isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add LDAP-specific innetgr() implementation.

Browse Source 
Wheh netgroup_base is set we now do out own netgroup lookups using
LDAP.  Previously, LDAP was queried directly to get a list of the
netgroups the user belongs to but other netgroups queries went
through innetgr(3).  This makes it possible to use netgroups
in LDAP sudoers on systems that don't have an innetgr() function.
GitHub issue #251.
This commit is contained in:
Todd C. Miller
2023-03-10 10:05:33 -07:00
parent 554df8d934
commit fc253048f5
8 changed files with 307 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
scripts/mkdep.pl
View File

@@ -116,7 +116,7 @@ sub mkdep {
$makefile =~ s:\@DEV\@::g;
$makefile =~ s:\@COMMON_OBJS\@:aix.lo event_poll.lo event_select.lo:;
$makefile =~ s:\@SUDO_OBJS\@:intercept.pb-c.o openbsd.o preload.o apparmor.o selinux.o sesh.o solaris.o:;
$makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo ldap_util.lo ldap_conf.lo solaris_audit.lo sssd.lo:;
$makefile =~ s:\@SUDOERS_OBJS\@:bsm_audit.lo linux_audit.lo ldap.lo ldap_util.lo ldap_conf.lo ldap_innetgr.lo solaris_audit.lo sssd.lo:;
# XXX - fill in AUTH_OBJS from contents of the auth dir instead
$makefile =~ s:\@AUTH_OBJS\@:afs.lo aix_auth.lo bsdauth.lo dce.lo fwtk.lo getspwuid.lo kerb5.lo pam.lo passwd.lo rfc1938.lo secureware.lo securid5.lo sia.lo:;
$makefile =~ s:\@DIGEST\@:digest.lo digest_openssl.lo digest_gcrypt.lo:;