Attachment #140079 for bug #186545

View | Details | Raw Unified | Return to bug 186545 | Differences between
Collapse All | Expand All




--- src/sss_client/pam_sss.c.orig	2013-11-06 13:35:03.000000000 -0500
+++ src/sss_client/pam_sss.c	2014-02-07 12:38:51.000000000 -0500
@@ -52,6 +52,7 @@
 #define FLAGS_USE_FIRST_PASS (1 << 0)
 #define FLAGS_FORWARD_PASS   (1 << 1)
 #define FLAGS_USE_AUTHTOK    (1 << 2)
+#define FLAGS_IGNORE_UNKNOWN_USER (1 << 3)
 
 #define PWEXP_FLAG "pam_sss:password_expired_flag"
 #define FD_DESTRUCTOR "pam_sss:fd_destructor"
@@ -125,10 +126,12 @@
--- src/sss_client/pam_sss.c
+++ src/sss_client/pam_sss.c
@@ -125,10 +125,12 @@ static void free_exp_data(pam_handle_t *pamh, void *ptr, int err)
 
 static void close_fd(pam_handle_t *pamh, void *ptr, int err)
 {

 
     D(("Closing the fd"));
     sss_pam_close_fd();
@@ -1292,6 +1295,8 @@
             }
         } else if (strcmp(*argv, "quiet") == 0) {
             *quiet_mode = true;
+        } else if (strcmp(*argv, "ignore_unknown_user") == 0) {
+            *flags |= FLAGS_IGNORE_UNKNOWN_USER;
         } else {
             logger(pamh, LOG_WARNING, "unknown option: %s", *argv);
         }
@@ -1429,6 +1434,9 @@
     ret = get_pam_items(pamh, &pi);
     if (ret != PAM_SUCCESS) {
         D(("get items returned error: %s", pam_strerror(pamh,ret)));
+        if (flags & FLAGS_IGNORE_UNKNOWN_USER && ret == PAM_USER_UNKNOWN) {
+            ret = PAM_IGNORE;
+        }
         return ret;
     }


Return to bug 186545

Lines 1-17 Link Here

(-)files/patch-src__sss_client__pam_sss.c (-17 / +30 lines)
1	From 86816db5982df0c1b0c5f5722e23111c62ff362e Mon Sep 17 00:00:00 2001	1	--- src/sss_client/pam_sss.c.orig 2013-11-06 13:35:03.000000000 -0500
2	From: Lukas Slebodnik <lukas.slebodnik@intrak.sk>	2	+++ src/sss_client/pam_sss.c 2014-02-07 12:38:51.000000000 -0500
3	Date: Sat, 27 Jul 2013 15:02:31 +0200	3	@@ -52,6 +52,7 @@
4	Subject: [PATCH 31/34] patch-src__sss_client__pam_sss.c	4	#define FLAGS_USE_FIRST_PASS (1 << 0)
5		5	#define FLAGS_FORWARD_PASS (1 << 1)
6	---	6	#define FLAGS_USE_AUTHTOK (1 << 2)
7	src/sss_client/pam_sss.c \| 2 ++	7	+#define FLAGS_IGNORE_UNKNOWN_USER (1 << 3)
8	1 file changed, 2 insertions(+)	8
9		9	#define PWEXP_FLAG "pam_sss:password_expired_flag"
10	diff --git src/sss_client/pam_sss.c src/sss_client/pam_sss.c	10	#define FD_DESTRUCTOR "pam_sss:fd_destructor"
11	index 3734c8f..7110d38 100644	11	@@ -125,10 +126,12 @@
12	--- src/sss_client/pam_sss.c
13	+++ src/sss_client/pam_sss.c
14	@@ -125,10 +125,12 @@ static void free_exp_data(pam_handle_t pamh, void ptr, int err)
15		12
16	static void close_fd(pam_handle_t pamh, void ptr, int err)	13	static void close_fd(pam_handle_t pamh, void ptr, int err)
17	{	14	{
Lines 24-29 Link Here
24		21
25	D(("Closing the fd"));	22	D(("Closing the fd"));
26	sss_pam_close_fd();	23	sss_pam_close_fd();
27	--	24	@@ -1292,6 +1295,8 @@
28	1.8.0	25	}
29		26	} else if (strcmp(*argv, "quiet") == 0) {
		27	*quiet_mode = true;
		28	+ } else if (strcmp(*argv, "ignore_unknown_user") == 0) {
		29	+ *flags \|= FLAGS_IGNORE_UNKNOWN_USER;
		30	} else {
		31	logger(pamh, LOG_WARNING, "unknown option: %s", *argv);
		32	}
		33	@@ -1429,6 +1434,9 @@
		34	ret = get_pam_items(pamh, &pi);
		35	if (ret != PAM_SUCCESS) {
		36	D(("get items returned error: %s", pam_strerror(pamh,ret)));
		37	+ if (flags & FLAGS_IGNORE_UNKNOWN_USER && ret == PAM_USER_UNKNOWN) {
		38	+ ret = PAM_IGNORE;
		39	+ }
		40	return ret;
		41	}
		42