git: 246aec9a3ce3 - main - nss_tacplus: Support setting the login class.

Go to: [ bottom of page ] [ top of archives ] [ this month ]
From: Dag-Erling Smørgrav <des_at_FreeBSD.org>
Date: Tue, 13 Jun 2023 18:16:10 UTC
The branch main has been updated by des:

URL: https://cgit.FreeBSD.org/src/commit/?id=246aec9a3ce305272f35e6416910024f602a03c1

commit 246aec9a3ce305272f35e6416910024f602a03c1
Author:     Dag-Erling Smørgrav <des@FreeBSD.org>
AuthorDate: 2023-06-13 16:06:27 +0000
Commit:     Dag-Erling Smørgrav <des@FreeBSD.org>
CommitDate: 2023-06-13 16:08:32 +0000

    nss_tacplus: Support setting the login class.
    
    MFC after:      1 week
    Sponsored by:   Klara, Inc.
    Reviewed by:    thj
    Differential Revision:  https://reviews.freebsd.org/D40376
---
 lib/nss_tacplus/nss_tacplus.8 |  5 ++++-
 lib/nss_tacplus/nss_tacplus.c | 12 ++++++++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/lib/nss_tacplus/nss_tacplus.8 b/lib/nss_tacplus/nss_tacplus.8
index 4aaff4b5dd3a..f5c87a836f9a 100644
--- a/lib/nss_tacplus/nss_tacplus.8
+++ b/lib/nss_tacplus/nss_tacplus.8
@@ -3,7 +3,7 @@
 .\"
 .\" SPDX-License-Identifier: BSD-2-Clause
 .\"
-.Dd May 17, 2023
+.Dd June 13, 2023
 .Dt NSS_TACPLUS 8
 .Os
 .Sh NAME
@@ -57,6 +57,9 @@ Numeric primary group ID.
 Must be between 0 and
 .Dv GID_MAX .
 Defaults to 65534.
+.It Va CLASS
+Login class.
+Left blank if not provided.
 .It Va GECOS
 Display name.
 If not provided, the user name is used instead.
diff --git a/lib/nss_tacplus/nss_tacplus.c b/lib/nss_tacplus/nss_tacplus.c
index a59332504bc0..e18ffe2315ce 100644
--- a/lib/nss_tacplus/nss_tacplus.c
+++ b/lib/nss_tacplus/nss_tacplus.c
@@ -24,6 +24,7 @@ extern int __isthreaded;
 
 #define	DEF_UID		65534
 #define	DEF_GID		65534
+#define	DEF_CLASS	""
 #define	DEF_DIR		"/"
 #define	DEF_SHELL	"/bin/sh"
 
@@ -192,6 +193,13 @@ tacplus_getpwnam_r(const char *name, struct passwd *pwd, char *buffer,
 				return (NS_RETURN);
 			}
 			pwd->pw_gid = num;
+		} else if (strcasecmp(av, "class") == 0) {
+			pwd->pw_class = tacplus_copystr(value, &buffer,
+			    &bufsize);
+			if (pwd->pw_class == NULL) {
+				free(av);
+				return (NS_RETURN);
+			}
 		} else if (strcasecmp(av, "gecos") == 0) {
 			pwd->pw_gecos = tacplus_copystr(value, &buffer,
 			    &bufsize);
@@ -217,6 +225,10 @@ tacplus_getpwnam_r(const char *name, struct passwd *pwd, char *buffer,
 		free(av);
 	}
 
+	/* default class if none was provided */
+	if (pwd->pw_class == NULL)
+		pwd->pw_class = tacplus_copystr(DEF_CLASS, &buffer, &bufsize);
+
 	/* gecos equal to name if none was provided */
 	if (pwd->pw_gecos == NULL)
 		pwd->pw_gecos = pwd->pw_name;