diff options
author | Günther Deschner <gd@samba.org> | 2013-07-18 19:05:51 +0200 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2013-07-23 15:39:29 -0700 |
commit | 7ad3a367d52b1f123c318946d654e95639202130 (patch) | |
tree | 710a299195c05707480537dbe7a9497e18d5fdfc | |
parent | 73e6feff9b3f30e70d84fe256aff239fafdfdb95 (diff) | |
download | samba-7ad3a367d52b1f123c318946d654e95639202130.tar.gz samba-7ad3a367d52b1f123c318946d654e95639202130.tar.bz2 samba-7ad3a367d52b1f123c318946d654e95639202130.zip |
s3-winbindd: support the DIR pragma for raw kerberos user pam authentication.
It is currently only available in MIT. In addition, allow to define custom
filepaths for FILE, WRFILE and DIR pragmas and substitute one occurence of the
%u pattern.
Guenther
Signed-off-by: Günther Deschner <gd@samba.org>
Pair-Programmed-With: Andreas Schneider <asn@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
-rw-r--r-- | source3/winbindd/winbindd_pam.c | 23 |
1 files changed, 23 insertions, 0 deletions
diff --git a/source3/winbindd/winbindd_pam.c b/source3/winbindd/winbindd_pam.c index aed47416ac..7b671542a2 100644 --- a/source3/winbindd/winbindd_pam.c +++ b/source3/winbindd/winbindd_pam.c @@ -492,6 +492,29 @@ static const char *generate_krb5_ccache(TALLOC_CTX *mem_ctx, gen_cc = talloc_asprintf( mem_ctx, "WRFILE:/tmp/krb5cc_%d", uid); } + if (strequal(type, "DIR")) { + gen_cc = talloc_asprintf( + mem_ctx, "DIR:/run/user/%d/krb5cc", uid); + } + + if (strnequal(type, "FILE:/", 6) || + strnequal(type, "WRFILE:/", 8) || + strnequal(type, "DIR:/", 5)) { + + /* we allow only one "%u" substitution */ + + char *p; + + p = strchr(type, '%'); + if (p != NULL) { + + p++; + + if (p != NULL && *p == 'u' && strchr(p, '%') == NULL) { + gen_cc = talloc_asprintf(mem_ctx, type, uid); + } + } + } } *user_ccache_file = gen_cc; |