IPA: Handle sssd-owned keytabs when running as root

https://fedorahosted.org/sssd/ticket/2718 This patch handles the case where the keytab is created with sssd:sssd ownership (perhaps by the IPA oddjob script) but SSSD runs as root, which is the default in many distributions. Reviewed-by: Alexander Bokovoy <abokovoy@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2015-07-22 17:20:11 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-07-28 11:34:10 +0200
commit: 6ed964cf2e5a68e92e220f3b9f55029731bcabaa (patch)
tree: af9c1080a9550a3e69874862bf974a0fa84beec9 /src/providers/ipa/ipa_subdomains.h
parent: 6986012562505c85bb5601d70bb256aab178c3ce (diff)
download: sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.tar.gz
sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.tar.xz
sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/src/providers/ipa/ipa_subdomains.h b/src/providers/ipa/ipa_subdomains.h
index 5bc63a173..2302c5f03 100644
--- a/src/providers/ipa/ipa_subdomains.h
+++ b/src/providers/ipa/ipa_subdomains.h
@@ -94,6 +94,9 @@ struct ipa_server_mode_ctx {
 
     struct ipa_ad_server_ctx *trusts;
     struct ipa_ext_groups *ext_groups;
+
+    uid_t kt_owner_uid;
+    uid_t kt_owner_gid;
 };
 
 int ipa_ad_subdom_init(struct be_ctx *be_ctx,
author	Jakub Hrozek <jhrozek@redhat.com>	2015-07-22 17:20:11 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-07-28 11:34:10 +0200
commit	6ed964cf2e5a68e92e220f3b9f55029731bcabaa (patch)
tree	af9c1080a9550a3e69874862bf974a0fa84beec9 /src/providers/ipa/ipa_subdomains.h
parent	6986012562505c85bb5601d70bb256aab178c3ce (diff)
download	sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.tar.gz sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.tar.xz sssd-6ed964cf2e5a68e92e220f3b9f55029731bcabaa.zip