mirror of
https://git.openldap.org/openldap/openldap.git
synced 2025-12-31 03:59:34 -05:00
Add nssov-pam-session keyword to select which services will be recorded
in session management
This commit is contained in:
Howard Chu
parent
8f8128d727
commit
8da06617a7
3 changed files with 32 additions and 2 deletions
|
|
@ -426,6 +426,7 @@ enum {
|
|||
NSS_MAP,
|
||||
NSS_PAM,
|
||||
NSS_PAMGROUP,
|
||||
NSS_PAMSESS
|
||||
};
|
||||
|
||||
static ConfigDriver nss_cf_gen;
|
||||
|
|
@ -487,6 +488,11 @@ static ConfigTable nsscfg[] = {
|
|||
"DESC 'Default template login name' "
|
||||
"EQUALITY caseIgnoreMatch "
|
||||
"SYNTAX OMsDirectoryString SINGLE-VALUE )", NULL, NULL },
|
||||
{ "nssov-pam-session", "service", 2, 2, 0, ARG_MAGIC|ARG_BERVAL|NSS_PAMSESS,
|
||||
nss_cf_gen, "(OLcfgCtAt:3.11 NAME 'olcNssPamSession' "
|
||||
"DESC 'Services for which sessions will be recorded' "
|
||||
"EQUALITY caseIgnoreMatch "
|
||||
"SYNTAX OMsDirectoryString )", NULL, NULL },
|
||||
{ NULL, NULL, 0,0,0, ARG_IGNORED }
|
||||
};
|
||||
|
||||
|
|
@ -497,7 +503,7 @@ static ConfigOCs nssocs[] = {
|
|||
"SUP olcOverlayConfig "
|
||||
"MAY ( olcNssSsd $ olcNssMap $ olcNssPam $ olcNssPamDefHost $ "
|
||||
"olcNssPamGroupDN $ olcNssPamGroupAD $ "
|
||||
"olcNssPamMinUid $ olcNssPamMaxUid $ "
|
||||
"olcNssPamMinUid $ olcNssPamMaxUid $ olcNssPamSession $ "
|
||||
"olcNssPamTemplateAD $ olcNssPamTemplate ) )",
|
||||
Cft_Overlay, nsscfg },
|
||||
{ NULL, 0, NULL }
|
||||
|
|
@ -577,6 +583,13 @@ nss_cf_gen(ConfigArgs *c)
|
|||
rc = 1;
|
||||
}
|
||||
break;
|
||||
case NSS_PAMSESS:
|
||||
if (ni->ni_pam_sessions) {
|
||||
ber_bvarray_dup_x( &c->rvalue_vals, ni->ni_pam_sessions, NULL );
|
||||
} else {
|
||||
rc = 1;
|
||||
}
|
||||
break;
|
||||
}
|
||||
return rc;
|
||||
} else if ( c->op == LDAP_MOD_DELETE ) {
|
||||
|
|
@ -676,6 +689,9 @@ nss_cf_gen(ConfigArgs *c)
|
|||
ni->ni_pam_group_dn = c->value_ndn;
|
||||
ch_free( c->value_dn.bv_val );
|
||||
break;
|
||||
case NSS_PAMSESS:
|
||||
ber_bvarray_add( &ni->ni_pam_sessions, &c->value_bv );
|
||||
break;
|
||||
}
|
||||
return rc;
|
||||
}
|
||||
|
|
|
|||
|
|
@ -74,6 +74,7 @@ typedef struct nssov_info
|
|||
AttributeDescription *ni_pam_template_ad;
|
||||
struct berval ni_pam_template;
|
||||
struct berval ni_pam_defhost;
|
||||
struct berval *ni_pam_sessions;
|
||||
} nssov_info;
|
||||
|
||||
#define NI_PAM_USERHOST 1 /* old style host checking */
|
||||
|
|
|
|||
|
|
@ -494,7 +494,20 @@ static int pam_sess(nssov_info *ni,TFILE *fp,Operation *op,int action)
|
|||
Debug(LDAP_DEBUG_TRACE,"nssov_pam_sess_%c(%s)\n",
|
||||
action==NSLCD_ACTION_PAM_SESS_O ? 'o' : 'c', dn.bv_val,0);
|
||||
|
||||
if (!dn.bv_len) return 0;
|
||||
if (!dn.bv_len || !ni->ni_pam_sessions) return 0;
|
||||
|
||||
{
|
||||
int i, found=0;
|
||||
for (i=0; !BER_BVISNULL(&ni->ni_pam_sessions[i]); i++) {
|
||||
if (ni->ni_pam_sessions[i].bv_len != svc.bv_len)
|
||||
continue;
|
||||
if (!strcasecmp(ni->ni_pam_sessions[i].bv_val, svc.bv_val)) {
|
||||
found = 1;
|
||||
break;
|
||||
}
|
||||
}
|
||||
if (!found) return 0;
|
||||
}
|
||||
|
||||
slap_op_time( &op->o_time, &op->o_tincr );
|
||||
timestamp.bv_len = sizeof(timebuf);
|
||||
|
|
|
|||
Loading…
Reference in a new issue