diff options
author | Pavel Březina <pbrezina@redhat.com> | 2015-10-11 17:53:28 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-14 13:07:45 +0200 |
commit | fb8985a3a3a267940760967beaf8af3979ce91ea (patch) | |
tree | 0260eec6df16a6bd3adaa33dfdfabc26b6a3477d /src | |
parent | 51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7 (diff) | |
download | sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.gz sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.xz sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.zip |
sudo: send original name and id with local views if possible
Resolves:
https://fedorahosted.org/sssd/ticket/2833
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src')
-rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 18 |
1 files changed, 13 insertions, 5 deletions
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index cc06977d9..c3336960e 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -79,6 +79,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) struct dp_callback_ctx *cb_ctx; const char *original_name = NULL; const char *extra_flag = NULL; + const char *search_name = NULL; char *name = NULL; uid_t uid = 0; errno_t ret; @@ -160,16 +161,23 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) if ((user->count == 0 || cache_expire < time(NULL)) && dctx->check_provider) { - if (DOM_HAS_VIEWS(dom) && (user->count == 0 - || ldb_msg_find_attr_as_string(user->msgs[0], - OVERRIDE_PREFIX SYSDB_NAME, - NULL) != NULL)) { + search_name = cmd_ctx->username; + if (is_local_view(dom->view_name)) { + /* Search with original name in case of local view. */ + if (user->count != 0) { + search_name = ldb_msg_find_attr_as_string(user->msgs[0], + SYSDB_NAME, NULL); + } + } else if (DOM_HAS_VIEWS(dom) && (user->count == 0 + || ldb_msg_find_attr_as_string(user->msgs[0], + OVERRIDE_PREFIX SYSDB_NAME, + NULL) != NULL)) { extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW; } dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx, dom, false, SSS_DP_INITGROUPS, - cmd_ctx->username, 0, extra_flag); + search_name, 0, extra_flag); if (!dpreq) { DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory sending data provider request\n"); |