isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek

Browse Source
This commit is contained in:
Todd C. Miller
2012-09-04 09:22:10 -04:00
parent 2068d941b9
commit d787df3c1d
2 changed files with 5 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
plugins/sudoers/sudo_nss.c
View File

@@ -99,6 +99,10 @@ sudo_read_nss(void)
/* NOTFOUND affects the most recent entry */ /* NOTFOUND affects the most recent entry */
tq_last(&snl)->ret_if_notfound = true; tq_last(&snl)->ret_if_notfound = true;
got_match = false; got_match = false;
} else if (strcasecmp(cp, "[SUCCESS=return]") == 0 && got_match) {
/* SUCCESS affects the most recent entry */
tq_last(&snl)->ret_if_found = true;
got_match = false;
} else } else
got_match = false; got_match = false;
} }

2
plugins/sudoers/sudoers.c
View File

@@ -393,7 +393,7 @@ sudoers_policy_main(int argc, char * const argv[], int pwflag, char *env_add[],
validated = nss->lookup(nss, validated, pwflag); validated = nss->lookup(nss, validated, pwflag);
if (ISSET(validated, VALIDATE_OK)) { if (ISSET(validated, VALIDATE_OK)) {
/* Handle "= auth" in netsvc.conf */ /* Handle [SUCCESS=return] */
if (nss->ret_if_found) if (nss->ret_if_found)
break; break;
} else { } else {