LDAP: Drop privileges after kinit in ldap_child

After ldap_child initializes privileges using root-owned keytab, it drops privileges to the SSSD user, minimizing the amount of code that runs as root. Reviewed-by: Michal Židek <mzidek@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2014-10-19 19:15:52 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2014-11-05 19:55:05 +0100
commit: 936940720b1b0e701a2317abc4c2d05a78338f33 (patch)
tree: b7958988dedffefe1b1aba53b989cb51f1f23746 /Makefile.am
parent: 5eef3da14cb34e4cb6356f0b291c066db946f936 (diff)
download: sssd-936940720b1b0e701a2317abc4c2d05a78338f33.tar.gz
sssd-936940720b1b0e701a2317abc4c2d05a78338f33.tar.xz
sssd-936940720b1b0e701a2317abc4c2d05a78338f33.zip
1 files changed, 3 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am
index 02b087ea3..ea296c40f 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -2517,7 +2517,9 @@ ldap_child_SOURCES = \
     src/util/atomic_io.c \
     src/util/authtok.c \
     src/util/util.c \
-    src/util/signal.c
+    src/util/signal.c \
+    src/util/become_user.c \
+    $(NULL)
 ldap_child_CFLAGS = \
     $(AM_CFLAGS) \
     $(POPT_CFLAGS) \
author	Jakub Hrozek <jhrozek@redhat.com>	2014-10-19 19:15:52 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2014-11-05 19:55:05 +0100
commit	936940720b1b0e701a2317abc4c2d05a78338f33 (patch)
tree	b7958988dedffefe1b1aba53b989cb51f1f23746 /Makefile.am
parent	5eef3da14cb34e4cb6356f0b291c066db946f936 (diff)
download	sssd-936940720b1b0e701a2317abc4c2d05a78338f33.tar.gz sssd-936940720b1b0e701a2317abc4c2d05a78338f33.tar.xz sssd-936940720b1b0e701a2317abc4c2d05a78338f33.zip