dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone

Blame SOURCES/0160-sssctl-show-user-name-used-for-authentication-in-use.patch

bb7cd1
From 6edf41eba3cec8aa40dffaf639cd5c7756db310e Mon Sep 17 00:00:00 2001
bb7cd1
From: Sumit Bose <sbose@redhat.com>
bb7cd1
Date: Wed, 10 May 2017 17:13:48 +0200
bb7cd1
Subject: [PATCH 160/160] sssctl: show user name used for authentication in
bb7cd1
 user-checks
bb7cd1
MIME-Version: 1.0
bb7cd1
Content-Type: text/plain; charset=UTF-8
bb7cd1
Content-Transfer-Encoding: 8bit
bb7cd1
bb7cd1
Since there are cases where the user name is not entered directly but
bb7cd1
determined by other means the user-checks should show the name of the
bb7cd1
user used for authentication.
bb7cd1
bb7cd1
Related to https://pagure.io/SSSD/sssd/issue/3395
bb7cd1
bb7cd1
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
bb7cd1
(cherry picked from commit b130adaa3934d0531aca0f32961ab8b4cc720820)
bb7cd1
---
bb7cd1
 src/tools/sssctl/sssctl_user_checks.c | 11 ++++++++++-
bb7cd1
 1 file changed, 10 insertions(+), 1 deletion(-)
bb7cd1
bb7cd1
diff --git a/src/tools/sssctl/sssctl_user_checks.c b/src/tools/sssctl/sssctl_user_checks.c
bb7cd1
index 7c7b564bd29100382c9bbef7a3131c379e9aa97e..d5cd8a1b42e84aa96df95ed39905c864a38212b7 100644
bb7cd1
--- a/src/tools/sssctl/sssctl_user_checks.c
bb7cd1
+++ b/src/tools/sssctl/sssctl_user_checks.c
bb7cd1
@@ -200,6 +200,8 @@ errno_t sssctl_user_checks(struct sss_cmdline *cmdline,
bb7cd1
     const char *action = DEFAULT_ACTION;
bb7cd1
     const char *service = DEFAULT_SERVICE;
bb7cd1
     int ret;
bb7cd1
+    int pret;
bb7cd1
+    const char *pam_user = NULL;
bb7cd1
     size_t c;
bb7cd1
     char **pam_env;
bb7cd1
 
bb7cd1
@@ -246,7 +248,14 @@ errno_t sssctl_user_checks(struct sss_cmdline *cmdline,
bb7cd1
     if ( strncmp(action, "auth", 4)== 0 ) {
bb7cd1
         fprintf(stdout, _("testing pam_authenticate\n\n"));
bb7cd1
         ret = pam_authenticate(pamh, 0);
bb7cd1
-        fprintf(stderr, _("pam_authenticate: %s\n\n"), pam_strerror(pamh, ret));
bb7cd1
+        pret = pam_get_item(pamh, PAM_USER, (const void **) &pam_user);
bb7cd1
+        if (pret != PAM_SUCCESS) {
bb7cd1
+            fprintf(stderr, _("pam_get_item failed: %s\n"), pam_strerror(pamh,
bb7cd1
+                                                                         pret));
bb7cd1
+            pam_user = "- not available -";
bb7cd1
+        }
bb7cd1
+        fprintf(stderr, _("pam_authenticate for user [%s]: %s\n\n"), pam_user,
bb7cd1
+                                                       pam_strerror(pamh, ret));
bb7cd1
     } else if ( strncmp(action, "chau", 4)== 0 ) {
bb7cd1
         fprintf(stdout, _("testing pam_chauthtok\n\n"));
bb7cd1
         ret = pam_chauthtok(pamh, 0);
bb7cd1
-- 
bb7cd1
2.9.4
bb7cd1