|
 |
bb7cd1 |
From acefbdd65a083b5d9577d9f683ac64e358c2f9c0 Mon Sep 17 00:00:00 2001
|
|
|
bb7cd1 |
From: Sumit Bose <sbose@redhat.com>
|
|
|
bb7cd1 |
Date: Thu, 16 Mar 2017 11:38:20 +0100
|
|
|
bb7cd1 |
Subject: [PATCH 94/96] pam_test_client: add InfoPipe user lookup
|
|
|
bb7cd1 |
MIME-Version: 1.0
|
|
|
bb7cd1 |
Content-Type: text/plain; charset=UTF-8
|
|
|
bb7cd1 |
Content-Transfer-Encoding: 8bit
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
Related to https://pagure.io/SSSD/sssd/issue/3292
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
bb7cd1 |
(cherry picked from commit 9be97c9cc69e5e6e568d7e21f61a46c3ae2dc387)
|
|
|
bb7cd1 |
---
|
|
|
bb7cd1 |
Makefile.am | 1 +
|
|
|
bb7cd1 |
src/sss_client/pam_test_client.c | 71 ++++++++++++++++++++++++++++++++++++++++
|
|
|
bb7cd1 |
2 files changed, 72 insertions(+)
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
diff --git a/Makefile.am b/Makefile.am
|
|
|
bb7cd1 |
index b16a71cc9e07f21d02b4ceb3f41a8e9de0591ec9..c4d252357356c2d5452a414fd360fc5370b2c775 100644
|
|
|
bb7cd1 |
--- a/Makefile.am
|
|
|
bb7cd1 |
+++ b/Makefile.am
|
|
|
bb7cd1 |
@@ -3467,6 +3467,7 @@ pam_test_client_LDADD = \
|
|
|
bb7cd1 |
$(PAM_LIBS) \
|
|
|
bb7cd1 |
$(PAM_MISC_LIBS) \
|
|
|
bb7cd1 |
$(LIBADD_DL) \
|
|
|
bb7cd1 |
+ libsss_simpleifp.la \
|
|
|
bb7cd1 |
$(NULL)
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
if BUILD_AUTOFS
|
|
|
bb7cd1 |
diff --git a/src/sss_client/pam_test_client.c b/src/sss_client/pam_test_client.c
|
|
|
bb7cd1 |
index 69af612270492968b56d1c11de2bf56ebf57471f..40ef3f6d480c0108c985fce7e34e983d145f237e 100644
|
|
|
bb7cd1 |
--- a/src/sss_client/pam_test_client.c
|
|
|
bb7cd1 |
+++ b/src/sss_client/pam_test_client.c
|
|
|
bb7cd1 |
@@ -30,9 +30,12 @@
|
|
|
bb7cd1 |
#include <pwd.h>
|
|
|
bb7cd1 |
#include <nss.h>
|
|
|
bb7cd1 |
#include <errno.h>
|
|
|
bb7cd1 |
+#include <inttypes.h>
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
#include <security/pam_appl.h>
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
+#include "lib/sifp/sss_sifp.h"
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
#ifdef HAVE_SECURITY_PAM_MISC_H
|
|
|
bb7cd1 |
# include <security/pam_misc.h>
|
|
|
bb7cd1 |
#elif defined(HAVE_SECURITY_OPENPAM_H)
|
|
|
bb7cd1 |
@@ -58,6 +61,69 @@ static struct pam_conv conv = {
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
#define DEFAULT_BUFSIZE 4096
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
+static int get_ifp_user(const char *user)
|
|
|
bb7cd1 |
+{
|
|
|
bb7cd1 |
+ sss_sifp_ctx *sifp;
|
|
|
bb7cd1 |
+ sss_sifp_error error;
|
|
|
bb7cd1 |
+ sss_sifp_object *user_obj;
|
|
|
bb7cd1 |
+ const char *tmp_str;
|
|
|
bb7cd1 |
+ uint32_t tmp_uint32;
|
|
|
bb7cd1 |
+ size_t c;
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ struct ifp_user_attr {
