summaryrefslogtreecommitdiff
path: root/src/responder/pam
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2013-08-07 11:25:50 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-08-08 00:44:19 +0200
commitefa8ca8cea5fb6153a42799544ab45fc96bc7ea5 (patch)
tree4df680a8a2797773c801cab8d454f085b70fb804 /src/responder/pam
parentddbe6bc5595767e52a3893355515fc260b8f4be4 (diff)
downloadsssd-efa8ca8cea5fb6153a42799544ab45fc96bc7ea5.tar.gz
sssd-efa8ca8cea5fb6153a42799544ab45fc96bc7ea5.tar.bz2
sssd-efa8ca8cea5fb6153a42799544ab45fc96bc7ea5.zip
PAM: Set negcache if user is not found after provider check
Diffstat (limited to 'src/responder/pam')
-rw-r--r--src/responder/pam/pamsrv_cmd.c10
1 files changed, 10 insertions, 0 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
index 645f9357..ed3afb63 100644
--- a/src/responder/pam/pamsrv_cmd.c
+++ b/src/responder/pam/pamsrv_cmd.c
@@ -975,6 +975,16 @@ static int pam_check_user_search(struct pam_auth_req *preq)
}
if (preq->res->count == 0) {
+ if (preq->check_provider == false) {
+ /* set negative cache only if not result of cache check */
+ ret = sss_ncache_set_user(pctx->ncache, false, dom, name);
+ if (ret != EOK) {
+ /* Should not be fatal, just slower next time */
+ DEBUG(SSSDBG_MINOR_FAILURE,
+ ("Cannot set ncache for %s\n", name, dom));
+ }
+ }
+
/* if a multidomain search, try with next */
if (!preq->pd->domain) {
dom = get_next_domain(dom, false);