diff options
| author | Michal Zidek <mzidek@example.com> | 2013-04-11 07:12:47 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-04-12 19:26:54 +0200 |
| commit | ecc95c053abb32c6170f0b069c9ea610357cb9d5 (patch) | |
| tree | fe240fc91840de46a12a0df390bde33a1aa614a1 /src/responder | |
| parent | 9ef2f2a4abba3d10c3aeeba0e99a6f2374f2a5ba (diff) | |
| download | sssd-ecc95c053abb32c6170f0b069c9ea610357cb9d5.tar.gz sssd-ecc95c053abb32c6170f0b069c9ea610357cb9d5.tar.xz sssd-ecc95c053abb32c6170f0b069c9ea610357cb9d5.zip | |
sssd fails with readonly SELinux login files
Do not try to remove SELinux login file if SELinux
support is not available.
https://fedorahosted.org/sssd/ticket/1868
Diffstat (limited to 'src/responder')
| -rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 94de4df5f..a180a8f1d 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -514,6 +514,7 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq) int i, j; size_t order_count; size_t len = 0; + bool selinux_support = false; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -537,6 +538,8 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq) } else if (ret != EOK) { goto done; } + /* Now we know that SELinux support is available */ + selinux_support = true; default_user = ldb_msg_find_attr_as_string(config, SYSDB_SELINUX_DEFAULT_USER, @@ -642,7 +645,7 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq) ret = write_selinux_login_file(pd->user, file_content); done: - if (!file_content) { + if (!file_content && selinux_support) { err = remove_selinux_login_file(pd->user); /* Don't overwrite original error condition if there was one */ if (ret == EOK) ret = err; |