From 461a419d046a582d17563318e26b4221a872f5f1 Mon Sep 17 00:00:00 2001
From: "Todd C. Miller" <Todd.Miller@courtesan.com>
Date: Tue, 31 May 2016 13:07:31 -0600
Subject: [PATCH] For sudo -ll (long list) print the SSSD role just like we do
 for the LDAP backend.  Adapted from sudo-1.8.6p3-sssdrulenames.patch

---
 plugins/sudoers/sssd.c | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/plugins/sudoers/sssd.c b/plugins/sudoers/sssd.c
index c3e4894b7..d9a0f19b9 100644
--- a/plugins/sudoers/sssd.c
+++ b/plugins/sudoers/sssd.c
@@ -1356,6 +1356,17 @@ sudo_sss_display_entry_long(struct sudo_sss_handle *handle,
     int count = 0, i;
     debug_decl(sudo_sss_display_entry_long, SUDOERS_DEBUG_SSSD);
 
+    switch (handle->fn_get_values(rule, "cn", &val_array)) {
+    case 0:
+	if (val_array[0] != NULL)
+	    sudo_lbuf_append(lbuf, _("\nSSSD Role: %s\n"), val_array[0]);
+	handle->fn_free_values(val_array);
+	val_array = NULL;
+	break;
+    default:
+	sudo_lbuf_append(lbuf, _("\nSSSD Role: UNKNOWN\n"));
+    }
+
     /* get the RunAsUser Values from the entry */
     sudo_lbuf_append(lbuf, "    RunAsUsers: ");
     switch (handle->fn_get_values(rule, "sudoRunAsUser", &val_array)) {
-- 
2.40.0