summaryrefslogtreecommitdiffstats
path: root/src/providers/ipa/ipa_s2n_exop.c
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-01-20 18:06:49 +0100
committerJakub Hrozek <jhrozek@redhat.com>2015-01-21 11:33:06 +0100
commit8e650486102cb0c60f54e43acecacffdf3858ada (patch)
tree0dcd87c213bbb381d412c862e29e574e7a1298db /src/providers/ipa/ipa_s2n_exop.c
parentac9d460c61bf3bdb3aed5d96541d7e5baf8d9648 (diff)
downloadsssd-8e650486102cb0c60f54e43acecacffdf3858ada.tar.gz
sssd-8e650486102cb0c60f54e43acecacffdf3858ada.tar.xz
sssd-8e650486102cb0c60f54e43acecacffdf3858ada.zip
Open the PAC socket from krb5_child before dropping root
The PAC responder by default allows only connections from the root user. This patch opens the socket to the PAC responder before the krb5_child drops privileges so the connection seemingly comes from root. https://fedorahosted.org/sssd/ticket/2559 Reviewed-by: Sumit Bose <sbose@redhat.com> (cherry picked from commit 858e750c3d4fe54e50616a1ed1e101469503c070)
Diffstat (limited to 'src/providers/ipa/ipa_s2n_exop.c')
0 files changed, 0 insertions, 0 deletions
generated by cgit (git 2.34.1) at 2024-09-23 23:55:40 +0000