From: Todd C. Miller Date: Tue, 4 Sep 2012 13:29:49 +0000 (-0400) Subject: Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek X-Git-Tag: SUDO_1_7_10p1~4 X-Git-Url: https://granicus.if.org/sourcecode?a=commitdiff_plain;h=c8b170d5b1b947930fc30190a6e6123f6e8fb38a;p=sudo Add support for [SUCCESS=return] in nsswitch.conf; from Daniel Kopecek --HG-- branch : 1.7 --- diff --git a/sudo.c b/sudo.c index 7694e0336..867c3331e 100644 --- a/sudo.c +++ b/sudo.c @@ -376,7 +376,7 @@ main(argc, argv, envp) validated = nss->lookup(nss, validated, pwflag); if (ISSET(validated, VALIDATE_OK)) { - /* Handle "= auth" in netsvc.conf */ + /* Handle [SUCCESS=return] */ if (nss->ret_if_found) break; } else { diff --git a/sudo_nss.c b/sudo_nss.c index 36cdf6503..a72212257 100644 --- a/sudo_nss.c +++ b/sudo_nss.c @@ -87,6 +87,10 @@ sudo_read_nss() /* NOTFOUND affects the most recent entry */ tq_last(&snl)->ret_if_notfound = TRUE; got_match = FALSE; + } else if (strcasecmp(cp, "[SUCCESS=return]") == 0 && got_match) { + /* SUCCESS affects the most recent entry */ + tq_last(&snl)->ret_if_found = TRUE; + got_match = FALSE; } else got_match = FALSE; }