summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGünther Deschner <gd@samba.org>2013-07-18 19:04:29 +0200
committerJeremy Allison <jra@samba.org>2013-07-23 15:39:14 -0700
commit73e6feff9b3f30e70d84fe256aff239fafdfdb95 (patch)
tree6d5bfa11df604b3fb5b95ff503f98fc2a7e25dae
parente9ae36e9683372b86f1efbd29904722a33fea083 (diff)
downloadsamba-73e6feff9b3f30e70d84fe256aff239fafdfdb95.tar.gz
samba-73e6feff9b3f30e70d84fe256aff239fafdfdb95.tar.bz2
samba-73e6feff9b3f30e70d84fe256aff239fafdfdb95.zip
wbinfo: allow to define a custom krb5ccname for kerberized pam auth.
Guenther Signed-off-by: Günther Deschner <gd@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
-rw-r--r--nsswitch/wbinfo.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c
index a1ca7fc574..cba469e469 100644
--- a/nsswitch/wbinfo.c
+++ b/nsswitch/wbinfo.c
@@ -2097,6 +2097,7 @@ int main(int argc, char **argv, char **envp)
bool use_lanman = false;
char *logoff_user = getenv("USER");
int logoff_uid = geteuid();
+ const char *opt_krb5ccname = "FILE";
struct poptOption long_options[] = {
POPT_AUTOHELP
@@ -2178,6 +2179,7 @@ int main(int argc, char **argv, char **envp)
{ "krb5auth", 'K', POPT_ARG_STRING, &string_arg, 'K', "authenticate user using Kerberos", "user%password" },
/* destroys wbinfo --help output */
/* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */
+ { "krb5ccname", 0, POPT_ARG_STRING, &opt_krb5ccname, '0', "authenticate user using Kerberos and specific credential cache type", "krb5ccname" },
#endif
{ "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL },
{ "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL },
@@ -2547,13 +2549,13 @@ int main(int argc, char **argv, char **envp)
WBFLAG_PAM_INFO3_TEXT |
WBFLAG_PAM_CONTACT_TRUSTDOM;
- if (!wbinfo_auth_krb5(string_arg, "FILE",
+ if (!wbinfo_auth_krb5(string_arg, opt_krb5ccname,
flags)) {
d_fprintf(stderr,
"Could not authenticate user "
"[%s] with Kerberos "
"(ccache: %s)\n", string_arg,
- "FILE");
+ opt_krb5ccname);
goto done;
}
break;