38 lines
1.3 KiB
Diff
38 lines
1.3 KiB
Diff
From 2a3fb3bdbac5dd7294a2ec6f27346ae18355241a Mon Sep 17 00:00:00 2001
|
|
From: Justin Stephenson <jstephen@redhat.com>
|
|
Date: Thu, 10 Jun 2021 09:37:52 -0400
|
|
Subject: [PATCH 07/16] KCM: Unset _SSS_LOOPS
|
|
|
|
Since sssd_kcm is working independently of other SSSD components,
|
|
especially the nss responder, and the kcm client side in libkrb5 of
|
|
course does not check for _SSS_LOOPS to protect sssd_kcm from calling
|
|
into itself the variable is not needed.
|
|
|
|
This allows repeated getpwuid() calls in KCM renewals code to succeed.
|
|
|
|
Reviewed-by: Alexey Tikhonov <atikhono@redhat.com>
|
|
---
|
|
src/responder/kcm/kcm.c | 6 ++++++
|
|
1 file changed, 6 insertions(+)
|
|
|
|
diff --git a/src/responder/kcm/kcm.c b/src/responder/kcm/kcm.c
|
|
index 9be56b0b84b92f0cc6213509df1afc780dd1da28..09578c0cbac09a25f3ca56b19b89e7015d1b4298 100644
|
|
--- a/src/responder/kcm/kcm.c
|
|
+++ b/src/responder/kcm/kcm.c
|
|
@@ -268,6 +268,12 @@ static int kcm_process_init(TALLOC_CTX *mem_ctx,
|
|
kctx->rctx = rctx;
|
|
kctx->rctx->pvt_ctx = kctx;
|
|
|
|
+ /* KCM operates independently, getpw* recursion is not a concern */
|
|
+ ret = unsetenv("_SSS_LOOPS");
|
|
+ if (ret != EOK) {
|
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to unset _SSS_LOOPS");
|
|
+ }
|
|
+
|
|
ret = kcm_get_config(kctx);
|
|
if (ret != EOK) {
|
|
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error getting KCM config\n");
|
|
--
|
|
2.20.1
|
|
|