diff options
author | John Hodrien <J.H.Hodrien@leeds.ac.uk> | 2011-07-29 10:04:05 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-08 10:29:19 -0400 |
commit | be82c8f75f195e8415d0afd29265504068792d39 (patch) | |
tree | 67e8914c91480fb1319b405ded8cb0225bcd8649 /src/responder/nss/nsssrv.c | |
parent | b0c10eb7a9aff9063af106cc704ca1260f4024ac (diff) | |
download | sssd-be82c8f75f195e8415d0afd29265504068792d39.tar.gz sssd-be82c8f75f195e8415d0afd29265504068792d39.tar.xz sssd-be82c8f75f195e8415d0afd29265504068792d39.zip |
Add vetoed_shells optionsssd-1.5.1-47.el6
There may be users in LDAP that have a valid but unwelcome shell
set in their account. This adds a blacklist of shells that should
always be replaced by the fallback_shell.
Signed-off-by: Stephen Gallagher <sgallagh@redhat.com>
Prevent segfault if vetoed_shells are specified without allowed_shells
https://fedorahosted.org/sssd/ticket/954
Diffstat (limited to 'src/responder/nss/nsssrv.c')
-rw-r--r-- | src/responder/nss/nsssrv.c | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index dde2e95ef..cb0acfe13 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -188,6 +188,10 @@ static int nss_get_config(struct nss_ctx *nctx, &nctx->allowed_shells); if (ret != EOK && ret != ENOENT) goto done; + ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY, + CONFDB_NSS_VETOED_SHELL, + &nctx->vetoed_shells); + if (ret != EOK && ret != ENOENT) goto done; ret = nss_get_etc_shells(nctx, &nctx->etc_shells); if (ret != EOK) goto done; |