1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
|
diff --git src/sss_client/nss_group.c src/sss_client/nss_group.c
index 5ab2bdf78..69ba75dcb 100644
--- src/sss_client/nss_group.c
+++ src/sss_client/nss_group.c
@@ -390,6 +390,76 @@ out:
}
+#define MIN(a, b)((a) < (b) ? (a) : (b))
+
+int gr_addgid(gid_t gid, gid_t *groups, int maxgrp, int *grpcnt)
+{
+ int ret, dupc;
+
+ for (dupc = 0; dupc < MIN(maxgrp, *grpcnt); dupc++) {
+ if (groups[dupc] == gid)
+ return 1;
+ }
+
+ ret = 1;
+ if (*grpcnt < maxgrp)
+ groups[*grpcnt] = gid;
+ else
+ ret = 0;
+
+ (*grpcnt)++;
+
+ return ret;
+}
+
+enum nss_status _nss_sss_getgroupmembership(const char *uname, gid_t agroup,
+ gid_t *groups, int maxgrp,
+ int *grpcnt)
+{
+ struct sss_cli_req_data rd;
+ uint8_t *repbuf;
+ size_t replen;
+ enum nss_status nret;
+ uint32_t *rbuf;
+ uint32_t num_ret;
+ long int l, max_ret;
+ int errnop;
+
+ rd.len = strlen(uname) +1;
+ rd.data = uname;
+
+ sss_nss_lock();
+
+ nret = sss_nss_make_request(SSS_NSS_INITGR, &rd,
+ &repbuf, &replen, &errnop);
+ if (nret != NSS_STATUS_SUCCESS) {
+ goto done;
+ }
+
+ /* no results if not found */
+ num_ret = ((uint32_t *)repbuf)[0];
+ if (num_ret == 0) {
+ free(repbuf);
+ nret = NSS_STATUS_NOTFOUND;
+ goto done;
+ }
+ max_ret = num_ret;
+
+ gr_addgid(agroup, groups, maxgrp, grpcnt);
+
+ rbuf = &((uint32_t *)repbuf)[2];
+ for (l = 0; l < max_ret; l++) {
+ gr_addgid(rbuf[l], groups, maxgrp, grpcnt);
+ }
+
+ free(repbuf);
+ nret = NSS_STATUS_SUCCESS;
+
+done:
+ sss_nss_unlock();
+ return nret;
+}
+
enum nss_status _nss_sss_getgrnam_r(const char *name, struct group *result,
char *buffer, size_t buflen, int *errnop)
{
|
