summaryrefslogtreecommitdiffstats
path: root/src/providers/data_provider_be.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers/data_provider_be.c')
-rw-r--r--src/providers/data_provider_be.c25
1 files changed, 25 insertions, 0 deletions
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index 114fde529..9571d0956 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -753,10 +753,12 @@ static void be_pam_handler_callback(struct be_req *req,
int errnum,
const char *errstr)
{
+ struct be_client *becli = req->becli;
struct pam_data *pd;
DBusMessage *reply;
DBusConnection *dbus_conn;
dbus_bool_t dbret;
+ errno_t ret;
DEBUG(4, ("Backend returned: (%d, %d, %s) [%s]\n",
dp_err_type, errnum, errstr?errstr:"<NULL>",
@@ -764,6 +766,28 @@ static void be_pam_handler_callback(struct be_req *req,
pd = talloc_get_type(req->req_data, struct pam_data);
+ if (pd->cmd == SSS_PAM_ACCT_MGMT &&
+ req->phase == REQ_PHASE_ACCESS &&
+ dp_err_type == DP_ERR_OK) {
+ if (!becli->bectx->bet_info[BET_SELINUX].bet_ops) {
+ DEBUG(SSSDBG_TRACE_FUNC,
+ ("SELinux provider doesn't exist, "
+ "not sending the request to it.\n"));
+ } else {
+ req->phase = REQ_PHASE_SELINUX;
+
+ /* Now is the time to call SELinux provider */
+ ret = be_file_request(becli->bectx->bet_info[BET_SELINUX].pvt_bet_data,
+ req,
+ becli->bectx->bet_info[BET_SELINUX].bet_ops->handler);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("be_file_request failed.\n"));
+ goto done;
+ }
+ return;
+ }
+ }
+
DEBUG(4, ("Sending result [%d][%s]\n", pd->pam_status, pd->domain));
reply = (DBusMessage *)req->pvt;
dbret = dp_pack_pam_response(reply, pd);
@@ -852,6 +876,7 @@ static int be_pam_handler(DBusMessage *message, struct sbus_connection *conn)
break;
case SSS_PAM_ACCT_MGMT:
target = BET_ACCESS;
+ be_req->phase = REQ_PHASE_ACCESS;
break;
case SSS_PAM_CHAUTHTOK:
case SSS_PAM_CHAUTHTOK_PRELIM:
generated by cgit (git 2.34.1) at 2024-04-27 01:46:16 +0000