isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Pick last match in LDAP sudoers too

Browse Source
This commit is contained in:
Todd C. Miller
2010-12-20 16:37:44 -05:00
parent 4294e4db8b
commit 93e9635842
2 changed files with 6 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
doc/sudoers.ldap.pod
View File

@@ -158,8 +158,9 @@ floating point value for LDAP servers that support it) that is used
to sort the matching entries. This allows LDAP-based sudoers entries to sort the matching entries. This allows LDAP-based sudoers entries
to more closely mimic the behaviour of the sudoers file, where the to more closely mimic the behaviour of the sudoers file, where the
of the entries influences the result. If multiple entries match, of the entries influences the result. If multiple entries match,
the entry with the lowest B<sudoOrder> attribute is chosen. If the the entry with the highest B<sudoOrder> attribute is chosen. This
B<sudoOrder> attribute is not present, a value of 0 is assumed. corresponds to the "last match" behavior of the sudoers file. If
the B<sudoOrder> attribute is not present, a value of 0 is assumed.
=back =back

6
plugins/sudoers/ldap.c
View File

@@ -2112,7 +2112,7 @@ done:
} }
/* /*
* Sort comparison function for ldap_entry_wrapper structures. * Comparison function for ldap_entry_wrapper structures, descending order.
*/ */
static int static int
ldap_entry_compare(const void *a, const void *b) ldap_entry_compare(const void *a, const void *b)
@@ -2120,8 +2120,8 @@ ldap_entry_compare(const void *a, const void *b)
const struct ldap_entry_wrapper *aw = a; const struct ldap_entry_wrapper *aw = a;
const struct ldap_entry_wrapper *bw = b; const struct ldap_entry_wrapper *bw = b;
return(aw->order < bw->order ? -1 : return(bw->order < aw->order ? -1 :
(aw->order > bw->order ? 1 : 0)); (bw->order > aw->order ? 1 : 0));
} }
/* /*