diff options
Diffstat (limited to 'src/responder/nss')
| -rw-r--r-- | src/responder/nss/nsssrv.c | 5 | ||||
| -rw-r--r-- | src/responder/nss/nsssrv.h | 1 | ||||
| -rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 14 |
3 files changed, 18 insertions, 2 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index cd2060e45..64267e868 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -182,6 +182,11 @@ static int nss_get_config(struct nss_ctx *nctx, &nctx->fallback_homedir); if (ret != EOK) goto done; + ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, + CONFDB_NSS_OVERRIDE_SHELL, NULL, + &nctx->override_shell); + if (ret != EOK && ret != ENOENT) goto done; + ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_ALLOWED_SHELL, &nctx->allowed_shells); diff --git a/src/responder/nss/nsssrv.h b/src/responder/nss/nsssrv.h index 58cd3da0f..a8b2c3c97 100644 --- a/src/responder/nss/nsssrv.h +++ b/src/responder/nss/nsssrv.h @@ -63,6 +63,7 @@ struct nss_ctx { char *override_homedir; char *fallback_homedir; char **allowed_shells; + char *override_shell; char **vetoed_shells; char **etc_shells; char *shell_fallback; diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 5c5f8060b..64fd7a587 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -155,11 +155,21 @@ static const char *get_homedir_override(TALLOC_CTX *mem_ctx, static const char *get_shell_override(TALLOC_CTX *mem_ctx, struct ldb_message *msg, - struct nss_ctx *nctx) + struct nss_ctx *nctx, + struct sss_domain_info *dom) { const char *user_shell; int i; + /* Check whether we are unconditionally overriding the server + * for the login shell. + */ + if (dom->override_shell) { + return dom->override_shell; + } else if (nctx->override_shell) { + return nctx->override_shell; + } + user_shell = ldb_msg_find_attr_as_string(msg, SYSDB_SHELL, NULL); if (!user_shell) { /* Check whether there is a default shell specified */ @@ -303,7 +313,7 @@ static int fill_pwent(struct sss_packet *packet, } else { to_sized_string(&homedir, tmpstr); } - tmpstr = get_shell_override(tmp_ctx, msg, nctx); + tmpstr = get_shell_override(tmp_ctx, msg, nctx, dom); if (!tmpstr) { to_sized_string(&shell, ""); } else { |