summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
Diffstat
-rw-r--r--src/confdb/confdb.h1
-rw-r--r--src/config/SSSDConfig/__init__.py.in1
-rw-r--r--src/config/etc/sssd.api.conf1
-rw-r--r--src/man/sssd.conf.5.xml17
-rw-r--r--src/responder/nss/nsssrv.c5
-rw-r--r--src/responder/nss/nsssrv.h1
-rw-r--r--src/responder/nss/nsssrv_cmd.c62
7 files changed, 87 insertions, 1 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index ba33ea5d7..4ac69ebef 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -99,6 +99,7 @@
#define CONFDB_MEMCACHE_TIMEOUT "memcache_timeout"
#define CONFDB_NSS_HOMEDIR_SUBSTRING "homedir_substring"
#define CONFDB_DEFAULT_HOMEDIR_SUBSTRING "/home"
+#define CONFDB_NSS_OVERRIDE_DEFAULT_WHITESPACE "override_default_whitespace"
/* PAM */
#define CONFDB_PAM_CONF_ENTRY "config/pam"
diff --git a/src/config/SSSDConfig/__init__.py.in b/src/config/SSSDConfig/__init__.py.in
index 05672d651..91f94b524 100644
--- a/src/config/SSSDConfig/__init__.py.in
+++ b/src/config/SSSDConfig/__init__.py.in
@@ -73,6 +73,7 @@ option_strings = {
'shell_fallback' : _('If a shell stored in central directory is allowed but not available, use this fallback'),
'default_shell': _('Shell to use if the provider does not list one'),
'memcache_timeout': _('How long will be in-memory cache records valid'),
+ 'override_default_whitespace': _('All white spaces in group or user names will be replaced with this string'),
# [pam]
'offline_credentials_expiration' : _('How long to allow cached logins between online logins (days)'),
diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf
index 5e5a9284e..1db9e2207 100644
--- a/src/config/etc/sssd.api.conf
+++ b/src/config/etc/sssd.api.conf
@@ -44,6 +44,7 @@ shell_fallback = str, None, false
default_shell = str, None, false
get_domains_timeout = int, None, false
memcache_timeout = int, None, false
+override_default_whitespace = str, None, false
[pam]
# Authentication service
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index 27d22f44e..c6a137bbf 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -645,6 +645,23 @@ fallback_homedir = /home/%u
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>override_default_whitespace (string)</term>
+ <listitem>
+ <para>
+ This parameter will replace white spaces (space bar)
+ with the given string for user and group names.
+ e.g. (_). User name &quot;john doe&quot; will
+ be &quot;john_doe&quot; This feature was added to
+ help compatibility with shell scripts that have
+ difficulty handling white spaces, due to the
+ default field separator in the shell.
+ </para>
+ <para>
+ Default: not set (whitespaces will not be replaced)
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect2>
<refsect2 id='PAM'>
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index 84a6b7fed..cf4525a71 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -298,6 +298,11 @@ static int nss_get_config(struct nss_ctx *nctx,
&nctx->homedir_substr);
if (ret != EOK) goto done;
+ ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
+ CONFDB_NSS_OVERRIDE_DEFAULT_WHITESPACE, NULL,
+ &nctx->override_default_wsp_str);
+ if (ret != EOK) goto done;
+
ret = 0;
done:
return ret;
diff --git a/src/responder/nss/nsssrv.h b/src/responder/nss/nsssrv.h
index a5b946b7e..07443027e 100644
--- a/src/responder/nss/nsssrv.h
+++ b/src/responder/nss/nsssrv.h
@@ -69,6 +69,7 @@ struct nss_ctx {
char **etc_shells;
char *shell_fallback;
char *default_shell;
+ char *override_default_wsp_str;
struct sss_mc_ctx *pwd_mc_ctx;
struct sss_mc_ctx *grp_mc_ctx;
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index a168a3e5d..75349085d 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -371,6 +371,15 @@ static int fill_pwent(struct sss_packet *packet,
