diff options
Diffstat (limited to 'src/responder/pam/pamsrv_cmd.c')
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 94de4df5f..c1ff5dacd 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -521,7 +521,9 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq) goto done; } - sysdb = preq->domain->sysdb; + /* Sysdb rules are always stored in the parent domain */ + sysdb = preq->domain->parent ? preq->domain->parent->sysdb : + preq->domain->sysdb; if (sysdb == NULL) { DEBUG(SSSDBG_FATAL_FAILURE, ("Fatal: Sysdb CTX not found for " "domain [%s]!\n", preq->domain->name)); @@ -595,7 +597,7 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq) } /* Fetch all maps applicable to the user who is currently logging in */ - ret = sysdb_search_selinux_usermap_by_username(tmp_ctx, sysdb, pd->user, + ret = sysdb_search_selinux_usermap_by_username(tmp_ctx, preq->domain, pd->user, &usermaps); if (ret != EOK && ret != ENOENT) { goto done; |