diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2012-12-13 12:08:20 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2012-12-13 20:48:17 +0100 |
| commit | 50cf9f4a3029ec0924a28f8026298c8810546550 (patch) | |
| tree | fbd063e4b4aed4c0b95501eab4cdacf2038f81ed /src/db | |
| parent | f7dd07f96008f012d8a0c8e42d23f521a2639ea1 (diff) | |
| download | sssd-50cf9f4a3029ec0924a28f8026298c8810546550.tar.gz sssd-50cf9f4a3029ec0924a28f8026298c8810546550.tar.xz sssd-50cf9f4a3029ec0924a28f8026298c8810546550.zip | |
sudo: include primary group in user group list
https://fedorahosted.org/sssd/ticket/1677
Diffstat (limited to 'src/db')
| -rw-r--r-- | src/db/sysdb_sudo.c | 42 |
1 files changed, 41 insertions, 1 deletions
diff --git a/src/db/sysdb_sudo.c b/src/db/sysdb_sudo.c index 9e849ddb0..c1845f9be 100644 --- a/src/db/sysdb_sudo.c +++ b/src/db/sysdb_sudo.c @@ -291,13 +291,20 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx, const char *username, TALLOC_CTX *tmp_ctx; errno_t ret; struct ldb_message *msg; + struct ldb_message *group_msg = NULL; char **sysdb_groupnames = NULL; + const char *primary_group = NULL; struct ldb_message_element *groups; uid_t uid = 0; + gid_t gid = 0; + size_t num_groups = 0; int i; const char *attrs[] = { SYSDB_MEMBEROF, + SYSDB_GIDNUM, SYSDB_UIDNUM, NULL }; + const char *group_attrs[] = { SYSDB_NAME, + NULL }; tmp_ctx = talloc_new(NULL); NULL_CHECK(tmp_ctx, ret, done); @@ -318,13 +325,16 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx, const char *username, } } + /* resolve secondary groups */ if (groupnames != NULL) { groups = ldb_msg_find_element(msg, SYSDB_MEMBEROF); if (!groups || groups->num_values == 0) { /* No groups for this user in sysdb currently */ sysdb_groupnames = NULL; + num_groups = 0; } else { - sysdb_groupnames = talloc_array(tmp_ctx, char *, groups->num_values+1); + num_groups = groups->num_values; + sysdb_groupnames = talloc_array(tmp_ctx, char *, num_groups + 1); NULL_CHECK(sysdb_groupnames, ret, done); /* Get a list of the groups by groupname only */ @@ -342,6 +352,36 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx, const char *username, } } + /* resolve primary group */ + gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GIDNUM, 0); + if (gid != 0) { + ret = sysdb_search_group_by_gid(tmp_ctx, sysdb, gid, + group_attrs, &group_msg); + if (ret == EOK) { + primary_group = ldb_msg_find_attr_as_string(group_msg, SYSDB_NAME, + NULL); + if (primary_group == NULL) { + ret = ENOMEM; + goto done; + } + + num_groups++; + sysdb_groupnames = talloc_realloc(tmp_ctx, sysdb_groupnames, + char *, num_groups + 1); + NULL_CHECK(sysdb_groupnames, ret, done); + + sysdb_groupnames[num_groups - 1] = talloc_strdup(sysdb_groupnames, + primary_group); + NULL_CHECK(sysdb_groupnames[num_groups - 1], ret, done); + + sysdb_groupnames[num_groups] = NULL; + } else if (ret != ENOENT) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Error looking up group [%d]: %s\n", + ret, strerror(ret))); + goto done; + } + } + ret = EOK; if (_uid != NULL) { |