diff options
-rw-r--r-- | src/confdb/confdb.h | 2 | ||||
-rw-r--r-- | src/man/sssd.conf.5.xml | 40 | ||||
-rw-r--r-- | src/responder/common/responder.h | 1 | ||||
-rw-r--r-- | src/responder/common/responder_common.c | 21 | ||||
-rw-r--r-- | src/responder/nss/nsssrv.c | 5 | ||||
-rw-r--r-- | src/responder/nss/nsssrv.h | 1 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 19 | ||||
-rw-r--r-- | src/tests/cmocka/test_nss_srv.c | 2 |
8 files changed, 59 insertions, 32 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index d5f7511d0..a28589186 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -68,6 +68,7 @@ #define CONFDB_MONITOR_TRY_INOTIFY "try_inotify" #define CONFDB_MONITOR_KRB5_RCACHEDIR "krb5_rcache_dir" #define CONFDB_MONITOR_DEFAULT_DOMAIN "default_domain_suffix" +#define CONFDB_MONITOR_OVERRIDE_SPACE "override_space" /* Both monitor and domains */ #define CONFDB_NAME_REGEX "re_expression" @@ -99,7 +100,6 @@ #define CONFDB_MEMCACHE_TIMEOUT "memcache_timeout" #define CONFDB_NSS_HOMEDIR_SUBSTRING "homedir_substring" #define CONFDB_DEFAULT_HOMEDIR_SUBSTRING "/home" -#define CONFDB_NSS_OVERRIDE_SPACE "override_space" /* PAM */ #define CONFDB_PAM_CONF_ENTRY "config/pam" diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index 99d91f062..81a46eda9 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -320,6 +320,29 @@ </para> </listitem> </varlistentry> + <varlistentry> + <term>override_space (string)</term> + <listitem> + <para> + This parameter will replace spaces (space bar) + with the given character for user and group names. + e.g. (_). User name "john doe" will + be "john_doe" This feature was added to + help compatibility with shell scripts that have + difficulty handling spaces, due to the + default field separator in the shell. + </para> + <para> + Please note it is a configuration error to use + a replacement character that might be used by + another LDAP object. In that case, result of + a lookup is undefined. + </para> + <para> + Default: not set (spaces will not be replaced) + </para> + </listitem> + </varlistentry> </variablelist> </para> </refsect2> @@ -663,23 +686,6 @@ fallback_homedir = /home/%u </para> </listitem> </varlistentry> - <varlistentry> - <term>override_space (string)</term> - <listitem> - <para> - This parameter will replace spaces (space bar) - with the given character for user and group names. - e.g. (_). User name "john doe" will - be "john_doe" This feature was added to - help compatibility with shell scripts that have - difficulty handling spaces, due to the - default field separator in the shell. - </para> - <para> - Default: not set (spaces will not be replaced) - </para> - </listitem> - </varlistentry> </variablelist> </refsect2> <refsect2 id='PAM'> diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index 167f45cb1..3674d13f2 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -102,6 +102,7 @@ struct resp_ctx { uid_t *allowed_uids; char *default_domain; + char override_space; void *pvt_ctx; diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 2f9db70ce..a0c476e1d 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -781,6 +781,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, struct resp_ctx *rctx; struct sss_domain_info *dom; int ret; + char *tmp = NULL; rctx = talloc_zero(mem_ctx, struct resp_ctx); if (!rctx) { @@ -844,6 +845,26 @@ int sss_process_init(TALLOC_CTX *mem_ctx, goto fail; } + ret = confdb_get_string(rctx->cdb, rctx, CONFDB_MONITOR_CONF_ENTRY, + CONFDB_MONITOR_OVERRIDE_SPACE, NULL, + &tmp); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "Cannnot get the space substitution character [%d]: %s\n", + ret, strerror(ret)); + goto fail; + } + + if (tmp != NULL) { + if (strlen(tmp) > 1) { + DEBUG(SSSDBG_MINOR_FAILURE, "Option %s is longer than 1 character " + "only the first character %c will be used\n", + CONFDB_MONITOR_OVERRIDE_SPACE, tmp[0]); + } + + rctx->override_space = tmp[0]; + } + ret = sss_monitor_init(rctx, rctx->ev, monitor_intf, svc_name, svc_version, rctx, &rctx->mon_conn); diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 