diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2014-07-14 14:23:50 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-07-15 16:45:05 +0200 |
| commit | 7c30e60c525ea798aaab142766ff00eef4b5df3b (patch) | |
| tree | bcdc35e2f57f49c416dca6d14400e333dd95a7a8 /src/responder/sudo | |
| parent | b3f56d9e4bd065590383eb1f812a3b77e3c56f24 (diff) | |
| download | sssd-7c30e60c525ea798aaab142766ff00eef4b5df3b.tar.gz sssd-7c30e60c525ea798aaab142766ff00eef4b5df3b.tar.xz sssd-7c30e60c525ea798aaab142766ff00eef4b5df3b.zip | |
sudo: fetch sudoRunAs attribute
This attribute was used in pre 1.7 versions of sudo and it is now
deprecated by sudoRunAsUser and sudoRunAsGroup. However, some users
still use this attribute so we need to support it to ensure backward
compatibility.
This patch makes sure that this attribute is downloaded if present and
provided to sudo. Sudo than decides how to handle it.
The new mapping option is not present in a man page since this
attribute is deprecated in sudo for a very long time.
Resolves:
https://fedorahosted.org/sssd/ticket/2212
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/responder/sudo')
| -rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index 9d8ef5d2a..4b35a1aed 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -537,6 +537,7 @@ static errno_t sudosrv_get_sudorules_from_cache(TALLOC_CTX *mem_ctx, SYSDB_SUDO_CACHE_AT_HOST, SYSDB_SUDO_CACHE_AT_COMMAND, SYSDB_SUDO_CACHE_AT_OPTION, + SYSDB_SUDO_CACHE_AT_RUNAS, SYSDB_SUDO_CACHE_AT_RUNASUSER, SYSDB_SUDO_CACHE_AT_RUNASGROUP, SYSDB_SUDO_CACHE_AT_NOTBEFORE, |