From 66318dfe1e7138ff3fc780c4b3f0b29c4b2d8712 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Wed, 17 Oct 2012 14:43:07 +0200 Subject: Allow setting the default_shell option per-domain as well https://fedorahosted.org/sssd/ticket/1583 --- src/confdb/confdb.c | 10 ++++++++++ src/confdb/confdb.h | 1 + src/config/SSSDConfigTest.py | 2 ++ src/config/etc/sssd.api.conf | 1 + src/man/sssd-ad.5.xml | 3 ++- src/man/sssd.conf.5.xml | 3 ++- src/responder/nss/nsssrv_cmd.c | 4 +++- 7 files changed, 21 insertions(+), 3 deletions(-) (limited to 'src') diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index 37a5758c..13035a41 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1074,6 +1074,16 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, } } + tmp = ldb_msg_find_attr_as_string(res->msgs[0], + CONFDB_NSS_DEFAULT_SHELL, NULL); + if (tmp != NULL) { + domain->default_shell = talloc_strdup(domain, tmp); + if (!domain->default_shell) { + ret = ENOMEM; + goto done; + } + } + ret = get_entry_as_bool(res->msgs[0], &domain->case_sensitive, CONFDB_DOMAIN_CASE_SENSITIVE, true); if(ret != EOK) { diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 0e02e6cf..88e80c17 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -212,6 +212,7 @@ struct sss_domain_info { const char *fallback_homedir; const char *subdomain_homedir; const char *override_shell; + const char *default_shell; uint32_t user_timeout; uint32_t group_timeout; diff --git a/src/config/SSSDConfigTest.py b/src/config/SSSDConfigTest.py index 73e1ea69..3bfa6310 100755 --- a/src/config/SSSDConfigTest.py +++ b/src/config/SSSDConfigTest.py @@ -510,6 +510,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'override_homedir', 'fallback_homedir', 'override_shell', + 'default_shell', 'pwd_expiration_warning', 'id_provider', 'auth_provider', @@ -848,6 +849,7 @@ class SSSDConfigTestSSSDDomain(unittest.TestCase): 'override_homedir', 'fallback_homedir', 'override_shell', + 'default_shell', 'pwd_expiration_warning', 'id_provider', 'auth_provider', diff --git a/src/config/etc/sssd.api.conf b/src/config/etc/sssd.api.conf index 2ba47d71..a5af1200 100644 --- a/src/config/etc/sssd.api.conf +++ b/src/config/etc/sssd.api.conf @@ -109,6 +109,7 @@ case_sensitive = bool, None, false override_homedir = str, None, false fallback_homedir = str, None, false override_shell = str, None, false +default_shell = str, None, false #Entry cache timeouts entry_cache_user_timeout = int, None, false diff --git a/src/man/sssd-ad.5.xml b/src/man/sssd-ad.5.xml index 0d3f3489..1570ed8a 100644 --- a/src/man/sssd-ad.5.xml +++ b/src/man/sssd-ad.5.xml @@ -205,7 +205,8 @@ fallback_homedir = /home/%u The default shell to use if the provider does not return one during lookup. This option supersedes - any other shell options if it takes effect. + any other shell options if it takes effect and can + be set either in the [nss] section or per-domain. Default: not set (Return NULL if no shell is diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml index c818b97d..f0c3b606 100644 --- a/src/man/sssd.conf.5.xml +++ b/src/man/sssd.conf.5.xml @@ -585,7 +585,8 @@ override_homedir = /home/%u The default shell to use if the provider does not return one during lookup. This option supersedes - any other shell options if it takes effect. + any other shell options if it takes effect and can + be set either in the [nss] section or per-domain. Default: not set (Return NULL if no shell is diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 42d32e9d..ec256112 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -173,7 +173,9 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx, user_shell = ldb_msg_find_attr_as_string(msg, SYSDB_SHELL, NULL); if (!user_shell) { /* Check whether there is a default shell specified */ - if (nctx->default_shell) { + if (dom->default_shell) { + return talloc_strdup(mem_ctx, dom->default_shell); + } else if (nctx->default_shell) { return talloc_strdup(mem_ctx, nctx->default_shell); } return NULL; -- cgit