From 770dc892f867639f36f84455d65be6287935a529 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 2 Jan 2014 17:23:08 +0100 Subject: IFP: Per-attribute ACL for users MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Introduces a new option called user_attributes that allows to specify which user attributes are allowed to be queried from the IFP responder. By default only the default POSIX set is allowed, this option allows to either add other attributes (+attrname) or remove them from the default set (-attrname). Reviewed-by: Pavel Březina --- src/responder/ifp/ifp_private.h | 3 +++ 1 file changed, 3 insertions(+) (limited to 'src/responder/ifp/ifp_private.h') diff --git a/src/responder/ifp/ifp_private.h b/src/responder/ifp/ifp_private.h index 52c480bb4..c03cf6ccc 100644 --- a/src/responder/ifp/ifp_private.h +++ b/src/responder/ifp/ifp_private.h @@ -43,6 +43,7 @@ struct ifp_ctx { int neg_timeout; struct sysbus_ctx *sysbus; + const char **user_whitelist; }; /* This is a throwaway method to ease the review of the patch. @@ -68,4 +69,6 @@ const char *ifp_path_strip_prefix(const char *path, const char *prefix); errno_t ifp_add_ldb_el_to_dict(DBusMessageIter *iter_dict, struct ldb_message_element *el); +const char **ifp_parse_attr_list(TALLOC_CTX *mem_ctx, const char *conf_str); +bool ifp_attr_allowed(const char *whitelist[], const char *attr); #endif /* _IFPSRV_PRIVATE_H_ */ -- cgit