lists.arthurdejong.org
RSS feed

nss-pam-ldapd branch master updated. 0.9.7-10-gbecc883

[Date Prev][Date Next] [Thread Prev][Thread Next]

nss-pam-ldapd branch master updated. 0.9.7-10-gbecc883



This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "nss-pam-ldapd".

The branch, master has been updated
       via  becc883693df2ad812cfd7ba4a5dcbd1d1a8fa3f (commit)
      from  5a84be23ea6bc1eb8168a69d10e6c94c9c1413a8 (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
https://arthurdejong.org/git/nss-pam-ldapd/commit/?id=becc883693df2ad812cfd7ba4a5dcbd1d1a8fa3f

commit becc883693df2ad812cfd7ba4a5dcbd1d1a8fa3f
Author: Arthur de Jong <arthur@arthurdejong.org>
Date:   Wed Jun 7 23:21:40 2017 +0200

    Log entries and lookups failing nss_min_uid
    
    This logs (at debug level) any LDAP uidNumber attribute values (or
    translated objectSid attribute values) that are lower than nss_min_uid.
    It also logs getpwuid() requests for such uids.

diff --git a/nslcd/passwd.c b/nslcd/passwd.c
index d5a143d..fde4bda 100644
--- a/nslcd/passwd.c
+++ b/nslcd/passwd.c
@@ -5,7 +5,7 @@
 
    Copyright (C) 1997-2005 Luke Howard
    Copyright (C) 2006 West Consulting
-   Copyright (C) 2006-2014 Arthur de Jong
+   Copyright (C) 2006-2017 Arthur de Jong
 
    This library is free software; you can redistribute it and/or
    modify it under the terms of the GNU Lesser General Public
@@ -207,7 +207,12 @@ static int entry_has_valid_uid(MYLDAP_ENTRY *entry)
         continue;
       }
     }
-    if (uid >= nslcd_cfg->nss_min_uid)
+    if (uid < nslcd_cfg->nss_min_uid)
+    {
+      log_log(LOG_DEBUG, "%s: %s: less than nss_min_uid",
+              myldap_get_dn(entry), attmap_passwd_uidNumber);
+    }
+    else
       return 1;
   }
   /* nothing found */
@@ -481,6 +486,11 @@ static int write_passwd(TFILE *fp, MYLDAP_ENTRY *entry, 
const char *requser,
           return 0;
         }
       }
+      if (uids[numuids] < nslcd_cfg->nss_min_uid)
+      {
+          log_log(LOG_DEBUG, "%s: %s: less than nss_min_uid",
+                  myldap_get_dn(entry), attmap_passwd_uidNumber);
+      }
     }
   }
   /* get the gid for this entry */
@@ -530,6 +540,7 @@ static int write_passwd(TFILE *fp, MYLDAP_ENTRY *entry, 
const char *requser,
   attmap_get_value(entry, attmap_passwd_loginShell, shell, sizeof(shell));
   /* write the entries */
   for (i = 0; usernames[i] != NULL; i++)
+  {
     if ((requser == NULL) || (STR_CMP(requser, usernames[i]) == 0))
     {
       if (!isvalidname(usernames[i]))
@@ -555,6 +566,7 @@ static int write_passwd(TFILE *fp, MYLDAP_ENTRY *entry, 
const char *requser,
         }
       }
     }
+  }
   return 0;
 }
 
@@ -582,6 +594,7 @@ NSLCD_HANDLE_UID(
   log_setrequest("passwd=%lu", (unsigned long int)uid);
   if (uid < nslcd_cfg->nss_min_uid)
   {
+    log_log(LOG_DEBUG, "request ignored by nss_min_uid option");
     /* return an empty result */
     WRITE_INT32(fp, NSLCD_VERSION);
     WRITE_INT32(fp, NSLCD_ACTION_PASSWD_BYUID);

-----------------------------------------------------------------------

Summary of changes:
 nslcd/passwd.c | 17 +++++++++++++++--
 1 file changed, 15 insertions(+), 2 deletions(-)


hooks/post-receive
-- 
nss-pam-ldapd
-- 
To unsubscribe send an email to
nss-pam-ldapd-commits-unsubscribe@lists.arthurdejong.org or see
https://lists.arthurdejong.org/nss-pam-ldapd-commits/