d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Re-add support for NIS netgroups (heavily modified from patch in PR)

Browse Source 
PR:		bin/112955
Submitted by:	A. Blake Cooper <blake@cluebie.net>
MFC after:	3 weeks
This commit is contained in:
des 2007-05-25 07:50:18 +00:00
parent b780a97c81
commit 678d09f0cf
1 changed files with 22 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
lib/libpam/modules/pam_login_access/login_access.c
View File

@ -20,6 +20,7 @@ __FBSDID("$FreeBSD$");
#include <ctype.h> #include <ctype.h>
#include <errno.h> #include <errno.h>
#include <grp.h> #include <grp.h>
#include <netdb.h>
#include <stdio.h> #include <stdio.h>
#include <stdlib.h> #include <stdlib.h>
#include <string.h> #include <string.h>
@ -143,11 +144,28 @@ list_match(char *list, const char *item,
/* netgroup_match - match group against machine or user */ /* netgroup_match - match group against machine or user */
static int static int
netgroup_match(const char *group __unused, netgroup_match(const char *group, const char *machine, const char *user)
const char *machine __unused, const char *user __unused)
{ {
syslog(LOG_ERR, "NIS netgroup support not configured"); char domain[1024];
return 0; unsigned int i;
if (getdomainname(domain, sizeof(domain)) != 0 || *domain == '\0') {
syslog(LOG_ERR, "NIS netgroup support disabled: no NIS domain");
return (NO);
}
/* getdomainname() does not reliably terminate the string */
for (i = 0; i < sizeof(domain); ++i)
if (domain[i] == '\0')
break;
if (i == sizeof(domain)) {
syslog(LOG_ERR, "NIS netgroup support disabled: invalid NIS domain");
return (NO);
}
if (innetgr(group, machine, user, domain) == 1)
return (YES);
return (NO);
} }
/* user_match - match a username against one token */ /* user_match - match a username against one token */