Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek

author Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)
author Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)
diff --git a/sudo.c b/sudo.c

index 7694e033659b9c68545a71b9a42a1c6ca23df778..867c3331e3dac05c1271218f844f69a69e1df8cd 100644 (file)
--- a/sudo.c
+++ b/sudo.c
@@ -376,7 +376,7 @@ main(argc, argv, envp)
         validated = nss->lookup(nss, validated, pwflag);
  
         if (ISSET(validated, VALIDATE_OK)) {
-           /* Handle "= auth" in netsvc.conf */
+           /* Handle [SUCCESS=return] */
             if (nss->ret_if_found)
                 break;
         } else {
diff --git a/sudo_nss.c b/sudo_nss.c

index 36cdf6503ca7b1d49a5b3bfec9bfefc77b88142c..a722122570e6c8c053626a7e84c5443136d60b4f 100644 (file)
--- a/sudo_nss.c
+++ b/sudo_nss.c
@@ -87,6 +87,10 @@ sudo_read_nss()
                 /* NOTFOUND affects the most recent entry */
                 tq_last(&snl)->ret_if_notfound = TRUE;
                 got_match = FALSE;
+           } else if (strcasecmp(cp, "[SUCCESS=return]") == 0 && got_match) {
+               /* SUCCESS affects the most recent entry */
+               tq_last(&snl)->ret_if_found = TRUE;
+               got_match = FALSE;
             } else
                 got_match = FALSE;
         }
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 4 Sep 2012 13:29:49 +0000 (09:29 -0400)
sudo.c		patch \| blob \| history
sudo_nss.c		patch \| blob \| history