Arthur de Jong

Open Source / Free Software developer

summaryrefslogtreecommitdiffstats
path: root/nslcd/cfg.c
diff options
context:
space:
mode:
authorArthur de Jong <arthur@arthurdejong.org>2013-03-24 19:59:34 +0100
committerArthur de Jong <arthur@arthurdejong.org>2013-03-24 22:48:13 +0100
commitb1b7648169d0f3b3c88dea3e6642422a29ad373c (patch)
tree21a74b6cbf580e71683ea810c897dd7e8b231a8e /nslcd/cfg.c
parentd6a6e8b436fc2b3aabc8a6edd62ad60bd70e0c4c (diff)
Implement a nss_nested_groups configuration option
This option can be used in both nslcd and pynslcd to enable recursive group member lookups. By default the functionality is disabled. This also updates the documentation.
Diffstat (limited to 'nslcd/cfg.c')
-rw-r--r--nslcd/cfg.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/nslcd/cfg.c b/nslcd/cfg.c
index c2b9674..056b6e2 100644
--- a/nslcd/cfg.c
+++ b/nslcd/cfg.c
@@ -1089,6 +1089,7 @@ static void cfg_defaults(struct ldap_config *cfg)
cfg->pagesize = 0;
cfg->nss_initgroups_ignoreusers = NULL;
cfg->nss_min_uid = 0;
+ cfg->nss_nested_groups = 0;
cfg->validnames_str = NULL;
handle_validnames(__FILE__, __LINE__, "",
"/^[a-z0-9._@$()]([a-z0-9._@$() \\~-]*[a-z0-9._@$()~-])?$/i",
@@ -1408,6 +1409,11 @@ static void cfg_read(const char *filename, struct ldap_config *cfg)
cfg->nss_min_uid = get_int(filename, lnr, keyword, &line);
get_eol(filename, lnr, keyword, &line);
}
+ else if (strcasecmp(keyword, "nss_nested_groups") == 0)
+ {
+ cfg->nss_nested_groups = get_boolean(filename, lnr, keyword, &line);
+ get_eol(filename, lnr, keyword, &line);
+ }
else if (strcasecmp(keyword, "validnames") == 0)
{
handle_validnames(filename, lnr, keyword, line, cfg);
@@ -1671,6 +1677,7 @@ static void cfg_dump(void)
log_log(LOG_DEBUG, "CFG: nss_initgroups_ignoreusers %s", buffer);
}
log_log(LOG_DEBUG, "CFG: nss_min_uid %d", nslcd_cfg->nss_min_uid);
+ log_log(LOG_DEBUG, "CFG: nss_nested_groups %s", print_boolean(nslcd_cfg->nss_nested_groups));
log_log(LOG_DEBUG, "CFG: validnames %s", nslcd_cfg->validnames_str);
log_log(LOG_DEBUG, "CFG: ignorecase %s", print_boolean(nslcd_cfg->ignorecase));
for (i = 0; i < NSS_LDAP_CONFIG_MAX_AUTHZ_SEARCHES; i++)