diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/providers/ipa/ipa_s2n_exop.c | 17 | ||||
-rw-r--r-- | src/providers/ipa/ipa_subdomains_id.c | 23 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 29 | ||||
-rw-r--r-- | src/responder/pac/pacsrv_utils.c | 11 | ||||
-rw-r--r-- | src/util/sss_nss.c | 43 | ||||
-rw-r--r-- | src/util/sss_nss.h | 12 |
6 files changed, 85 insertions, 50 deletions
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index ac240be71..6bb3384b1 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -647,6 +647,7 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq) struct resp_attrs *simple_attrs = NULL; time_t now; uint64_t timeout = 10*60*60; /* FIXME: find a better timeout ! */ + struct sss_nss_homedir_ctx homedir_ctx; const char *homedir = NULL; struct sysdb_attrs *user_attrs = NULL; struct sysdb_attrs *group_attrs = NULL; @@ -737,13 +738,15 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq) switch (attrs->response_type) { case RESP_USER: if (state->dom->subdomain_homedir) { - homedir = expand_homedir_template(state, - state->dom->subdomain_homedir, - attrs->a.user.pw_name, - attrs->a.user.pw_uid, - NULL, - state->dom->name, - state->dom->flat_name); + ZERO_STRUCT(homedir_ctx); + homedir_ctx.username = attrs->a.user.pw_name; + homedir_ctx.uid = attrs->a.user.pw_uid; + homedir_ctx.domain = state->dom->name; + homedir_ctx.flatname = state->dom->flat_name; + + homedir = expand_homedir_template(state, + state->dom->subdomain_homedir, + &homedir_ctx); if (homedir == NULL) { ret = ENOMEM; goto done; diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c index 2d5c3b3ee..96891b348 100644 --- a/src/providers/ipa/ipa_subdomains_id.c +++ b/src/providers/ipa/ipa_subdomains_id.c @@ -366,10 +366,10 @@ get_subdomain_homedir_of_user(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom, const char **_homedir) { errno_t ret; - char *name; - char *lc_name; + const char *name; const char *homedir; TALLOC_CTX *tmp_ctx; + struct sss_nss_homedir_ctx homedir_ctx; tmp_ctx = talloc_new(mem_ctx); if (tmp_ctx == NULL) { @@ -377,22 +377,27 @@ get_subdomain_homedir_of_user(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom, goto done; } - ret = sss_parse_name(tmp_ctx, dom->names, fqname, NULL, &name); + ZERO_STRUCT(homedir_ctx); + + homedir_ctx.uid = uid; + homedir_ctx.domain = dom->name; + homedir_ctx.flatname = dom->flat_name; + ret = sss_parse_name_const(tmp_ctx, dom->names, fqname, + NULL, &name); if (ret != EOK) { goto done; } /* To be compatible with the old winbind based user lookups and IPA * clients the user name in the home directory path will be lower-case. */ - lc_name = sss_tc_utf8_str_tolower(tmp_ctx, name); - if (lc_name == NULL) { - ret =ENOMEM; + homedir_ctx.username = sss_tc_utf8_str_tolower(tmp_ctx, name); + if (homedir_ctx.username == NULL) { + ret = ENOMEM; goto done; } - homedir = expand_homedir_template(tmp_ctx, dom->subdomain_homedir, lc_name, - uid, NULL, dom->name, dom->flat_name); - + homedir = expand_homedir_template(tmp_ctx, dom->subdomain_homedir, + &homedir_ctx); if (homedir == NULL) { DEBUG(SSSDBG_OP_FAILURE, "expand_homedir_template failed\n"); ret = ENOMEM; diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 59f2c5779..6022d0aaf 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -172,17 +172,18 @@ static const char *get_homedir_override(TALLOC_CTX *mem_ctx, struct ldb_message *msg, struct nss_ctx *nctx, struct sss_domain_info *dom, - const char *orig_name, - uint32_t uid) + struct sss_nss_homedir_ctx *homedir_ctx) { const char *homedir; - char *name; + const char *orig_name = homedir_ctx->username; errno_t ret; homedir = ldb_msg_find_attr_as_string(msg, SYSDB_HOMEDIR, NULL); + homedir_ctx->original = homedir; /* Subdomain users store FQDN in their name attribute */ - ret = sss_parse_name(mem_ctx, dom->names, orig_name, NULL, &name); + ret = sss_parse_name_const(mem_ctx, dom->names, orig_name, + NULL, &homedir_ctx->username); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, "Could not parse [%s] into " "name-value components.\n", orig_name); @@ -194,10 +195,10 @@ static const char *get_homedir_override(TALLOC_CTX *mem_ctx, */ if (dom->override_homedir) { return expand_homedir_template(mem_ctx, dom->override_homedir, - name, uid, homedir, dom->name, NULL); + homedir_ctx); } else if (nctx->override_homedir) { return expand_homedir_template(mem_ctx, nctx->override_homedir, - name, uid, homedir, dom->name, NULL); + homedir_ctx); } if (!homedir || *homedir == '\0') { @@ -206,12 +207,10 @@ static const char *get_homedir_override(TALLOC_CTX *mem_ctx, */ if (dom->fallback_homedir) { return expand_homedir_template(mem_ctx, dom->fallback_homedir, - name, uid, homedir, - dom->name, NULL); + homedir_ctx); } else if (nctx->fallback_homedir) { return expand_homedir_template(mem_ctx, nctx->fallback_homedir, - name, uid, homedir, - dom->name, NULL); + homedir_ctx); } } @@ -318,6 +317,7 @@ static int fill_pwent(struct sss_packet *packet, bool packet_initialized = false; int ncret; TALLOC_CTX *tmp_ctx = NULL; + struct sss_nss_homedir_ctx homedir_ctx; if (add_domain) { delim = 1; @@ -378,7 +378,14 @@ static int fill_pwent(struct sss_packet *packet, } else { to_sized_string(&gecos, tmpstr); } - tmpstr = get_homedir_override(tmp_ctx, msg, nctx, dom, name.str, uid); + + ZERO_STRUCT(homedir_ctx); + + homedir_ctx.username = name.str; + homedir_ctx.uid = uid; + homedir_ctx.domain = dom->name; + + tmpstr = get_homedir_override(tmp_ctx, msg, nctx, dom, &homedir_ctx); if (!tmpstr) { to_sized_string(&homedir, "/"); } else { diff --git a/src/responder/pac/pacsrv_utils.c b/src/responder/pac/pacsrv_utils.c index 4eca1aa0e..ee72664c2 100644 --- a/src/responder/pac/pacsrv_utils.c +++ b/src/responder/pac/pacsrv_utils.c @@ -355,6 +355,7 @@ errno_t get_pwd_from_pac(TALLOC_CTX *mem_ctx, char *upn; hash_key_t key; hash_value_t value; + struct sss_nss_homedir_ctx homedir_ctx; pwd = talloc_zero(mem_ctx, struct passwd); if (pwd == NULL) { @@ -441,9 +442,15 @@ errno_t get_pwd_from_pac(TALLOC_CTX *mem_ctx, /* Check if there is a special homedir template for sub-domains. If not a * fallback will be added by the NSS responder. */ if (IS_SUBDOMAIN(dom) && dom->subdomain_homedir) { + ZERO_STRUCT(homedir_ctx); + + homedir_ctx.username = lname; + homedir_ctx.uid = pwd->pw_uid; + homedir_ctx.domain = dom->name; + homedir_ctx.flatname = dom->flat_name; + pwd->pw_dir = expand_homedir_template(pwd, dom->subdomain_homedir, - lname, pwd->pw_uid, NULL, - dom->name, dom->flat_name); + &homedir_ctx); if (pwd->pw_dir == NULL) { ret = ENOMEM; goto done; diff --git a/src/util/sss_nss.c b/src/util/sss_nss.c index 406c95cd0..25a030c3f 100644 --- a/src/util/sss_nss.c +++ b/src/util/sss_nss.c @@ -23,9 +23,7 @@ #include "util/sss_nss.h" char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template, - const char *username, uint32_t uid, - const char *original, const char *domain, - const char *flatname) + struct sss_nss_homedir_ctx *homedir_ctx) { char *copy; char *p; @@ -40,6 +38,11 @@ char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template, return NULL; } + if (homedir_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "Missing home directory data.\n"); + return NULL; + } + tmp_ctx = talloc_new(NULL); if (!tmp_ctx) return NULL; @@ -66,67 +69,71 @@ char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template, } switch( *n ) { case 'u': - if (username == NULL) { - DEBUG(SSSDBG_CRIT_FAILURE, "Cannot expand user name template " - "because user name is empty.\n"); + if (homedir_ctx->username == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, + "Cannot expand user name template because user name " + "is empty.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, - username); + homedir_ctx->username); break; case 'U': - if (uid == 0) { + if (homedir_ctx->uid == 0) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot expand uid template " "because uid is invalid.\n"); goto done; } result = talloc_asprintf_append(result, "%s%d", p, - uid); + homedir_ctx->uid); break; case 'd': - if (domain == NULL) { + if (homedir_ctx->domain == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot expand domain name " "template because domain name " "is empty.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s", p, - domain); + homedir_ctx->domain); break; case 'f': - if (domain == NULL || username == NULL) { + if (homedir_ctx->domain == NULL + || homedir_ctx->username == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot expand fully qualified " "name template because domain " "or user name is empty.\n"); goto done; } result = talloc_asprintf_append(result, "%s%s@%s", p, - username, domain); + homedir_ctx->username, + homedir_ctx->domain); break; case 'o': - if (original == NULL) { + if (homedir_ctx->original == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Original home directory for %s is not available, " - "using empty string\n", username); + "using empty string\n", homedir_ctx->username); orig = ""; } else { - orig = original; + orig = homedir_ctx->original; } result = talloc_asprintf_append(result, "%s%s", p, orig); break; case 'F': - if (flatname == NULL) { + if (homedir_ctx->flatname == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Cannot expand domain name " "template because domain flat " "name is empty.\n"); goto done; } - result = talloc_asprintf_append(result, "%s%s", p, flatname); + result = talloc_asprintf_append(result, "%s%s", p, + homedir_ctx->flatname); break; case '%': diff --git a/src/util/sss_nss.h b/src/util/sss_nss.h index 6dcdbaef3..771b9ce58 100644 --- a/src/util/sss_nss.h +++ b/src/util/sss_nss.h @@ -25,8 +25,14 @@ #include <sys/types.h> #include <talloc.h> +struct sss_nss_homedir_ctx { + const char *username; + uint32_t uid; + const char *original; + const char *domain; + const char *flatname; +}; + char *expand_homedir_template(TALLOC_CTX *mem_ctx, const char *template, - const char *username, uint32_t uid, - const char *original, const char *domain, - const char *flatname); + struct sss_nss_homedir_ctx *homedir_ctx); #endif |