From 312818233ce48471c56d1a7589579892d9726e3b Mon Sep 17 00:00:00 2001
From: Stephen Gallagher <sgallagh@redhat.com>
Date: Wed, 9 May 2012 12:43:06 -0400
Subject: NSS: Add default_shell option

This option will allow administrators to set a default shell to be
used if a user does not have one set in the identity provider.

https://fedorahosted.org/sssd/ticket/1289
---
 src/responder/nss/nsssrv.c     | 7 +++++++
 src/responder/nss/nsssrv.h     | 1 +
 src/responder/nss/nsssrv_cmd.c | 8 +++++++-
 3 files changed, 15 insertions(+), 1 deletion(-)

(limited to 'src/responder/nss')

diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index c8ee444a8..9cb4a5697 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -192,6 +192,7 @@ static int nss_get_config(struct nss_ctx *nctx,
                                     CONFDB_NSS_VETOED_SHELL,
                                     &nctx->vetoed_shells);
     if (ret != EOK && ret != ENOENT) goto done;
+
     ret = nss_get_etc_shells(nctx, &nctx->etc_shells);
     if (ret != EOK) goto done;
 
@@ -201,6 +202,12 @@ static int nss_get_config(struct nss_ctx *nctx,
                             &nctx->shell_fallback);
     if (ret != EOK) goto done;
 
+    ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
+                            CONFDB_NSS_DEFAULT_SHELL,
+                            NULL,
+                            &nctx->default_shell);
+    if (ret != EOK) goto done;
+
     ret = 0;
 done:
     return ret;
diff --git a/src/responder/nss/nsssrv.h b/src/responder/nss/nsssrv.h
index 5b5ae50b9..58cd3da0f 100644
--- a/src/responder/nss/nsssrv.h
+++ b/src/responder/nss/nsssrv.h
@@ -66,6 +66,7 @@ struct nss_ctx {
     char **vetoed_shells;
     char **etc_shells;
     char *shell_fallback;
+    char *default_shell;
 
     struct sss_mc_ctx *pwd_mc_ctx;
     struct sss_mc_ctx *grp_mc_ctx;
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index d448fa859..263499bfe 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -161,7 +161,13 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx,
     int i;
 
     user_shell = ldb_msg_find_attr_as_string(msg, SYSDB_SHELL, NULL);
-    if (!user_shell) return NULL;
+    if (!user_shell) {
+        /* Check whether there is a default shell specified */
+        if (nctx->default_shell) {
+            return talloc_strdup(mem_ctx, nctx->default_shell);
+        }
+        return NULL;
+    }
     if (!nctx->allowed_shells && !nctx->vetoed_shells) return talloc_strdup(mem_ctx, user_shell);
 
     if (nctx->vetoed_shells) {
-- 
cgit