diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-11 23:39:49 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-08-30 11:31:31 +0200 |
commit | 2a5d1df12b6011c71794b7dceb0d969340532a77 (patch) | |
tree | aa204f69ea8b623ef93396d7632416427acd2965 | |
parent | cc0a816d8a345398d900bc006e73d10049f0c38a (diff) | |
download | sssd-2a5d1df12b6011c71794b7dceb0d969340532a77.tar.gz sssd-2a5d1df12b6011c71794b7dceb0d969340532a77.tar.xz sssd-2a5d1df12b6011c71794b7dceb0d969340532a77.zip |
Make IPA SELinux provider aware of subdomain userssssd-1.9.2-122.el6
Fixes https://fedorahosted.org/sssd/ticket/1892
-rw-r--r-- | src/providers/ipa/ipa_selinux.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c index d1dbe5765..13679281d 100644 --- a/src/providers/ipa/ipa_selinux.c +++ b/src/providers/ipa/ipa_selinux.c @@ -36,6 +36,7 @@ #include "providers/ipa/ipa_access.h" #include "providers/ipa/ipa_selinux_common.h" #include "providers/ipa/ipa_selinux_maps.h" +#include "providers/krb5/krb5_utils.h" static struct tevent_req * ipa_get_selinux_send(struct be_req *breq, @@ -84,6 +85,8 @@ void ipa_selinux_handler(struct be_req *be_req) struct tevent_req *req; struct pam_data *pd; const char *hostname; + int ret; + struct sss_domain_info *dom; pd = talloc_get_type(be_req->req_data, struct pam_data); @@ -98,7 +101,13 @@ void ipa_selinux_handler(struct be_req *be_req) goto fail; } - op_ctx = ipa_selinux_create_op_ctx(be_req, be_req->sysdb, be_req, + ret = get_domain_or_subdomain(be_req, be_req->be_ctx, pd->domain, &dom); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("get_domain_or_subdomain failed.\n")); + goto fail; + } + + op_ctx = ipa_selinux_create_op_ctx(be_req, dom->sysdb, be_req, pd->user, hostname); if (op_ctx == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot create op context\n")); |