7bddea6c90
Resolves: rhbz#1437199 - sssd-nfs-idmap-1.15.2-1.fc25.x86_64 conflicts with
file from package sssd-common-1.15.1-1.fc25.x86_64
Resolves: rhbz#1063278 - sss_ssh_knownhostsproxy doesn't fall back to ipv4
142 lines
4.1 KiB
Diff
142 lines
4.1 KiB
Diff
From 435b3678de25d22eb8a6e892109d26c32f0760a4 Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Wed, 25 Jan 2017 16:50:00 +0100
|
|
Subject: [PATCH 102/135] pam_test_client: add SSSD getpwnam lookup
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Related to https://pagure.io/SSSD/sssd/issue/3292
|
|
|
|
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
---
|
|
Makefile.am | 10 ++++--
|
|
src/sss_client/pam_test_client.c | 76 ++++++++++++++++++++++++++++++++++++++++
|
|
2 files changed, 84 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/Makefile.am b/Makefile.am
|
|
index d45c0ff757dfae378c71c6f8850fddce2c61cad8..7aca5b86f1275e89ae73f5594887f515773c2058 100644
|
|
--- a/Makefile.am
|
|
+++ b/Makefile.am
|
|
@@ -3461,8 +3461,14 @@ if BUILD_WITH_LIBCURL
|
|
noinst_PROGRAMS += tcurl-test-tool
|
|
endif
|
|
|
|
-pam_test_client_SOURCES = src/sss_client/pam_test_client.c
|
|
-pam_test_client_LDADD = $(PAM_LIBS) $(PAM_MISC_LIBS)
|
|
+pam_test_client_SOURCES = \
|
|
+ src/sss_client/pam_test_client.c \
|
|
+ $(NULL)
|
|
+pam_test_client_LDADD = \
|
|
+ $(PAM_LIBS) \
|
|
+ $(PAM_MISC_LIBS) \
|
|
+ $(LIBADD_DL) \
|
|
+ $(NULL)
|
|
|
|
if BUILD_AUTOFS
|
|
autofs_test_client_SOURCES = \
|
|
diff --git a/src/sss_client/pam_test_client.c b/src/sss_client/pam_test_client.c
|
|
index ea032a75b195a9bf8078ed7d248da154ab0c8430..69af612270492968b56d1c11de2bf56ebf57471f 100644
|
|
--- a/src/sss_client/pam_test_client.c
|
|
+++ b/src/sss_client/pam_test_client.c
|
|
@@ -25,6 +25,11 @@
|
|
#include <stdio.h>
|
|
#include <unistd.h>
|
|
#include <string.h>
|
|
+#include <dlfcn.h>
|
|
+#include <sys/types.h>
|
|
+#include <pwd.h>
|
|
+#include <nss.h>
|
|
+#include <errno.h>
|
|
|
|
#include <security/pam_appl.h>
|
|
|
|
@@ -51,6 +56,70 @@ static struct pam_conv conv = {
|
|
#define DEFAULT_ACTION "acct"
|
|
#define DEFAULT_SERVICE "system-auth"
|
|
|
|
+#define DEFAULT_BUFSIZE 4096
|
|
+
|
|
+static int sss_getpwnam_check(const char *user)
|
|
+{
|
|
+ void *dl_handle = NULL;
|
|
+ enum nss_status (*sss_getpwnam_r)(const char *name, struct passwd *result,
|
|
+ char *buffer, size_t buflen,
|
|
+ int *errnop);
|
|
+ struct passwd pwd = { 0 };
|
|
+ enum nss_status status;
|
|
+ char *buffer = NULL;
|
|
+ size_t buflen;
|
|
+ int nss_errno;
|
|
+ int ret;
|
|
+
|
|
+ dl_handle = dlopen("libnss_sss.so.2", RTLD_NOW);
|
|
+ if (dl_handle == NULL) {
|
|
+ fprintf(stderr, "dlopen failed with [%s].\n", dlerror());
|
|
+ ret = EIO;
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
+ sss_getpwnam_r = dlsym(dl_handle, "_nss_sss_getpwnam_r");
|
|
+ if (sss_getpwnam_r == NULL) {
|
|
+ fprintf(stderr, "dlsym failed with [%s].\n", dlerror());
|
|
+ ret = EIO;
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
+ buflen = DEFAULT_BUFSIZE;
|
|
+ buffer = malloc(buflen);
|
|
+ if (buffer == NULL) {
|
|
+ fprintf(stderr, "malloc failed.\n");
|
|
+ ret = ENOMEM;
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
+ status = sss_getpwnam_r(user, &pwd, buffer, buflen, &nss_errno);
|
|
+ if (status != NSS_STATUS_SUCCESS) {
|
|
+ fprintf(stderr, "sss_getpwnam_r failed with [%d].\n", status);
|
|
+ ret = EIO;
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
+ fprintf(stdout, "SSSD nss user lookup result:\n");
|
|
+ fprintf(stdout, " - user name: %s\n", pwd.pw_name);
|
|
+ fprintf(stdout, " - user id: %d\n", pwd.pw_uid);
|
|
+ fprintf(stdout, " - group id: %d\n", pwd.pw_gid);
|
|
+ fprintf(stdout, " - gecos: %s\n", pwd.pw_gecos);
|
|
+ fprintf(stdout, " - home directory: %s\n", pwd.pw_dir);
|
|
+ fprintf(stdout, " - shell: %s\n", pwd.pw_shell);
|
|
+
|
|
+ ret = 0;
|
|
+
|
|
+done:
|
|
+ if (dl_handle != NULL) {
|
|
+ dlclose(dl_handle);
|
|
+ }
|
|
+
|
|
+ free(buffer);
|
|
+
|
|
+ return ret;
|
|
+}
|
|
+
|
|
int main(int argc, char *argv[]) {
|
|
|
|
pam_handle_t *pamh;
|
|
@@ -85,6 +154,13 @@ int main(int argc, char *argv[]) {
|
|
fprintf(stdout, "user: %s\naction: %s\nservice: %s\n",
|
|
user, action, service);
|
|
|
|
+ if (*user != '\0') {
|
|
+ ret = sss_getpwnam_check(user);
|
|
+ if (ret != 0) {
|
|
+ fprintf(stderr, "User name lookup with [%s] failed.\n", user);
|
|
+ }
|
|
+ }
|
|
+
|
|
ret = pam_start(service, user, &conv, &pamh);
|
|
if (ret != PAM_SUCCESS) {
|
|
fprintf(stderr, "pam_start failed: %s\n", pam_strerror(pamh, ret));
|
|
--
|
|
2.12.2
|
|
|