summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorLukas Slebodnik <lslebodn@redhat.com>2014-12-01 17:29:49 +0100
committerJakub Hrozek <jhrozek@redhat.com>2014-12-08 10:43:01 +0100
commitb02eda90e9c6d6666af55041b1b12f5ac2f47b73 (patch)
treeffc59184318906efd7bda73075ef8d05af61e7e4
parentbabaca78cc196e7e0dcc3e972347951a081159f2 (diff)
downloadsssd-b02eda90e9c6d6666af55041b1b12f5ac2f47b73.tar.gz
sssd-b02eda90e9c6d6666af55041b1b12f5ac2f47b73.tar.xz
sssd-b02eda90e9c6d6666af55041b1b12f5ac2f47b73.zip
IPA: Do not append domain name to fq name
Usernames from AD subdomains are already in fqdn we should not append domain name in this case. Resolves: https://fedorahosted.org/sssd/ticket/2512 Reviewed-by: Michal Židek <mzidek@redhat.com>
Diffstat
-rw-r--r--src/providers/ipa/ipa_selinux.c21
1 files changed, 17 insertions, 4 deletions
diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c
index 531258dac..c4e70cfcb 100644
--- a/src/providers/ipa/ipa_selinux.c
+++ b/src/providers/ipa/ipa_selinux.c
@@ -812,6 +812,7 @@ selinux_child_setup(TALLOC_CTX *mem_ctx,
char *ptr;
char *username;
char *username_final;
+ char *domain_name = NULL;
TALLOC_CTX *tmp_ctx;
struct selinux_child_input *sci;
@@ -849,10 +850,22 @@ selinux_child_setup(TALLOC_CTX *mem_ctx,
}
if (dom->fqnames) {
- username_final = talloc_asprintf(tmp_ctx, dom->names->fq_fmt,
- username, dom->name);
- if (username_final == NULL) {
- ret = ENOMEM;
+ ret = sss_parse_name(tmp_ctx, dom->names, username, &domain_name,
+ NULL);
+ if (ret == EOK && domain_name != NULL) {
+ /* username is already a fully qualified name */
+ username_final = username;
+ } else if ((ret == EOK && domain_name == NULL)
+ || ret == ERR_REGEX_NOMATCH) {
+ username_final = talloc_asprintf(tmp_ctx, dom->names->fq_fmt,
+ username, dom->name);
+ if (username_final == NULL) {
+ ret = ENOMEM;
+ goto done;
+ }
+ } else {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "sss_parse_name failed: [%d] %s", ret, sss_strerror(ret));
goto done;
}
} else {
generated by cgit (git 2.34.1) at 2024-05-08 02:31:10 +0000