diff -up sudo-1.8.6p7/plugins/sudoers/sudo_nss.c.duplicatenssfix sudo-1.8.6p7/plugins/sudoers/sudo_nss.c
--- sudo-1.8.6p7/plugins/sudoers/sudo_nss.c.duplicatenssfix 2014-09-29 15:30:35.243303099 +0200
+++ sudo-1.8.6p7/plugins/sudoers/sudo_nss.c 2014-09-29 15:33:13.669439300 +0200
@@ -88,16 +88,16 @@ sudo_read_nss(void)
for ((cp = strtok(cp + 8, " \t")); cp != NULL; (cp = strtok(NULL, " \t"))) {
if (strcasecmp(cp, "files") == 0 && !saw_files) {
tq_append(&snl, &sudo_nss_file);
- got_match = true;
+ got_match = saw_files = true;
#ifdef HAVE_LDAP
} else if (strcasecmp(cp, "ldap") == 0 && !saw_ldap) {
tq_append(&snl, &sudo_nss_ldap);
- got_match = true;
+ got_match = saw_ldap = true;
#endif
#ifdef HAVE_SSSD
} else if (strcasecmp(cp, "sss") == 0 && !saw_sss) {
tq_append(&snl, &sudo_nss_sss);
- got_match = true;
+ got_match = saw_sss = true;
#endif
} else if (strcasecmp(cp, "[NOTFOUND=return]") == 0 && got_match) {
/* NOTFOUND affects the most recent entry */
@@ -171,20 +171,20 @@ sudo_read_nss(void)
if (!saw_files && strncasecmp(cp, "files", 5) == 0 &&
(isspace((unsigned char)cp[5]) || cp[5] == '\0')) {
tq_append(&snl, &sudo_nss_file);
- got_match = true;
+ got_match = saw_files = true;
ep = &cp[5];
#ifdef HAVE_LDAP
} else if (!saw_ldap && strncasecmp(cp, "ldap", 4) == 0 &&
(isspace((unsigned char)cp[4]) || cp[4] == '\0')) {
tq_append(&snl, &sudo_nss_ldap);
- got_match = true;
+ got_match = saw_ldap = true;
ep = &cp[4];
#endif
#ifdef HAVE_SSSD
} else if (!saw_sss && strncasecmp(cp, "sss", 3) == 0 &&
(isspace((unsigned char)cp[3]) || cp[3] == '\0')) {
tq_append(&snl, &sudo_nss_sss);
- got_match = true;
+ got_match = saw_sss = true;
ep = &cp[3];
#endif
} else {