diff options
author | Pavel Březina <pbrezina@redhat.com> | 2013-08-27 14:02:42 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-09-17 16:02:20 +0200 |
commit | 721241198c369596c4f13445c70f227b199fdcd0 (patch) | |
tree | 3fc83595460b7b36756ed0417d51c8c9ed3e67b6 | |
parent | 588a67a6f14cec797a7bda2682115c5123598f37 (diff) | |
download | sssd-721241198c369596c4f13445c70f227b199fdcd0.tar.gz sssd-721241198c369596c4f13445c70f227b199fdcd0.tar.bz2 sssd-721241198c369596c4f13445c70f227b199fdcd0.zip |
simple provider: support subdomain users
Resolves:
https://fedorahosted.org/sssd/ticket/2034
-rw-r--r-- | src/providers/simple/simple_access.c | 15 |
1 files changed, 10 insertions, 5 deletions
diff --git a/src/providers/simple/simple_access.c b/src/providers/simple/simple_access.c index 46e6dde1..46b045e5 100644 --- a/src/providers/simple/simple_access.c +++ b/src/providers/simple/simple_access.c @@ -141,13 +141,18 @@ static errno_t simple_access_parse_names(TALLOC_CTX *mem_ctx, } if (domain == NULL || strcasecmp(domain, be_ctx->domain->name) == 0) { - /* main domain, remember the name without domain part */ + /* This object belongs to main SSSD domain. Those users and groups + * are stored without domain part, so we will strip it off. + * */ out[i] = talloc_move(out, &name); } else { - DEBUG(SSSDBG_CRIT_FAILURE, ("Unknown domain in %s. " - "Check you configuration.\n", list[i])); - ret = EINVAL; - goto done; + /* Subdomain users and groups are stored as fully qualified names, + * thus we will remember the domain part. + * + * Since subdomains may come and go, we will look for their + * existence later, during each access check. + */ + out[i] = talloc_move(out, &list[i]); } } |