|
 |
6cf099 |
From ea4b1387c604093036559a1bfc0368c70d73fc4f Mon Sep 17 00:00:00 2001
|
|
|
6cf099 |
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
|
6cf099 |
Date: Sun, 11 Oct 2015 17:53:28 +0200
|
|
|
6cf099 |
Subject: [PATCH 104/104] sudo: send original name and id with local views if
|
|
|
6cf099 |
possible
|
|
|
6cf099 |
|
|
|
6cf099 |
Resolves:
|
|
|
6cf099 |
https://fedorahosted.org/sssd/ticket/2833
|
|
|
6cf099 |
|
|
|
6cf099 |
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
6cf099 |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
6cf099 |
(cherry picked from commit fb8985a3a3a267940760967beaf8af3979ce91ea)
|
|
|
6cf099 |
---
|
|
|
6cf099 |
src/responder/sudo/sudosrv_get_sudorules.c | 18 +++++++++++++-----
|
|
|
6cf099 |
1 file changed, 13 insertions(+), 5 deletions(-)
|
|
|
6cf099 |
|
|
|
6cf099 |
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
|
|
|
6cf099 |
index cc06977d97e3319584251bdab26e85855d275e8a..c3336960eeac18ee63167de81891984aa764540c 100644
|
|
|
6cf099 |
--- a/src/responder/sudo/sudosrv_get_sudorules.c
|
|
|
6cf099 |
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
|
|
|
6cf099 |
@@ -79,6 +79,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
|
|
|
6cf099 |
struct dp_callback_ctx *cb_ctx;
|
|
|
6cf099 |
const char *original_name = NULL;
|
|
|
6cf099 |
const char *extra_flag = NULL;
|
|
|
6cf099 |
+ const char *search_name = NULL;
|
|
|
6cf099 |
char *name = NULL;
|
|
|
6cf099 |
uid_t uid = 0;
|
|
|
6cf099 |
errno_t ret;
|
|
|
6cf099 |
@@ -160,16 +161,23 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
|
|
|
6cf099 |
if ((user->count == 0 || cache_expire < time(NULL))
|
|
|
6cf099 |
&& dctx->check_provider) {
|
|
|
6cf099 |
|
|
|
6cf099 |
- if (DOM_HAS_VIEWS(dom) && (user->count == 0
|
|
|
6cf099 |
- || ldb_msg_find_attr_as_string(user->msgs[0],
|
|
|
6cf099 |
- OVERRIDE_PREFIX SYSDB_NAME,
|
|
|
6cf099 |
- NULL) != NULL)) {
|
|
|
6cf099 |
+ search_name = cmd_ctx->username;
|
|
|
6cf099 |
+ if (is_local_view(dom->view_name)) {
|
|
|
6cf099 |
+ /* Search with original name in case of local view. */
|
|
|
6cf099 |
+ if (user->count != 0) {
|
|
|
6cf099 |
+ search_name = ldb_msg_find_attr_as_string(user->msgs[0],
|
|
|
6cf099 |
+ SYSDB_NAME, NULL);
|
|
|
6cf099 |
+ }
|
|
|
6cf099 |
+ } else if (DOM_HAS_VIEWS(dom) && (user->count == 0
|
|
|
6cf099 |
+ || ldb_msg_find_attr_as_string(user->msgs[0],
|
|
|
6cf099 |
+ OVERRIDE_PREFIX SYSDB_NAME,
|
|
|
6cf099 |
+ NULL) != NULL)) {
|
|
|
6cf099 |
extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;
|
|
|
6cf099 |
}
|
|
|
6cf099 |
|
|
|
6cf099 |
dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx,
|
|
|
6cf099 |
dom, false, SSS_DP_INITGROUPS,
|
|
|
6cf099 |
- cmd_ctx->username, 0, extra_flag);
|
|
|
6cf099 |
+ search_name, 0, extra_flag);
|
|
|
6cf099 |
if (!dpreq) {
|
|
|
6cf099 |
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
6cf099 |
"Out of memory sending data provider request\n");
|
|
|
6cf099 |
--
|
|
|
6cf099 |
2.4.3
|
|
|
6cf099 |
|