• If the local group ‘nss-nonlocal-users’ exists, then nonlocal users
will be automatically added to it. Furthermore, if a local user is
- added to this group, then that user will inherit any nonlocal
- supplementary gids from a nonlocal user of the same name.
+ added to this group, then that user will inherit any nonlocal gids
+ from a nonlocal user of the same name, as supplementary gids.
• If the local group ‘nss-local-users’ exists, then local users will
be automatically added to it.
#include <stdio.h>
#include <syslog.h>
#include <errno.h>
+#include <pwd.h>
#include <grp.h>
#include <nss.h>
#include "nsswitch-internal.h"
* If the MAGIC_NONLOCAL_GROUPNAME local group exists, then nonlocal
* users will be automatically added to it. Furthermore, if a local
* user is added to this group, then that user will inherit any
- * nonlocal supplementary gids from a nonlocal user of the same name.
+ * nonlocal gids from a nonlocal user of the same name, as
+ * supplementary gids.
*/
#define MAGIC_NONLOCAL_GROUPNAME "nss-nonlocal-users"
break;
}
}
+
+ if (is_nonlocal) {
+ struct passwd pwbuf;
+ char *buf;
+ int nonlocal_errno = *errnop;
+ status = get_nonlocal_passwd(user, &pwbuf, &buf, errnop);
+
+ if (status == NSS_STATUS_SUCCESS) {
+ nonlocal_errno = *errnop;
+ status = check_nonlocal_gid(user, pwbuf.pw_gid,
+ &nonlocal_errno);
+ free(buf);
+ }
+
+ if (status == NSS_STATUS_SUCCESS) {
+ if (!add_group(pwbuf.pw_gid, start, size, groupsp, limit,
+ errnop, &status))
+ return status;
+ } else if (status == NSS_STATUS_TRYAGAIN) {
+ *errnop = nonlocal_errno;
+ return status;
+ }
+ }
}
} else if (status == NSS_STATUS_TRYAGAIN) {
if (is_nonlocal)
return status;
}
+enum nss_status
+get_nonlocal_passwd(const char *name, struct passwd *pwd, char **buffer,
+ int *errnop)
+{
+ enum nss_status status;
+ size_t buflen = sysconf(_SC_GETPW_R_SIZE_MAX);
+ const struct walk_nss w = {
+ .lookup = __nss_passwd_nonlocal_lookup, .fct_name = "getpwnam_r",
+ .status = &status, .errnop = errnop, .buf = buffer, .buflen = &buflen
+ };
+ const __typeof__(&_nss_nonlocal_getpwnam_r) self = NULL;
+#define args (name, pwd, *buffer, buflen, errnop)
+#include "walk_nss.h"
+#undef args
+ return status;
+}
+
static service_user *pwent_startp, *pwent_nip;
static void *pwent_fct_start;
#endif
#include "nsswitch-internal.h"
+#include <pwd.h>
struct walk_nss {
enum nss_status *status;
enum nss_status check_nonlocal_uid(const char *user, uid_t uid, int *errnop);
enum nss_status check_nonlocal_gid(const char *user, gid_t gid, int *errnop);
enum nss_status check_nonlocal_user(const char *user, int *errnop);
+enum nss_status get_nonlocal_passwd(const char *name, struct passwd *pwd,
+ char **buffer, int *errnop);
#define NONLOCAL_IGNORE_ENV "NSS_NONLOCAL_IGNORE"
andersk / nss_nonlocal.git / commitdiff
