summaryrefslogtreecommitdiffstats
path: root/src/responder/pam/pamsrv_cmd.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder/pam/pamsrv_cmd.c')
-rw-r--r--src/responder/pam/pamsrv_cmd.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 94de4df5f..c1ff5dacd 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -521,7 +521,9 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq)
goto done;
}
- sysdb = preq->domain->sysdb;
+ /* Sysdb rules are always stored in the parent domain */
+ sysdb = preq->domain->parent ? preq->domain->parent->sysdb :
+ preq->domain->sysdb;
if (sysdb == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE, ("Fatal: Sysdb CTX not found for "
"domain [%s]!\n", preq->domain->name));
@@ -595,7 +597,7 @@ static errno_t process_selinux_mappings(struct pam_auth_req *preq)
}
/* Fetch all maps applicable to the user who is currently logging in */
- ret = sysdb_search_selinux_usermap_by_username(tmp_ctx, sysdb, pd->user,
+ ret = sysdb_search_selinux_usermap_by_username(tmp_ctx, preq->domain, pd->user,
&usermaps);
if (ret != EOK && ret != ENOENT) {
goto done;
generated by cgit (git 2.34.1) at 2024-04-25 04:58:12 +0000