|
|
|
bb7cd1 |
+ const char *name;
|
|
|
bb7cd1 |
+ bool is_string;
|
|
|
bb7cd1 |
+ } ifp_user_attr[] = {
|
|
|
bb7cd1 |
+ { "name", true },
|
|
|
bb7cd1 |
+ { "uidNumber", false },
|
|
|
bb7cd1 |
+ { "gidNumber", false },
|
|
|
bb7cd1 |
+ { "gecos", true },
|
|
|
bb7cd1 |
+ { "homeDirectory", true },
|
|
|
bb7cd1 |
+ { "loginShell", true },
|
|
|
bb7cd1 |
+ { NULL, false }
|
|
|
bb7cd1 |
+ };
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ error = sss_sifp_init(&sifp);
|
|
|
bb7cd1 |
+ if (error != SSS_SIFP_OK) {
|
|
|
bb7cd1 |
+ fprintf(stderr, "Unable to connect to the InfoPipe");
|
|
|
bb7cd1 |
+ return EFAULT;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ error = sss_sifp_fetch_user_by_name(sifp, user, &user_obj);
|
|
|
bb7cd1 |
+ if (error != SSS_SIFP_OK) {
|
|
|
bb7cd1 |
+ fprintf(stderr, "Unable to get user object");
|
|
|
bb7cd1 |
+ return EIO;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ fprintf(stdout, "SSSD InfoPipe user lookup result:\n");
|
|
|
bb7cd1 |
+ for (c = 0; ifp_user_attr[c].name != NULL; c++) {
|
|
|
bb7cd1 |
+ if (ifp_user_attr[c].is_string) {
|
|
|
bb7cd1 |
+ error = sss_sifp_find_attr_as_string(user_obj->attrs,
|
|
|
bb7cd1 |
+ ifp_user_attr[c].name,
|
|
|
bb7cd1 |
+ &tmp_str);
|
|
|
bb7cd1 |
+ } else {
|
|
|
bb7cd1 |
+ error = sss_sifp_find_attr_as_uint32(user_obj->attrs,
|
|
|
bb7cd1 |
+ ifp_user_attr[c].name,
|
|
|
bb7cd1 |
+ &tmp_uint32);
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+ if (error != SSS_SIFP_OK) {
|
|
|
bb7cd1 |
+ fprintf(stderr, "Unable to get user name attr");
|
|
|
bb7cd1 |
+ return EIO;
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ if (ifp_user_attr[c].is_string) {
|
|
|
bb7cd1 |
+ fprintf(stdout, " - %s: %s\n", ifp_user_attr[c].name, tmp_str);
|
|
|
bb7cd1 |
+ } else {
|
|
|
bb7cd1 |
+ fprintf(stdout, " - %s: %"PRIu32"\n", ifp_user_attr[c].name,
|
|
|
bb7cd1 |
+ tmp_uint32);
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ sss_sifp_free_object(sifp, &user_obj);
|
|
|
bb7cd1 |
+ sss_sifp_free(&sifp);
|
|
|
bb7cd1 |
+ return 0;
|
|
|
bb7cd1 |
+}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
static int sss_getpwnam_check(const char *user)
|
|
|
bb7cd1 |
{
|
|
|
bb7cd1 |
void *dl_handle = NULL;
|
|
|
bb7cd1 |
@@ -159,6 +225,11 @@ int main(int argc, char *argv[]) {
|
|
|
bb7cd1 |
if (ret != 0) {
|
|
|
bb7cd1 |
fprintf(stderr, "User name lookup with [%s] failed.\n", user);
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
+
|
|
|
bb7cd1 |
+ ret = get_ifp_user(user);
|
|
|
bb7cd1 |
+ if (ret != 0) {
|
|
|
bb7cd1 |
+ fprintf(stderr, "InforPipe User lookup with [%s] failed.\n", user);
|
|
|
bb7cd1 |
+ }
|
|
|
bb7cd1 |
}
|
|
|
bb7cd1 |
|
|
|
bb7cd1 |
ret = pam_start(service, user, &conv, &pamh);
|
|
|
bb7cd1 |
--
|
|
|
bb7cd1 |
2.9.3
|
|
|
bb7cd1 |
|