summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2013-08-27 14:02:42 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-09-17 16:02:20 +0200
commit721241198c369596c4f13445c70f227b199fdcd0 (patch)
tree3fc83595460b7b36756ed0417d51c8c9ed3e67b6
parent588a67a6f14cec797a7bda2682115c5123598f37 (diff)
downloadsssd-721241198c369596c4f13445c70f227b199fdcd0.tar.gz
sssd-721241198c369596c4f13445c70f227b199fdcd0.tar.bz2
sssd-721241198c369596c4f13445c70f227b199fdcd0.zip
simple provider: support subdomain users
Resolves: https://fedorahosted.org/sssd/ticket/2034
-rw-r--r--src/providers/simple/simple_access.c15
1 files changed, 10 insertions, 5 deletions
diff --git a/src/providers/simple/simple_access.c b/src/providers/simple/simple_access.c
index 46e6dde1..46b045e5 100644
--- a/src/providers/simple/simple_access.c
+++ b/src/providers/simple/simple_access.c
@@ -141,13 +141,18 @@ static errno_t simple_access_parse_names(TALLOC_CTX *mem_ctx,
}
if (domain == NULL || strcasecmp(domain, be_ctx->domain->name) == 0) {
- /* main domain, remember the name without domain part */
+ /* This object belongs to main SSSD domain. Those users and groups
+ * are stored without domain part, so we will strip it off.
+ * */
out[i] = talloc_move(out, &name);
} else {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Unknown domain in %s. "
- "Check you configuration.\n", list[i]));
- ret = EINVAL;
- goto done;
+ /* Subdomain users and groups are stored as fully qualified names,
+ * thus we will remember the domain part.
+ *
+ * Since subdomains may come and go, we will look for their
+ * existence later, during each access check.
+ */
+ out[i] = talloc_move(out, &list[i]);
}
}