"sss_get_cased_name failed, skipping\n");
continue;
}
+
+ tmpstr = sss_replace_whitespaces(tmp_ctx, tmpstr,
+ nctx->override_default_wsp_str);
+ if (tmpstr == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_replace_whitespaces failed, skipping\n");
+ continue;
+ }
+
to_sized_string(&name, tmpstr);
tmpstr = ldb_msg_find_attr_as_string(msg, SYSDB_GECOS, NULL);
@@ -743,6 +752,14 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
name = sss_get_cased_name(cmdctx, cmdctx->name, dom->case_sensitive);
if (!name) return ENOMEM;
+ name = sss_reverse_replace_whitespaces(dctx, name,
+ nctx->override_default_wsp_str);
+ if (name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_reverse_replace_whitespaces failed\n");
+ return ENOMEM;
+ }
+
/* verify this user has not yet been negatively cached,
* or has been permanently filtered */
ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout,
@@ -2316,7 +2333,7 @@ static int fill_members(struct sss_packet *packet,
int memnum = *_memnum;
size_t rzero= *_rzero;
size_t rsize = *_rsize;
- char *tmpstr;
+ const char *tmpstr;
struct sized_string name;
TALLOC_CTX *tmp_ctx = NULL;
@@ -2344,6 +2361,15 @@ static int fill_members(struct sss_packet *packet,
continue;
}
+ tmpstr = sss_replace_whitespaces(tmp_ctx, tmpstr,
+ nctx->override_default_wsp_str);
+ if (tmpstr == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_replace_whitespaces failed\n");
+ ret = ENOMEM;
+ goto done;
+ }
+
if (nctx->filter_users_in_groups) {
ret = sss_ncache_check_user(nctx->ncache,
nctx->neg_timeout,
@@ -2498,6 +2524,15 @@ static int fill_grent(struct sss_packet *packet,
"sss_get_cased_name failed, skipping\n");
continue;
}
+
+ tmpstr = sss_replace_whitespaces(tmp_ctx, tmpstr,
+ nctx->override_default_wsp_str);
+ if (tmpstr == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_replace_whitespaces failed, skipping\n");
+ continue;
+ }
+
to_sized_string(&name, tmpstr);
/* fill in gid and name and set pointer for number of members */
@@ -2692,6 +2727,14 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
name = sss_get_cased_name(dctx, cmdctx->name, dom->case_sensitive);
if (!name) return ENOMEM;
+ name = sss_reverse_replace_whitespaces(dctx, name,
+ nctx->override_default_wsp_str);
+ if (name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_reverse_replace_whitespaces failed\n");
+ return ENOMEM;
+ }
+
/* verify this group has not yet been negatively cached,
* or has been permanently filtered */
ret = sss_ncache_check_group(nctx->ncache, nctx->neg_timeout,
@@ -3715,6 +3758,14 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
name = sss_get_cased_name(dctx, cmdctx->name, dom->case_sensitive);
if (!name) return ENOMEM;
+ name = sss_reverse_replace_whitespaces(dctx, name,
+ nctx->override_default_wsp_str);
+ if (name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_reverse_replace_whitespaces failed\n");
+ return ENOMEM;
+ }
+
/* verify this user has not yet been negatively cached,
* or has been permanently filtered */
ret = sss_ncache_check_user(nctx->ncache, nctx->neg_timeout,
@@ -3874,6 +3925,15 @@ static errno_t nss_cmd_getsidby_search(struct nss_dom_ctx *dctx)
goto done;
}
+ name = sss_reverse_replace_whitespaces(dctx, name,
+ nctx->override_default_wsp_str);
+ if (name == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "sss_reverse_replace_whitespaces failed\n");
+ ret = ENOMEM;
+ goto done;
+ }
+
/* For subdomains a fully qualified name is needed for
* sysdb_search_user_by_name and sysdb_search_group_by_name. */
if (IS_SUBDOMAIN(dom)) {
generated by cgit (git 2.34.1) at 2024-11-19 06:45:54 +0000