diff options
| author | Lukas Slebodnik <lslebodn@redhat.com> | 2014-11-18 12:02:10 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-12-08 21:47:36 +0100 |
| commit | 5bb0c0596765dd5dd1973b7fc2d1e830bca3e345 (patch) | |
| tree | 124f06f30fb26f624bb19d3522be8d08defb643c | |
| parent | 958037cf32ea156dfdde426a45ac1d972fe46618 (diff) | |
| download | sssd-5bb0c0596765dd5dd1973b7fc2d1e830bca3e345.tar.gz sssd-5bb0c0596765dd5dd1973b7fc2d1e830bca3e345.tar.xz sssd-5bb0c0596765dd5dd1973b7fc2d1e830bca3e345.zip | |
sss_client: Work around glibc bug
glibc is inconsistent with how it treats and returns NSS_STATUS_UNAVAIL.
The sss nss plugin is present in nsswitch by default on some platforms
due to glibc caching and problem with long living applications (e.g. GNOME).
But sssd needn't be configuread and it cause problems in some programs.
In this situation, the SSSD nss plugin should behave as if it was functioning
but had no data even thought sssd is not running. The errors have to be passed
from nss plugin up to the user with minimal moidiffication.
Thanks to Stephen Gallagher for initial patch.
Resolves:
https://fedorahosted.org/sssd/ticket/2439
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/conf_macros.m4 | 13 | ||||
| -rw-r--r-- | src/sss_client/common.c | 10 |
2 files changed, 23 insertions, 0 deletions
diff --git a/src/conf_macros.m4 b/src/conf_macros.m4 index df9d1ddf8..027490e52 100644 --- a/src/conf_macros.m4 +++ b/src/conf_macros.m4 @@ -708,6 +708,19 @@ AC_ARG_ENABLE([dbus-tests], [build_dbus_tests=yes]) AM_CONDITIONAL([BUILD_DBUS_TESTS], [test x$build_dbus_tests = xyes]) +AC_ARG_ENABLE([sss-default-nss-plugin], + [AS_HELP_STRING([--enable-sss-default-nss-plugin], + [This option change standard behaviour of sss nss + plugin. If this option is enabled the sss nss + plugin will behave as it was not in + nsswitch.conf when sssd is not running. + [default=no]])], + [enable_sss_default_nss_plugin=$enableval], + [enable_sss_default_nss_plugin=no]) +AS_IF([test x$enable_sss_default_nss_plugin = xyes], + AC_DEFINE_UNQUOTED([NONSTANDARD_SSS_NSS_BEHAVIOUR], [1], + [whether to build sssd nss plugin with nonstandard glibc behaviour])) + AC_DEFUN([WITH_NFS], [ AC_ARG_WITH([nfsv4-idmapd-plugin], [AC_HELP_STRING([--with-nfsv4-idmapd-plugin], diff --git a/src/sss_client/common.c b/src/sss_client/common.c index ebe783aba..7c4bb7ab8 100644 --- a/src/sss_client/common.c +++ b/src/sss_client/common.c @@ -724,7 +724,12 @@ enum nss_status sss_nss_make_request(enum sss_cli_command cmd, ret = sss_cli_check_socket(errnop, SSS_NSS_SOCKET_NAME); if (ret != SSS_STATUS_SUCCESS) { +#ifdef NONSTANDARD_SSS_NSS_BEHAVIOUR + errno = 0; + return NSS_STATUS_NOTFOUND; +#else return NSS_STATUS_UNAVAIL; +#endif } ret = sss_cli_make_request_nochecks(cmd, rd, repbuf, replen, errnop); @@ -735,7 +740,12 @@ enum nss_status sss_nss_make_request(enum sss_cli_command cmd, return NSS_STATUS_SUCCESS; case SSS_STATUS_UNAVAIL: default: +#ifdef NONSTANDARD_SSS_NSS_BEHAVIOUR + errno = 0; + return NSS_STATUS_NOTFOUND; +#else return NSS_STATUS_UNAVAIL; +#endif } } |