9705878fa..84a6b7fed 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -298,11 +298,6 @@ static int nss_get_config(struct nss_ctx *nctx, &nctx->homedir_substr); if (ret != EOK) goto done; - ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_OVERRIDE_SPACE, NULL, - &nctx->override_space); - if (ret != EOK) goto done; - ret = 0; done: return ret; diff --git a/src/responder/nss/nsssrv.h b/src/responder/nss/nsssrv.h index f5238fb82..a5b946b7e 100644 --- a/src/responder/nss/nsssrv.h +++ b/src/responder/nss/nsssrv.h @@ -69,7 +69,6 @@ struct nss_ctx { char **etc_shells; char *shell_fallback; char *default_shell; - char *override_space; struct sss_mc_ctx *pwd_mc_ctx; struct sss_mc_ctx *grp_mc_ctx; diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 10e84e52c..91139980a 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -372,7 +372,8 @@ static int fill_pwent(struct sss_packet *packet, continue; } - tmpstr = sss_replace_space(tmp_ctx, tmpstr, nctx->override_space[0]); + tmpstr = sss_replace_space(tmp_ctx, tmpstr, + nctx->rctx->override_space); if (tmpstr == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_replace_space failed, skipping\n"); @@ -752,7 +753,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) if (!name) return ENOMEM; name = sss_reverse_replace_space(dctx, name, - nctx->override_space[0]); + nctx->rctx->override_space); if (name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_reverse_replace_space failed\n"); @@ -2360,7 +2361,8 @@ static int fill_members(struct sss_packet *packet, continue; } - tmpstr = sss_replace_space(tmp_ctx, tmpstr, nctx->override_space[0]); + tmpstr = sss_replace_space(tmp_ctx, tmpstr, + nctx->rctx->override_space); if (tmpstr == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_replace_space failed\n"); @@ -2523,7 +2525,8 @@ static int fill_grent(struct sss_packet *packet, continue; } - tmpstr = sss_replace_space(tmp_ctx, tmpstr, nctx->override_space[0]); + tmpstr = sss_replace_space(tmp_ctx, tmpstr, + nctx->rctx->override_space); if (tmpstr == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_replace_space failed, skipping\n"); @@ -2724,7 +2727,8 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) name = sss_get_cased_name(dctx, cmdctx->name, dom->case_sensitive); if (!name) return ENOMEM; - name = sss_reverse_replace_space(dctx, name, nctx->override_space[0]); + name = sss_reverse_replace_space(dctx, name, + nctx->rctx->override_space); if (name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_reverse_replace_space failed\n"); @@ -3754,7 +3758,8 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) name = sss_get_cased_name(dctx, cmdctx->name, dom->case_sensitive); if (!name) return ENOMEM; - name = sss_reverse_replace_space(dctx, name, nctx->override_space[0]); + name = sss_reverse_replace_space(dctx, name, + nctx->rctx->override_space); if (name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_reverse_replace_space failed\n"); @@ -3921,7 +3926,7 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx) } name = sss_reverse_replace_space(dctx, name, - nctx->override_space[0]); + nctx->rctx->override_space); if (name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_reverse_replace_space failed\n"); diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c index dba03ddb6..f5d1f60ec 100644 --- a/src/tests/cmocka/test_nss_srv.c +++ b/src/tests/cmocka/test_nss_srv.c @@ -74,7 +74,6 @@ mock_nctx(TALLOC_CTX *mem_ctx) } nctx->neg_timeout = 10; nctx->pwfield = discard_const("*"); - nctx->override_space = discard_const("\0"); err = sss_idmap_init(sss_idmap_talloc, nctx, sss_idmap_talloc_free, &nctx->idmap_ctx); @@ -890,6 +889,7 @@ void test_nss_setup(struct sss_test_conf_param params[], nss_test_ctx->rctx = mock_rctx(nss_test_ctx, nss_test_ctx->tctx->ev, nss_test_ctx->tctx->dom, nss_test_ctx->nctx); assert_non_null(nss_test_ctx->rctx); + nss_test_ctx->nctx->rctx = nss_test_ctx->rctx; /* Create client context */ nss_test_ctx->cctx = mock_cctx(nss_test_ctx, nss_test_ctx->rctx); |