diff options
| author | Arthur de Jong <arthur@arthurdejong.org> | 2018-07-21 16:13:23 +0200 |
|---|---|---|
| committer | Arthur de Jong <arthur@arthurdejong.org> | 2018-07-21 19:24:17 +0200 |
| commit | 84676ab4a6a4821e8dbd8c340216b68c24aeeea7 (patch) | |
| tree | 6123e7c25c8543262f243216959d5f1bf305252b | |
| parent | 9fbcdd17ad1f6da3421051fbe329d74201f0437f (diff) | |
Add domain variable for use in pam_authz_search
This adds a domain variable (if it can be determined on the system) that
can be used in pam_authz_search and pam_authc_search filters to build
search filters that search on the domain name (the FQDN without the
starting host name).
Closes https://github.com/arthurdejong/nss-pam-ldapd/issues/8
| -rw-r--r-- | man/nslcd.conf.5.xml | 1 | ||||
| -rw-r--r-- | nslcd/cfg.c | 1 | ||||
| -rw-r--r-- | nslcd/pam.c | 8 |
3 files changed, 8 insertions, 2 deletions
diff --git a/man/nslcd.conf.5.xml b/man/nslcd.conf.5.xml index a83d04c..b54871b 100644 --- a/man/nslcd.conf.5.xml +++ b/man/nslcd.conf.5.xml @@ -900,6 +900,7 @@ <literal>$ruser</literal>, <literal>$rhost</literal>, <literal>$tty</literal>, <literal>$hostname</literal>, <literal>$fqdn</literal>, <!-- since 0.8.1 --> + <literal>$domain</literal>, <!-- since 0.9.10 --> <literal>$dn</literal>, and <literal>$uid</literal>. These references are substituted in the search filter using the same syntax as described in the section on attribute mapping diff --git a/nslcd/cfg.c b/nslcd/cfg.c index 348e800..404ffda 100644 --- a/nslcd/cfg.c +++ b/nslcd/cfg.c @@ -1012,6 +1012,7 @@ static void check_search_variables( (strcmp(list[i], "tty") != 0) && (strcmp(list[i], "hostname") != 0) && (strcmp(list[i], "fqdn") != 0) && + (strcmp(list[i], "domain") != 0) && (strcmp(list[i], "dn") != 0) && (strcmp(list[i], "uid") != 0)) { diff --git a/nslcd/pam.c b/nslcd/pam.c index 7772959..2132107 100644 --- a/nslcd/pam.c +++ b/nslcd/pam.c @@ -2,7 +2,7 @@ pam.c - pam processing routines Copyright (C) 2009 Howard Chu - Copyright (C) 2009-2017 Arthur de Jong + Copyright (C) 2009-2018 Arthur de Jong Copyright (C) 2015 Nokia Solutions and Networks This library is free software; you can redistribute it and/or @@ -71,7 +71,7 @@ static DICT *search_vars_new(const char *dn, const char *username, char hostname[BUFLEN_HOSTNAME]; /* allocating this on the stack is OK because search_var_add() will allocate new memory for the value */ - const char *fqdn; + const char *fqdn, *found; DICT *dict; dict = dict_new(); if (dict == NULL) @@ -89,7 +89,11 @@ static DICT *search_vars_new(const char *dn, const char *username, if (gethostname(hostname, sizeof(hostname)) == 0) search_var_add(dict, "hostname", hostname); if ((fqdn = getfqdn()) != NULL) + { search_var_add(dict, "fqdn", fqdn); + if (((found = strchr(fqdn, '.'))) != NULL && (found[1] != '\0')) + search_var_add(dict, "domain", found + 1); + } search_var_add(dict, "dn", dn); search_var_add(dict, "uid", username); return dict; |