diff options
author | Pavel Reichl <preichl@redhat.com> | 2014-06-04 18:24:08 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-12-08 10:55:47 +0100 |
commit | 958037cf32ea156dfdde426a45ac1d972fe46618 (patch) | |
tree | dc236273a986798d897c04bf140f696c46caec39 | |
parent | 79f128801d598ca57a6acebade01136525a47e00 (diff) | |
download | sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.gz sssd-958037cf32ea156dfdde426a45ac1d972fe46618.tar.xz sssd-958037cf32ea156dfdde426a45ac1d972fe46618.zip |
simple-access-provider: break matching allowed users
Stop matching username with names in simple_allow_users after positive
match.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
-rw-r--r-- | src/providers/simple/simple_access_check.c | 4 |
1 files changed, 3 insertions, 1 deletions
diff --git a/src/providers/simple/simple_access_check.c b/src/providers/simple/simple_access_check.c index d66628719..c8217f6d4 100644 --- a/src/providers/simple/simple_access_check.c +++ b/src/providers/simple/simple_access_check.c @@ -73,9 +73,11 @@ simple_check_users(struct simple_ctx *ctx, const char *username, /* Do not return immediately on explicit allow * We need to make sure none of the user's groups - * are denied. + * are denied. But there's no need to check username + * matches any more. */ *access_granted = true; + break; } } } else if (!ctx->allow_groups) { |