[SSSD] [sssd PR#703][synchronized] nss: sssd returns '/' for emtpy home directories
URL: https://github.com/SSSD/sssd/pull/703
Author: thalman
Title: #703: nss: sssd returns '/' for emtpy home directories
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/703/head:pr703
git checkout pr703
From be15343f9ad0d725586bd365486c0d4b2765f8aa Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Mon, 3 Dec 2018 14:11:31 +0100
Subject: [PATCH] nss: sssd returns '/' for emtpy home directories
For empty home directory in passwd file sssd returns "/". Sssd
should respect system behaviour and return the same as nsswitch
"files" module - return empty string.
Resolves:
https://pagure.io/SSSD/sssd/issue/3901
---
src/confdb/confdb.c | 9 +
src/man/include/ad_modified_defaults.xml | 19 +++
src/responder/nss/nss_protocol_pwent.c | 2 +-
src/tests/intg/test_files_provider.py| 2 +-
4 files changed, 30 insertions(+), 2 deletions(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index b0d886c9d..d3fdd3199 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1301,6 +1301,15 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
ret = ENOMEM;
goto done;
}
+} else {
+if (strcasecmp(domain->provider, "ad") == 0) {
+/* ad provider default */
+domain->fallback_homedir = talloc_strdup(domain, "/home/%d/%u");
+if (!domain->fallback_homedir) {
+ret = ENOMEM;
+goto done;
+}
+}
}
tmp = ldb_msg_find_attr_as_string(res->msgs[0],
diff --git a/src/man/include/ad_modified_defaults.xml b/src/man/include/ad_modified_defaults.xml
index 818a2bf78..425b7e8ee 100644
--- a/src/man/include/ad_modified_defaults.xml
+++ b/src/man/include/ad_modified_defaults.xml
@@ -76,4 +76,23 @@
+
+NSS configuration
+
+
+
+fallback_homedir = /home/%d/%u
+
+
+The AD provider automatically sets
+"fallback_homedir = /home/%d/%u" to provide personal
+home directories for users without the homeDirectory
+attribute. If your AD Domain is properly
+populated with Posix attributes, and you want to avoid
+this fallback behavior, you can explicitly
+set "fallback_homedir = %o".
+
+
+
+
diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
index af9e74fc8..86fa4ec46 100644
--- a/src/responder/nss/nss_protocol_pwent.c
+++ b/src/responder/nss/nss_protocol_pwent.c
@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, _ctx);
if (homedir == NULL) {
-return "/";
+return "";
}
return homedir;
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index f0155a2f7..b5e5c3fd9 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -656,7 +656,7 @@ def test_user_no_dir(setup_pw_with_canary, files_domain_only):
Test that resolving a user without a homedir defined works and returns
a fallback value
"""
-check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', '/'))
+check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', ''))
def test_user_no_gecos(setup_pw_with_canary, files_domain_only):
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#703][synchronized] nss: sssd returns '/' for emtpy home directories
URL: https://github.com/SSSD/sssd/pull/703
Author: thalman
Title: #703: nss: sssd returns '/' for emtpy home directories
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/703/head:pr703
git checkout pr703
From bed5e87c3818dab98a84607880d4e66a03eeb5cc Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Mon, 3 Dec 2018 14:11:31 +0100
Subject: [PATCH 1/3] nss: sssd returns '/' for emtpy home directories
For empty home directory in passwd file sssd returns "/". Sssd
should respect system behaviour and return the same as nsswitch
"files" module - return empty string.
Resolves:
https://pagure.io/SSSD/sssd/issue/ To be defined
---
src/responder/nss/nss_protocol_pwent.c | 2 +-
src/tests/intg/test_files_provider.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
index af9e74fc8..86fa4ec46 100644
--- a/src/responder/nss/nss_protocol_pwent.c
+++ b/src/responder/nss/nss_protocol_pwent.c
@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, _ctx);
if (homedir == NULL) {
-return "/";
+return "";
}
return homedir;
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index f0155a2f7..b5e5c3fd9 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -656,7 +656,7 @@ def test_user_no_dir(setup_pw_with_canary, files_domain_only):
Test that resolving a user without a homedir defined works and returns
a fallback value
"""
-check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', '/'))
+check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', ''))
def test_user_no_gecos(setup_pw_with_canary, files_domain_only):
From fa0a6400ebd2f4056a057914355ec2ddefc14fe6 Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Tue, 4 Dec 2018 15:56:07 +0100
Subject: [PATCH 2/3] config: default fallback_homedir for ad provider
Providers now return empty string for homedir if it is not set.
