diff options
| -rw-r--r-- | nss_mapname.c | 17 | ||||
| -rw-r--r-- | nss_mapuid.c | 17 |
2 files changed, 34 insertions, 0 deletions
diff --git a/nss_mapname.c b/nss_mapname.c index ea9b7f2..9132f6e 100644 --- a/nss_mapname.c +++ b/nss_mapname.c @@ -42,6 +42,13 @@ static const char *nssname = "nss_mapuser"; /* for syslogs */ /* + * If you aren't using glibc or a variant that supports this, + * and you have a system that supports the BSD getprogname(), + * you can replace this use with getprogname() + */ +extern const char *__progname; + +/* * This is an NSS entry point. * We map any username given to the account listed in the configuration file * We only fail if we can't read the configuration file, or the username @@ -56,6 +63,16 @@ enum nss_status _nss_mapname_getpwnam_r(const char *name, struct passwd *pw, enum nss_status status = NSS_STATUS_NOTFOUND; struct pwbuf pbuf; + /* + * the useradd family will not add/mod/del users correctly with + * the mapuid functionality, so return immediately if we are + * running as part of those processes. + */ + if (__progname && (!strcmp(__progname, "useradd") || + !strcmp(__progname, "usermod") || + !strcmp(__progname, "userdel"))) + return status; + if (nss_mapuser_config(errnop, nssname) == 1) { syslog(LOG_NOTICE, "%s: bad configuration", nssname); return status; diff --git a/nss_mapuid.c b/nss_mapuid.c index 7b8faa7..f97b28e 100644 --- a/nss_mapuid.c +++ b/nss_mapuid.c @@ -53,6 +53,13 @@ static const char *nssname = "nss_mapuid"; /* for syslogs */ static const char dbdir[] = "/run/mapuser/"; /* + * If you aren't using glibc or a variant that supports this, + * and you have a system that supports the BSD getprogname(), + * you can replace this use with getprogname() + */ +extern const char *__progname; + +/* * Read the requested session file (in the dbdir by intent), verify the * uid matches, and setup the passwd structure with the username found * in the file. @@ -185,6 +192,16 @@ enum nss_status _nss_mapuid_getpwuid_r(uid_t uid, struct passwd *pw, enum nss_status status = NSS_STATUS_NOTFOUND; uint32_t session; + /* + * the useradd family will not add/mod/del users correctly with + * the mapuid functionality, so return immediately if we are + * running as part of those processes. + */ + if (__progname && (!strcmp(__progname, "useradd") || + !strcmp(__progname, "usermod") || + !strcmp(__progname, "userdel"))) + return status; + /* this can happen for permission reasons, do don't complain except * at debug */ if (nss_mapuser_config(errnop, nssname) == 1) { |