From 241594613f3ef3b428851a7866905e41c967b893 Mon Sep 17 00:00:00 2001 From: Fabiano FidĂȘncio Date: Jul 10 2018 11:42:01 +0000 Subject: files: do not apply override_shell to files provider override_shell should not be applied to files provider as the provider should always return *only* what's in the files and nothing else. Resolves: https://pagure.io/SSSD/sssd/issue/3758 Signed-off-by: Fabiano FidĂȘncio Reviewed-by: Jakub Hrozek --- diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index c330586..f95a97e 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1326,7 +1326,9 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, tmp = ldb_msg_find_attr_as_string(res->msgs[0], CONFDB_NSS_OVERRIDE_SHELL, NULL); - if (tmp != NULL) { + /* Here we skip the files provider as it should always return *only* + * what's in the files and nothing else. */ + if (tmp != NULL && strcasecmp(domain->provider, "files") != 0) { domain->override_shell = talloc_strdup(domain, tmp); if (!domain->override_shell) { ret = ENOMEM; diff --git a/src/responder/common/responder_utils.c b/src/responder/common/responder_utils.c index 5218960..d10a5bb 100644 --- a/src/responder/common/responder_utils.c +++ b/src/responder/common/responder_utils.c @@ -408,12 +408,16 @@ sss_resp_get_shell_override(struct ldb_message *msg, const char *shell; int i; - /* Check whether we are unconditionally overriding - * the server for the login shell. */ - if (domain->override_shell) { - return domain->override_shell; - } else if (rctx->override_shell) { - return rctx->override_shell; + /* Here we skip the files provider as it should always return *only* + * what's in the files and nothing else. */ + if (strcasecmp(domain->provider, "files") != 0) { + /* Check whether we are unconditionally overriding + * the server for the login shell. */ + if (domain->override_shell) { + return domain->override_shell; + } else if (rctx->override_shell) { + return rctx->override_shell; + } } shell = sss_view_ldb_msg_find_attr_as_string(domain, msg, SYSDB_SHELL,