For backward compatibility we want ad users to be able to log in
(Users without homedir are not acceptet by pam).
With this patch default value of fallback_homedir is set
to /home/%u@%d in ad provider.
Resolves:
https://pagure.io/SSSD/sssd/issue/ to be defined
---
src/confdb/confdb.c | 9 +
1 file changed, 9 insertions(+)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index b0d886c9d..d3fdd3199 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1301,6 +1301,15 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
ret = ENOMEM;
goto done;
}
+} else {
+if (strcasecmp(domain->provider, "ad") == 0) {
+/* ad provider default */
+domain->fallback_homedir = talloc_strdup(domain, "/home/%d/%u");
+if (!domain->fallback_homedir) {
+ret = ENOMEM;
+goto done;
+}
+}
}
tmp = ldb_msg_find_attr_as_string(res->msgs[0],
From fe11bd0d5b7dea9f1723c5a59ba0c47641802797 Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Wed, 5 Dec 2018 13:49:31 +0100
Subject: [PATCH 3/3] man: default fallback_homedir for ad provider
Documentation of this change + explanation how to
configure system to get rid of this default.
Resolves:
https://pagure.io/SSSD/sssd/issue/ to be defined
---
src/man/include/ad_modified_defaults.xml | 17 +
1 file changed, 17 insertions(+)
diff --git a/src/man/include/ad_modified_defaults.xml b/src/man/include/ad_modified_defaults.xml
index 818a2bf78..4e5efa265 100644
--- a/src/man/include/ad_modified_defaults.xml
+++ b/src/man/include/ad_modified_defaults.xml
@@ -76,4 +76,21 @@
+
+NSS configuration
+
+
+
+fallback_homedir = /home/%d/%u
+
+
+ If homeDirectory attribute is not present, the AD
+ provider supplies its value automatically.
+ If you have AD schema extended of posix attributes
+ and you want to avoid this behaviour, set the
+ fallback_homedir to %o.
+
+
+
+
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#703][synchronized] nss: sssd returns '/' for emtpy home directories
URL: https://github.com/SSSD/sssd/pull/703
Author: thalman
Title: #703: nss: sssd returns '/' for emtpy home directories
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/703/head:pr703
git checkout pr703
From bed5e87c3818dab98a84607880d4e66a03eeb5cc Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Mon, 3 Dec 2018 14:11:31 +0100
Subject: [PATCH 1/2] nss: sssd returns '/' for emtpy home directories
For empty home directory in passwd file sssd returns "/". Sssd
should respect system behaviour and return the same as nsswitch
"files" module - return empty string.
Resolves:
https://pagure.io/SSSD/sssd/issue/ To be defined
---
src/responder/nss/nss_protocol_pwent.c | 2 +-
src/tests/intg/test_files_provider.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
index af9e74fc8..86fa4ec46 100644
--- a/src/responder/nss/nss_protocol_pwent.c
+++ b/src/responder/nss/nss_protocol_pwent.c
@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, _ctx);
if (homedir == NULL) {
-return "/";
+return "";
}
return homedir;
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index f0155a2f7..b5e5c3fd9 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -656,7 +656,7 @@ def test_user_no_dir(setup_pw_with_canary, files_domain_only):
Test that resolving a user without a homedir defined works and returns
a fallback value
"""
-check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', '/'))
+check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', ''))
def test_user_no_gecos(setup_pw_with_canary, files_domain_only):
From 568d885924bea14c33ab544c412882c4a96f9470 Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Tue, 4 Dec 2018 15:56:07 +0100
Subject: [PATCH 2/2] config: default fallback_homedir for ad provider
Providers now return empty string for homedir if it is not set.
For backward compatibility we want ad users to be able to log in
(Users without homedir are not acceptet by pam).
