diff options
-rw-r--r-- | src/providers/proxy/proxy.h | 6 | ||||
-rw-r--r-- | src/providers/proxy/proxy_id.c | 14 | ||||
-rw-r--r-- | src/providers/proxy/proxy_init.c | 22 |
3 files changed, 42 insertions, 0 deletions
diff --git a/src/providers/proxy/proxy.h b/src/providers/proxy/proxy.h index eefcce580..e35e91ce3 100644 --- a/src/providers/proxy/proxy.h +++ b/src/providers/proxy/proxy.h @@ -40,6 +40,7 @@ #include "providers/dp_backend.h" #include "db/sysdb.h" #include "proxy.h" +#include "sss_client/nss_compat.h" #include <dhash.h> struct proxy_nss_ops { @@ -64,6 +65,11 @@ struct proxy_nss_ops { long int *start, long int *size, gid_t **groups, long int limit, int *errnop); + enum nss_status (*setnetgrent)(const char *netgroup, + struct __netgrent *result); + enum nss_status (*getnetgrent_r)(struct __netgrent *result, char *buffer, + size_t buflen, int *errnop); + enum nss_status (*endnetgrent)(struct __netgrent *result); }; struct authtok_conv { diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c index 3fe58f3a5..ead6ce080 100644 --- a/src/providers/proxy/proxy_id.c +++ b/src/providers/proxy/proxy_id.c @@ -1138,6 +1138,20 @@ void proxy_get_account_info(struct be_req *breq) ret = get_initgr(breq, ctx, sysdb, domain, ar->filter_value); break; + case BE_REQ_NETGROUP: + if (ar->filter_type != BE_FILTER_NAME) { + return proxy_reply(breq, DP_ERR_FATAL, + EINVAL, "Invalid filter type"); + } + if (ctx->ops.setnetgrent == NULL || ctx->ops.getnetgrent_r == NULL || + ctx->ops.endnetgrent == NULL) { + return proxy_reply(breq, DP_ERR_FATAL, + ENODEV, "Netgroups are not supported"); + } + + return proxy_reply(breq, DP_ERR_FATAL, + ENOSYS, "Netgroups not implemented"); + default: /*fail*/ return proxy_reply(breq, DP_ERR_FATAL, EINVAL, "Invalid request type"); diff --git a/src/providers/proxy/proxy_init.c b/src/providers/proxy/proxy_init.c index 47c9e8111..de1904c79 100644 --- a/src/providers/proxy/proxy_init.c +++ b/src/providers/proxy/proxy_init.c @@ -207,6 +207,28 @@ int sssm_proxy_id_init(struct be_ctx *bectx, "full groups enumeration!\n", libname)); } + ctx->ops.setnetgrent = proxy_dlsym(handle, "_nss_%s_setnetgrent", libname); + if (!ctx->ops.setnetgrent) { + DEBUG(0, ("Failed to load _nss_%s_setnetgrent, error: %s. " + "The library does not support netgroups.\n", libname, + dlerror())); + } + + ctx->ops.getnetgrent_r = proxy_dlsym(handle, "_nss_%s_getnetgrent_r", + libname); + if (!ctx->ops.getgrent_r) { + DEBUG(0, ("Failed to load _nss_%s_getnetgrent_r, error: %s. " + "The library does not support netgroups.\n", libname, + dlerror())); + } + + ctx->ops.endnetgrent = proxy_dlsym(handle, "_nss_%s_endnetgrent", libname); + if (!ctx->ops.endnetgrent) { + DEBUG(0, ("Failed to load _nss_%s_endnetgrent, error: %s. " + "The library does not support netgroups.\n", libname, + dlerror())); + } + *ops = &proxy_id_ops; *pvt_data = ctx; ret = EOK; |