diff options
author | Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> | 2017-03-29 16:07:52 +0300 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-07-27 10:32:14 +0200 |
commit | c31065ecc0793e836066035d0c692b050b5f6f55 (patch) | |
tree | 5cfc7089fbcb0fb484df15207d66fb98b3e2d596 /src/responder/nss/nsssrv.c | |
parent | cb89693cf5ccdedf69fa304c6d43d618a7bc18b2 (diff) | |
download | sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.gz sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.xz sssd-c31065ecc0793e836066035d0c692b050b5f6f55.zip |
NSS: Move shell options to common responder
Move all the shell-related options from the NSS responder context to the
common responder context, so they can be used by other responders for
retrieving original user shell, when it is overrided for session
recording.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'src/responder/nss/nsssrv.c')
-rw-r--r-- | src/responder/nss/nsssrv.c | 99 |
1 files changed, 0 insertions, 99 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 644e94188..d67b9fac8 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -52,9 +52,6 @@ #define DEFAULT_PWFIELD "*" #define DEFAULT_NSS_FD_LIMIT 8192 -#define SHELL_REALLOC_INCREMENT 5 -#define SHELL_REALLOC_MAX 50 - static int nss_clear_memcache(struct sbus_request *dbus_req, void *data); static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *data); @@ -150,72 +147,6 @@ static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *da return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID); } -static errno_t nss_get_etc_shells(TALLOC_CTX *mem_ctx, char ***_shells) -{ - int i = 0; - char *sh; - char **shells = NULL; - TALLOC_CTX *tmp_ctx; - errno_t ret; - int size; - - tmp_ctx = talloc_new(NULL); - if (!tmp_ctx) return ENOMEM; - - shells = talloc_array(tmp_ctx, char *, SHELL_REALLOC_INCREMENT); - if (!shells) { - ret = ENOMEM; - goto done; - } - size = SHELL_REALLOC_INCREMENT; - - setusershell(); - while ((sh = getusershell())) { - shells[i] = talloc_strdup(shells, sh); - if (!shells[i]) { - endusershell(); - ret = ENOMEM; - goto done; - } - DEBUG(SSSDBG_TRACE_FUNC, "Found shell %s in /etc/shells\n", shells[i]); - i++; - - if (i == size) { - size += SHELL_REALLOC_INCREMENT; - if (size > SHELL_REALLOC_MAX) { - DEBUG(SSSDBG_FATAL_FAILURE, - "Reached maximum number of shells [%d]. " - "Users may be denied access. " - "Please check /etc/shells for sanity\n", - SHELL_REALLOC_MAX); - break; - } - shells = talloc_realloc(NULL, shells, char *, - size); - if (!shells) { - ret = ENOMEM; - goto done; - } - } - } - endusershell(); - - if (i + 1 < size) { - shells = talloc_realloc(NULL, shells, char *, i + 1); - if (!shells) { - ret = ENOMEM; - goto done; - } - } - shells[i] = NULL; - - *_shells = talloc_move(mem_ctx, &shells); - ret = EOK; -done: - talloc_zfree(tmp_ctx); - return ret; -} - static int nss_get_config(struct nss_ctx *nctx, struct confdb_ctx *cdb) { @@ -265,36 +196,6 @@ static int nss_get_config(struct nss_ctx *nctx, if (ret != EOK) goto done; ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_OVERRIDE_SHELL, NULL, - &nctx->override_shell); - if (ret != EOK && ret != ENOENT) goto done; - - ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_ALLOWED_SHELL, - &nctx->allowed_shells); - if (ret != EOK && ret != ENOENT) goto done; - - ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_VETOED_SHELL, - &nctx->vetoed_shells); - if (ret != EOK && ret != ENOENT) goto done; - - ret = nss_get_etc_shells(nctx, &nctx->etc_shells); - if (ret != EOK) goto done; - - ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_SHELL_FALLBACK, - CONFDB_DEFAULT_SHELL_FALLBACK, - &nctx->shell_fallback); - if (ret != EOK) goto done; - - ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_DEFAULT_SHELL, - NULL, - &nctx->default_shell); - if (ret != EOK) goto done; - - ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_HOMEDIR_SUBSTRING, CONFDB_DEFAULT_HOMEDIR_SUBSTRING, &nctx->homedir_substr); |