With this patch default value of fallback_homedir is set
to /home/%u@%d in ad provider.
Resolves:
https://pagure.io/SSSD/sssd/issue/ to be defined
---
src/confdb/confdb.c | 9 +
src/man/sssd.conf.5.xml | 5 +++--
2 files changed, 12 insertions(+), 2 deletions(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index b0d886c9d..59c0c9605 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1301,6 +1301,15 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb,
ret = ENOMEM;
goto done;
}
+} else {
+if (strcasecmp(domain->provider, "ad") == 0) {
+/* ad provider default */
+domain->fallback_homedir = talloc_strdup(domain, "/home/%u@%d");
+if (!domain->fallback_homedir) {
+ret = ENOMEM;
+goto done;
+}
+}
}
tmp = ldb_msg_find_attr_as_string(res->msgs[0],
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
index bea25c622..53458a7b5 100644
--- a/src/man/sssd.conf.5.xml
+++ b/src/man/sssd.conf.5.xml
@@ -897,8 +897,9 @@ fallback_homedir = /home/%u
-Default: not set (no substitution for unset home
-directories)
+Default: for ad provider the default is "/home/%u@%d",
+for other providers it is not set (no substitution
+for unset home directories)
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#703][synchronized] nss: sssd returns '/' for emtpy home directories
URL: https://github.com/SSSD/sssd/pull/703
Author: thalman
Title: #703: nss: sssd returns '/' for emtpy home directories
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/703/head:pr703
git checkout pr703
From bed5e87c3818dab98a84607880d4e66a03eeb5cc Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Mon, 3 Dec 2018 14:11:31 +0100
Subject: [PATCH] nss: sssd returns '/' for emtpy home directories
For empty home directory in passwd file sssd returns "/". Sssd
should respect system behaviour and return the same as nsswitch
"files" module - return empty string.
Resolves:
https://pagure.io/SSSD/sssd/issue/ To be defined
---
src/responder/nss/nss_protocol_pwent.c | 2 +-
src/tests/intg/test_files_provider.py | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
index af9e74fc8..86fa4ec46 100644
--- a/src/responder/nss/nss_protocol_pwent.c
+++ b/src/responder/nss/nss_protocol_pwent.c
@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, _ctx);
if (homedir == NULL) {
-return "/";
+return "";
}
return homedir;
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index f0155a2f7..b5e5c3fd9 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -656,7 +656,7 @@ def test_user_no_dir(setup_pw_with_canary, files_domain_only):
Test that resolving a user without a homedir defined works and returns
a fallback value
"""
-check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', '/'))
+check_user(incomplete_user_setup(setup_pw_with_canary, 'dir', ''))
def test_user_no_gecos(setup_pw_with_canary, files_domain_only):
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
[SSSD] [sssd PR#703][synchronized] nss: sssd returns '/' for emtpy home directories
URL: https://github.com/SSSD/sssd/pull/703
Author: thalman
Title: #703: nss: sssd returns '/' for emtpy home directories
Action: synchronized
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/703/head:pr703
git checkout pr703
From 76d6de4cb4c15939e22058dc8a47b6ea17ccf5cd Mon Sep 17 00:00:00 2001
From: Tomas Halman
Date: Mon, 3 Dec 2018 14:11:31 +0100
Subject: [PATCH] nss: sssd returns '/' for emtpy home directories
For empty home directory in passwd file sssd returns "/". Sssd
should respect system behaviour and return the same as nsswitch
"files" module - return empty string.
Resolves:
https://pagure.io/SSSD/sssd/issue/ To be defined
---
src/responder/nss/nss_protocol_pwent.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c
index af9e74fc8..86fa4ec46 100644
--- a/src/responder/nss/nss_protocol_pwent.c
+++ b/src/responder/nss/nss_protocol_pwent.c
@@ -118,7 +118,7 @@ nss_get_homedir(TALLOC_CTX *mem_ctx,
homedir = nss_get_homedir_override(mem_ctx, msg, nss_ctx, domain, _ctx);
if (homedir == NULL) {
-return "/";
+return "";
}
return homedir;
___
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives:
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
