summaryrefslogtreecommitdiff
path: root/src/util
diff options
context:
space:
mode:
authorMichal Zidek <mzidek@redhat.com>2013-02-07 19:35:37 +0100
committerJakub Hrozek <jhrozek@redhat.com>2013-03-19 17:50:53 +0100
commitb42bb7d9dbf9a4c44a03e7bf1bab471a8a85e858 (patch)
tree990fcb7fa6901faf4f2b7befea8912324106dad5 /src/util
parent1f469537545a20b62cb35966033be24e1c0cae39 (diff)
downloadsssd-b42bb7d9dbf9a4c44a03e7bf1bab471a8a85e858.tar.gz
sssd-b42bb7d9dbf9a4c44a03e7bf1bab471a8a85e858.tar.bz2
sssd-b42bb7d9dbf9a4c44a03e7bf1bab471a8a85e858.zip
Move SELinux processing to provider.
The SELinux processing was distributed between provider and pam responder which resulted in hard to maintain code. This patch moves the logic to provider. IT ALSO REQUIRES CHANGE IN THE SELINUX POLICY, because the provider also writes the content of selinux login file to disk (which was done by responder before). https://fedorahosted.org/sssd/ticket/1743
Diffstat (limited to 'src/util')
-rw-r--r--src/util/sss_selinux.c8
-rw-r--r--src/util/sss_selinux.h2
2 files changed, 5 insertions, 5 deletions
diff --git a/src/util/sss_selinux.c b/src/util/sss_selinux.c
index ee5ddab6..dcac9ee6 100644
--- a/src/util/sss_selinux.c
+++ b/src/util/sss_selinux.c
@@ -239,16 +239,16 @@ done:
return ret;
}
-const char *sss_selinux_map_get_seuser(struct ldb_message *usermap)
+const char *sss_selinux_map_get_seuser(struct sysdb_attrs *usermap)
{
int i;
const uint8_t *name;
const uint8_t *template = (const uint8_t *)SYSDB_SELINUX_USER;
- for (i = 0; i < usermap->num_elements; i++) {
- name = (const uint8_t *)usermap->elements[i].name;
+ for (i = 0; i < usermap->num; i++) {
+ name = (const uint8_t *)usermap->a[i].name;
if (sss_utf8_case_eq(name, template) == 0) {
- return (const char *)usermap->elements[i].values[0].data;
+ return (const char *)usermap->a[i].values[0].data;
}
}
diff --git a/src/util/sss_selinux.h b/src/util/sss_selinux.h
index 5dae5dd3..ae5b2f35 100644
--- a/src/util/sss_selinux.h
+++ b/src/util/sss_selinux.h
@@ -50,6 +50,6 @@ bool sss_selinux_match(struct sysdb_attrs *usermap,
struct sysdb_attrs *host,
uint32_t *_priority);
-const char *sss_selinux_map_get_seuser(struct ldb_message *usermap);
+const char *sss_selinux_map_get_seuser(struct sysdb_attrs *usermap);
#endif /* SSS_SELINUX_H_ */