dbd717f PAM: return short name for files provider users

3 files Authored by sbose 5 years ago, Committed by jhrozek 5 years ago,
    PAM: return short name for files provider users
    
    If the 'allow_missing_name' option is used with pam_sss and the user
    name will be determined based on the certificate content and the mapping
    rules the PAM responder will by default return the fully-qualified name
    of the user which is then later used by other PAM modules as well.
    
    For local users which are configured to use SSSD for Smartcard
    authentication this might cause issues in other PAM modules because they
    are not aware of the fully-qualified name and will treat the user as
    unknown.
    
    With this patch the PAM responder will return the short name for all
    users handled by the files provider.
    
    Related to https://pagure.io/SSSD/sssd/issue/3848
    
    Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
    
        
file modified
+2 -1