summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/confdb/confdb.h1
-rw-r--r--src/man/sssd.conf.5.xml14
-rw-r--r--src/python/pysss.c6
-rw-r--r--src/tools/sss_userdel.c6
-rw-r--r--src/tools/tools_util.c75
-rw-r--r--src/tools/tools_util.h2
6 files changed, 104 insertions, 0 deletions
diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h
index 452fbdc9..0e0a1b10 100644
--- a/src/confdb/confdb.h
+++ b/src/confdb/confdb.h
@@ -111,6 +111,7 @@
#define CONFDB_LOCAL_UMASK "homedir_umask"
#define CONFDB_LOCAL_SKEL_DIR "skel_dir"
#define CONFDB_LOCAL_MAIL_DIR "mail_dir"
+#define CONFDB_LOCAL_USERDEL_CMD "userdel_cmd"
/* Proxy Provider */
#define CONFDB_PROXY_LIBNAME "proxy_lib_name"
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index daf61afc..93bc2190 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -784,6 +784,20 @@
</para>
</listitem>
</varlistentry>
+ <varlistentry>
+ <term>userdel_cmd (string)</term>
+ <listitem>
+ <para>
+ The command that is run after a user is removed.
+ The command us passed the username of the user being
+ removed as the first and only parameter. The return
+ code of the command is not taken into account.
+ </para>
+ <para>
+ Default: None, no command is run
+ </para>
+ </listitem>
+ </varlistentry>
</variablelist>
</refsect2>
diff --git a/src/python/pysss.c b/src/python/pysss.c
index bc1cf6e7..7c84c21e 100644
--- a/src/python/pysss.c
+++ b/src/python/pysss.c
@@ -366,6 +366,12 @@ static PyObject *py_sss_userdel(PySssLocalObject *self,
goto fail;
}
+ ret = run_userdel_cmd(tctx);
+ if (ret != EOK) {
+ PyErr_SetSssError(ret);
+ goto fail;
+ }
+
if (tctx->octx->remove_homedir) {
ret = sysdb_getpwnam_sync(tctx,
tctx->ev,
diff --git a/src/tools/sss_userdel.c b/src/tools/sss_userdel.c
index e84d78b1..7f17b1fb 100644
--- a/src/tools/sss_userdel.c
+++ b/src/tools/sss_userdel.c
@@ -161,6 +161,12 @@ int main(int argc, const char **argv)
end_transaction(tctx);
+ ret = run_userdel_cmd(tctx);
+ if (ret != EOK) {
+ ERROR("The post-delete command failed: %s\n", strerror(ret));
+ goto fini;
+ }
+
if (tctx->octx->remove_homedir) {
ret = remove_homedir(tctx,
tctx->octx->home,
diff --git a/src/tools/tools_util.c b/src/tools/tools_util.c
index 97945238..9f9382a6 100644
--- a/src/tools/tools_util.c
+++ b/src/tools/tools_util.c
@@ -25,6 +25,7 @@
#include <errno.h>
#include <sys/stat.h>
#include <sys/types.h>
+#include <sys/wait.h>
#include <fcntl.h>
#include "config.h"
@@ -518,3 +519,77 @@ done:
return ret;
}
+int run_userdel_cmd(struct tools_ctx *tctx)
+{
+ int ret, status;
+ char *userdel_cmd = NULL;
+ char *conf_path = NULL;
+ pid_t pid, child_pid;
+
+ conf_path = talloc_asprintf(tctx, CONFDB_DOMAIN_PATH_TMPL,
+ tctx->local->name);
+ if (!conf_path) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = confdb_get_string(tctx->confdb, tctx,
+ conf_path, CONFDB_LOCAL_USERDEL_CMD,
+ NULL, &userdel_cmd);
+ if (ret != EOK || !userdel_cmd) {
+ goto done;
+ }
+
+ errno = 0;
+ pid = fork();
+ if (pid == 0) {
+ /* child */
+ execl(userdel_cmd, userdel_cmd,
+ tctx->octx->name, (char *) NULL);
+ exit(errno);
+ } else {
+ /* parent */
+ if (pid == -1) {
+ DEBUG(1, ("fork failed [%d]: %s\n"));
+ ret = errno;
+ goto done;
+ }
+
+ while((child_pid = waitpid(pid, &status, 0)) > 0) {
+ if (child_pid == -1) {
+ DEBUG(1, ("waitpid failed\n"));
+ ret = errno;
+ goto done;
+ }
+
+ if (WIFEXITED(status)) {
+ ret = WEXITSTATUS(status);
+ if (ret != 0) {
+ DEBUG(5, ("command [%s] returned nonzero status %d.\n",
+ userdel_cmd, ret));
+ ret = EOK; /* Ignore return code of the command */
+ goto done;
+ }
+ } else if (WIFSIGNALED(status)) {
+ DEBUG(5, ("command [%s] was terminated by signal %d.\n",
+ userdel_cmd, WTERMSIG(status)));
+ ret = EIO;
+ goto done;
+ } else if (WIFSTOPPED(status)) {
+ DEBUG(5, ("command [%s] was stopped by signal %d.\n",
+ userdel_cmd, WSTOPSIG(status)));
+ continue;
+ } else {
+ DEBUG(1, ("Unknown status from WAITPID\n"));
+ ret = EIO;
+ goto done;
+ }
+ }
+ }
+
+ ret = EOK;
+done:
+ talloc_free(userdel_cmd);
+ talloc_free(conf_path);
+ return ret;
+}
diff --git a/src/tools/tools_util.h b/src/tools/tools_util.h
index a2b5c783..fccec146 100644
--- a/src/tools/tools_util.h
+++ b/src/tools/tools_util.h
@@ -95,6 +95,8 @@ int remove_homedir(TALLOC_CTX *mem_ctx,
const char *username,
uid_t uid, bool force);
+int run_userdel_cmd(struct tools_ctx *tctx);
+
/* from files.c */
int remove_tree(const char *root);