diff options
-rw-r--r-- | src/providers/ipa/ipa_selinux.c | 11 |
1 files changed, 10 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c index d1dbe5765..13679281d 100644 --- a/src/providers/ipa/ipa_selinux.c +++ b/src/providers/ipa/ipa_selinux.c @@ -36,6 +36,7 @@ #include "providers/ipa/ipa_access.h" #include "providers/ipa/ipa_selinux_common.h" #include "providers/ipa/ipa_selinux_maps.h" +#include "providers/krb5/krb5_utils.h" static struct tevent_req * ipa_get_selinux_send(struct be_req *breq, @@ -84,6 +85,8 @@ void ipa_selinux_handler(struct be_req *be_req) struct tevent_req *req; struct pam_data *pd; const char *hostname; + int ret; + struct sss_domain_info *dom; pd = talloc_get_type(be_req->req_data, struct pam_data); @@ -98,7 +101,13 @@ void ipa_selinux_handler(struct be_req *be_req) goto fail; } - op_ctx = ipa_selinux_create_op_ctx(be_req, be_req->sysdb, be_req, + ret = get_domain_or_subdomain(be_req, be_req->be_ctx, pd->domain, &dom); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("get_domain_or_subdomain failed.\n")); + goto fail; + } + + op_ctx = ipa_selinux_create_op_ctx(be_req, dom->sysdb, be_req, pd->user, hostname); if (op_ctx == NULL) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot create op context\n")); |