NSS: Move shell options to common responder

Move all the shell-related options from the NSS responder context to the common responder context, so they can be used by other responders for retrieving original user shell, when it is overrided for session recording. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
author: Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com> 2017-03-29 16:07:52 +0300
committer: Jakub Hrozek <jhrozek@redhat.com> 2017-07-27 10:32:14 +0200
commit: c31065ecc0793e836066035d0c692b050b5f6f55 (patch)
tree: 5cfc7089fbcb0fb484df15207d66fb98b3e2d596 /src/responder/nss/nsssrv.c
parent: cb89693cf5ccdedf69fa304c6d43d618a7bc18b2 (diff)
download: sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.gz
sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.xz
sssd-c31065ecc0793e836066035d0c692b050b5f6f55.zip
1 files changed, 0 insertions, 99 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
index 644e94188..d67b9fac8 100644
--- a/src/responder/nss/nsssrv.c
+++ b/src/responder/nss/nsssrv.c
@@ -52,9 +52,6 @@
 #define DEFAULT_PWFIELD "*"
 #define DEFAULT_NSS_FD_LIMIT 8192
 
-#define SHELL_REALLOC_INCREMENT 5
-#define SHELL_REALLOC_MAX       50
-
 static int nss_clear_memcache(struct sbus_request *dbus_req, void *data);
 static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *data);
 
@@ -150,72 +147,6 @@ static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *da
     return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID);
 }
 
-static errno_t nss_get_etc_shells(TALLOC_CTX *mem_ctx, char ***_shells)
-{
-    int i = 0;
-    char *sh;
-    char **shells = NULL;
-    TALLOC_CTX *tmp_ctx;
-    errno_t ret;
-    int size;
-
-    tmp_ctx = talloc_new(NULL);
-    if (!tmp_ctx) return ENOMEM;
-
-    shells = talloc_array(tmp_ctx, char *, SHELL_REALLOC_INCREMENT);
-    if (!shells) {
-        ret = ENOMEM;
-        goto done;
-    }
-    size = SHELL_REALLOC_INCREMENT;
-
-    setusershell();
-    while ((sh = getusershell())) {
-        shells[i] = talloc_strdup(shells, sh);
-        if (!shells[i]) {
-            endusershell();
-            ret = ENOMEM;
-            goto done;
-        }
-        DEBUG(SSSDBG_TRACE_FUNC, "Found shell %s in /etc/shells\n", shells[i]);
-        i++;
-
-        if (i == size) {
-            size += SHELL_REALLOC_INCREMENT;
-            if (size > SHELL_REALLOC_MAX) {
-                DEBUG(SSSDBG_FATAL_FAILURE,
-                      "Reached maximum number of shells [%d]. "
-                          "Users may be denied access. "
-                          "Please check /etc/shells for sanity\n",
-                          SHELL_REALLOC_MAX);
-                break;
-            }
-            shells = talloc_realloc(NULL, shells, char *,
-                                    size);
-            if (!shells) {
-                ret = ENOMEM;
-                goto done;
-            }
-        }
-    }
-    endusershell();
-
-    if (i + 1 < size) {
-        shells = talloc_realloc(NULL, shells, char *, i + 1);
-        if (!shells) {
-            ret = ENOMEM;
-            goto done;
-        }
-    }
-    shells[i] = NULL;
-
-    *_shells = talloc_move(mem_ctx, &shells);
-    ret = EOK;
-done:
-    talloc_zfree(tmp_ctx);
-    return ret;
-}
-
 static int nss_get_config(struct nss_ctx *nctx,
                           struct confdb_ctx *cdb)
 {
@@ -265,36 +196,6 @@ static int nss_get_config(struct nss_ctx *nctx,
     if (ret != EOK) goto done;
 
     ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
-                            CONFDB_NSS_OVERRIDE_SHELL, NULL,
-                            &nctx->override_shell);
-    if (ret != EOK && ret != ENOENT) goto done;
-
-    ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
-                                    CONFDB_NSS_ALLOWED_SHELL,
-                                    &nctx->allowed_shells);
-    if (ret != EOK && ret != ENOENT) goto done;
-
-    ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
-                                    CONFDB_NSS_VETOED_SHELL,
-                                    &nctx->vetoed_shells);
-    if (ret != EOK && ret != ENOENT) goto done;
-
-    ret = nss_get_etc_shells(nctx, &nctx->etc_shells);
-    if (ret != EOK) goto done;
-
-    ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
-                            CONFDB_NSS_SHELL_FALLBACK,
-                            CONFDB_DEFAULT_SHELL_FALLBACK,
-                            &nctx->shell_fallback);
-    if (ret != EOK) goto done;
-
-    ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
-                            CONFDB_NSS_DEFAULT_SHELL,
-                            NULL,
-                            &nctx->default_shell);
-    if (ret != EOK) goto done;
-
-    ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
                             CONFDB_NSS_HOMEDIR_SUBSTRING,
                             CONFDB_DEFAULT_HOMEDIR_SUBSTRING,
                             &nctx->homedir_substr);
author	Nikolai Kondrashov <Nikolai.Kondrashov@redhat.com>	2017-03-29 16:07:52 +0300
committer	Jakub Hrozek <jhrozek@redhat.com>	2017-07-27 10:32:14 +0200
commit	c31065ecc0793e836066035d0c692b050b5f6f55 (patch)
tree	5cfc7089fbcb0fb484df15207d66fb98b3e2d596 /src/responder/nss/nsssrv.c
parent	cb89693cf5ccdedf69fa304c6d43d618a7bc18b2 (diff)
download	sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.gz sssd-c31065ecc0793e836066035d0c692b050b5f6f55.tar.xz sssd-c31065ecc0793e836066035d0c692b050b5f6f55.zip