4d
905b4d 
     ret = confdb_get_int(cdb, CONFDB_NSS_CONF_ENTRY,
905b4d 
                          CONFDB_NSS_ENUM_CACHE_TIMEOUT, 120,
905b4d 
@@ -298,6 +299,25 @@ static int nss_get_config(struct nss_ctx *nctx,
905b4d 
                             &nctx->homedir_substr);
905b4d 
     if (ret != EOK) goto done;
905b4d
905b4d 
+
905b4d 
+    ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
905b4d 
+                            CONFDB_IFP_USER_ATTR_LIST, NULL, &tmp_str);
905b4d 
+    if (ret != EOK) goto done;
905b4d 
+
905b4d 
+    if (tmp_str == NULL) {
905b4d 
+        ret = confdb_get_string(cdb, nctx, CONFDB_IFP_CONF_ENTRY,
905b4d 
+                                CONFDB_IFP_USER_ATTR_LIST, NULL, &tmp_str);
905b4d 
+        if (ret != EOK) goto done;
905b4d 
+    }
905b4d 
+
905b4d 
+    if (tmp_str != NULL) {
905b4d 
+        nctx->extra_attributes = parse_attr_list_ex(nctx, tmp_str, NULL);
905b4d 
+        if (nctx->extra_attributes == NULL) {
905b4d 
+            ret = ENOMEM;
905b4d 
+            goto done;
905b4d 
+        }
905b4d 
+    }
905b4d 
+
905b4d 
     ret = 0;
905b4d 
 done:
905b4d 
     return ret;
905b4d 
diff --git a/src/responder/nss/nsssrv.h b/src/responder/nss/nsssrv.h
905b4d 
index a5b946b7e4a38d7d8b35ec5df1b6644d01896470..784eba2e0c6b15b106a2323bba1de5523e2937c1 100644
905b4d 
--- a/src/responder/nss/nsssrv.h
905b4d 
+++ b/src/responder/nss/nsssrv.h
905b4d 
@@ -75,6 +75,8 @@ struct nss_ctx {
905b4d
905b4d 
     struct sss_idmap_ctx *idmap_ctx;
905b4d 
     struct sss_names_ctx *global_names;
905b4d 
+
905b4d 
+    const char **extra_attributes;
905b4d 
 };
905b4d
905b4d 
 struct nss_packet;
905b4d 
--
905b4d 
1.9.3
905b4d

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation