rpms / sssd

Clone
Source Code
GIT

Blame SOURCES/0005-ipa-store-sudo-runas-attribute-with-internal-fqname.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-beta c8 c8-beta c8s c9 c9-beta
  1.   5fca4124cf194844d9d92365a84b34dfee0a32ca
  2.   SOURCES
  3.   0005-ipa-store-sudo-runas-attribute-with-internal-fqname.patch
Blob History Raw
5fca41 
From 5ad7f5e817b2bd8ca0f49b1001f4fb987de32c08 Mon Sep 17 00:00:00 2001
5fca41 
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
5fca41 
Date: Wed, 27 Feb 2019 14:04:54 +0100
5fca41 
Subject: [PATCH 5/6] ipa: store sudo runas attribute with internal fqname
5fca41
5fca41 
We need to be able to differentiate between external users and IPA user.
5fca41
5fca41 
Resolves:
5fca41 
https://pagure.io/SSSD/sssd/issue/3957
5fca41
5fca41 
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
5fca41 
(cherry picked from commit d411febc98da36eb961b9251c1674af802151786)
5fca41 
---
5fca41 
 src/providers/ipa/ipa_sudo_conversion.c | 25 +++++++++++++++++++++++--
5fca41 
 1 file changed, 23 insertions(+), 2 deletions(-)
5fca41
5fca41 
diff --git a/src/providers/ipa/ipa_sudo_conversion.c b/src/providers/ipa/ipa_sudo_conversion.c
5fca41 
index bfa66b2c6..9586e6a2a 100644
5fca41 
--- a/src/providers/ipa/ipa_sudo_conversion.c
5fca41 
+++ b/src/providers/ipa/ipa_sudo_conversion.c
5fca41 
@@ -908,6 +908,27 @@ convert_group(TALLOC_CTX *mem_ctx,
5fca41 
     return rdn;
5fca41 
 }
5fca41
5fca41 
+static const char *
5fca41 
+convert_group_fqdn(TALLOC_CTX *mem_ctx,
5fca41 
+                   struct ipa_sudo_conv *conv,
5fca41 
+                   const char *value,
5fca41 
+                   bool *skip_entry)
5fca41 
+{
5fca41 
+    const char *shortname = NULL;
5fca41 
+    char *fqdn = NULL;
5fca41 
+
5fca41 
+    *skip_entry = false;
5fca41 
+
5fca41 
+    shortname = convert_group(mem_ctx, conv, value, skip_entry);
5fca41 
+    if (shortname == NULL) {
5fca41 
+        return NULL;
5fca41 
+    }
5fca41 
+
5fca41 
+    fqdn = sss_create_internal_fqname(mem_ctx, shortname, conv->dom->name);
5fca41 
+    talloc_free(discard_const(shortname));
5fca41 
+    return fqdn;
5fca41 
+}
5fca41 
+
5fca41 
 static const char *
5fca41 
 convert_runasextusergroup(TALLOC_CTX *mem_ctx,
5fca41 
                           struct ipa_sudo_conv *conv,
5fca41 
@@ -954,8 +975,8 @@ convert_attributes(struct ipa_sudo_conv *conv,
5fca41 
     } table[] = {{SYSDB_NAME,                            SYSDB_SUDO_CACHE_AT_CN         , NULL},
5fca41 
                  {SYSDB_IPA_SUDORULE_HOST,               SYSDB_SUDO_CACHE_AT_HOST       , convert_host},
5fca41 
                  {SYSDB_IPA_SUDORULE_USER,               SYSDB_SUDO_CACHE_AT_USER       , convert_user_fqdn},
5fca41 
-                 {SYSDB_IPA_SUDORULE_RUNASUSER,          SYSDB_SUDO_CACHE_AT_RUNASUSER  , convert_user},
5fca41 
-                 {SYSDB_IPA_SUDORULE_RUNASGROUP,         SYSDB_SUDO_CACHE_AT_RUNASGROUP , convert_group},
5fca41 
+                 {SYSDB_IPA_SUDORULE_RUNASUSER,          SYSDB_SUDO_CACHE_AT_RUNASUSER  , convert_user_fqdn},
5fca41 
+                 {SYSDB_IPA_SUDORULE_RUNASGROUP,         SYSDB_SUDO_CACHE_AT_RUNASGROUP , convert_group_fqdn},
5fca41 
                  {SYSDB_IPA_SUDORULE_OPTION,             SYSDB_SUDO_CACHE_AT_OPTION     , NULL},
5fca41 
                  {SYSDB_IPA_SUDORULE_NOTAFTER,           SYSDB_SUDO_CACHE_AT_NOTAFTER   , NULL},
5fca41 
                  {SYSDB_IPA_SUDORULE_NOTBEFORE,          SYSDB_SUDO_CACHE_AT_NOTBEFORE  , NULL},
5fca41 
--
5fca41 
2.19.1
5fca41

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation