diff options
-rw-r--r-- | src/confdb/confdb.h | 1 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 14 | ||||
-rw-r--r-- | src/python/pysss.c | 6 | ||||
-rw-r--r-- | src/tools/sss_userdel.c | 6 | ||||
-rw-r--r-- | src/tools/tools_util.c | 75 | ||||
-rw-r--r-- | src/tools/tools_util.h | 2 |
6 files changed, 104 insertions, 0 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 452fbdc9a..0e0a1b10e 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -111,6 +111,7 @@ #define CONFDB_LOCAL_UMASK "homedir_umask" #define CONFDB_LOCAL_SKEL_DIR "skel_dir" #define CONFDB_LOCAL_MAIL_DIR "mail_dir" +#define CONFDB_LOCAL_USERDEL_CMD "userdel_cmd" /* Proxy Provider */ #define CONFDB_PROXY_LIBNAME "proxy_lib_name" diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index daf61afc4..93bc21905 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -784,6 +784,20 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>userdel_cmd (string)</term> + <listitem> + <para> + The command that is run after a user is removed. + The command us passed the username of the user being + removed as the first and only parameter. The return + code of the command is not taken into account. + </para> + <para> + Default: None, no command is run + </para> + </listitem> + </varlistentry> </variablelist> </refsect2> diff --git a/src/python/pysss.c b/src/python/pysss.c index bc1cf6e70..7c84c21e4 100644 --- a/src/python/pysss.c +++ b/src/python/pysss.c @@ -366,6 +366,12 @@ static PyObject *py_sss_userdel(PySssLocalObject *self, goto fail; } + ret = run_userdel_cmd(tctx); + if (ret != EOK) { + PyErr_SetSssError(ret); + goto fail; + } + if (tctx->octx->remove_homedir) { ret = sysdb_getpwnam_sync(tctx, tctx->ev, diff --git a/src/tools/sss_userdel.c b/src/tools/sss_userdel.c index e84d78b17..7f17b1fbc 100644 --- a/src/tools/sss_userdel.c +++ b/src/tools/sss_userdel.c @@ -161,6 +161,12 @@ int main(int argc, const char **argv) end_transaction(tctx); + ret = run_userdel_cmd(tctx); + if (ret != EOK) { + ERROR("The post-delete command failed: %s\n", strerror(ret)); + goto fini; + } + if (tctx->octx->remove_homedir) { ret = remove_homedir(tctx, tctx->octx->home, diff --git a/src/tools/tools_util.c b/src/tools/tools_util.c index 97945238e..9f9382a60 100644 --- a/src/tools/tools_util.c +++ b/src/tools/tools_util.c @@ -25,6 +25,7 @@ #include <errno.h> #include <sys/stat.h> #include <sys/types.h> +#include <sys/wait.h> #include <fcntl.h> #include "config.h" @@ -518,3 +519,77 @@ done: return ret; } +int run_userdel_cmd(struct tools_ctx *tctx) +{ + int ret, status; + char *userdel_cmd = NULL; + char *conf_path = NULL; + pid_t pid, child_pid; + + conf_path = talloc_asprintf(tctx, CONFDB_DOMAIN_PATH_TMPL, + tctx->local->name); + if (!conf_path) { + ret = ENOMEM; + goto done; + } + + ret = confdb_get_string(tctx->confdb, tctx, + conf_path, CONFDB_LOCAL_USERDEL_CMD, + NULL, &userdel_cmd); + if (ret != EOK || !userdel_cmd) { + goto done; + } + + errno = 0; + pid = fork(); + if (pid == 0) { + /* child */ + execl(userdel_cmd, userdel_cmd, + tctx->octx->name, (char *) NULL); + exit(errno); + } else { + /* parent */ + if (pid == -1) { + DEBUG(1, ("fork failed [%d]: %s\n")); + ret = errno; + goto done; + } + + while((child_pid = waitpid(pid, &status, 0)) > 0) { + if (child_pid == -1) { + DEBUG(1, ("waitpid failed\n")); + ret = errno; + goto done; + } + + if (WIFEXITED(status)) { + ret = WEXITSTATUS(status); + if (ret != 0) { + DEBUG(5, ("command [%s] returned nonzero status %d.\n", + userdel_cmd, ret)); + ret = EOK; /* Ignore return code of the command */ + goto done; + } + } else if (WIFSIGNALED(status)) { + DEBUG(5, ("command [%s] was terminated by signal %d.\n", + userdel_cmd, WTERMSIG(status))); + ret = EIO; + goto done; + } else if (WIFSTOPPED(status)) { + DEBUG(5, ("command [%s] was stopped by signal %d.\n", + userdel_cmd, WSTOPSIG(status))); + continue; + } else { + DEBUG(1, ("Unknown status from WAITPID\n")); + ret = EIO; + goto done; + } + } + } + + ret = EOK; +done: + talloc_free(userdel_cmd); + talloc_free(conf_path); + return ret; +} diff --git a/src/tools/tools_util.h b/src/tools/tools_util.h index a2b5c783b..fccec1469 100644 --- a/src/tools/tools_util.h +++ b/src/tools/tools_util.h @@ -95,6 +95,8 @@ int remove_homedir(TALLOC_CTX *mem_ctx, const char *username, uid_t uid, bool force); +int run_userdel_cmd(struct tools_ctx *tctx); + /* from files.c */ int remove_tree(const char *root); |