diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-17 18:14:53 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-10-22 15:44:53 +0200 |
commit | 76c8dafad2a18cf1514635aa766062085c23a5c8 (patch) | |
tree | 31ea62be73c4187a9ba6210eb3c0aeb5cde4eaaa | |
parent | 3f9e2c24dbc14b2eafbe4f5a5ee16fe9af3c3f75 (diff) | |
download | sssd-76c8dafad2a18cf1514635aa766062085c23a5c8.tar.gz sssd-76c8dafad2a18cf1514635aa766062085c23a5c8.tar.xz sssd-76c8dafad2a18cf1514635aa766062085c23a5c8.zip |
SSH: Run the ssh responder as the SSSD user
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
-rw-r--r-- | src/monitor/monitor.c | 3 | ||||
-rw-r--r-- | src/responder/ssh/sshsrv.c | 3 |
2 files changed, 4 insertions, 2 deletions
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index d09aeba90..0dea32721 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -1066,7 +1066,8 @@ static bool svc_supported_as_nonroot(const char *svc_name) || (strcmp(svc_name, "pam") == 0) || (strcmp(svc_name, "autofs") == 0) || (strcmp(svc_name, "pac") == 0) - || (strcmp(svc_name, "sudo") == 0)) { + || (strcmp(svc_name, "sudo") == 0) + || (strcmp(svc_name, "ssh") == 0)) { return true; } return false; diff --git a/src/responder/ssh/sshsrv.c b/src/responder/ssh/sshsrv.c index b154ee1ba..b1969b49d 100644 --- a/src/responder/ssh/sshsrv.c +++ b/src/responder/ssh/sshsrv.c @@ -215,7 +215,8 @@ int main(int argc, const char *argv[]) /* set up things like debug, signals, daemonization, etc... */ debug_log_file = "sssd_ssh"; - ret = server_setup("sssd[ssh]", 0, 0, 0, CONFDB_SSH_CONF_ENTRY, &main_ctx); + ret = server_setup("sssd[ssh]", 0, uid, gid, + CONFDB_SSH_CONF_ENTRY, &main_ctx); if (ret != EOK) { return 2; } |