diff options
| author | Alexey Kamenskiy <alexey.kamenskiy@chinanetcloud.com> | 2017-10-18 18:28:07 +0800 |
|---|---|---|
| committer | Lukas Slebodnik <lslebodn@redhat.com> | 2017-10-19 16:05:06 +0200 |
| commit | f34a8330c1615511795847b0a1454249d782db2a (patch) | |
| tree | d8c5bd7e556b1549a41c6a406e500f9ce1373728 /src/providers/ldap/ldap_init.c | |
| parent | bc854800cc67271205d63136daaf68d7863cea6b (diff) | |
| download | sssd-f34a8330c1615511795847b0a1454249d782db2a.tar.gz sssd-f34a8330c1615511795847b0a1454249d782db2a.tar.xz sssd-f34a8330c1615511795847b0a1454249d782db2a.zip | |
LDAP: Add support for rhost access control
This patch implements verification of pam_rhost against
rules stored in LDAP entry of a user.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/providers/ldap/ldap_init.c')
| -rw-r--r-- | src/providers/ldap/ldap_init.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c index b7102adb8..43d905893 100644 --- a/src/providers/ldap/ldap_init.c +++ b/src/providers/ldap/ldap_init.c @@ -286,6 +286,8 @@ static errno_t set_access_rules(TALLOC_CTX *mem_ctx, access_ctx->access_rule[c] = LDAP_ACCESS_SERVICE; } else if (strcasecmp(order_list[c], LDAP_ACCESS_HOST_NAME) == 0) { access_ctx->access_rule[c] = LDAP_ACCESS_HOST; + } else if (strcasecmp(order_list[c], LDAP_ACCESS_RHOST_NAME) == 0) { + access_ctx->access_rule[c] = LDAP_ACCESS_RHOST; } else if (strcasecmp(order_list[c], LDAP_ACCESS_LOCK_NAME) == 0) { access_ctx->access_rule[c] = LDAP_ACCESS_LOCKOUT; } else if (strcasecmp(order_list[c], |