sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-10 01:18:15 +03:00
Code

Add pam_acct_mgmt to the himmelblau daemon

Browse Source 
Signed-off-by: David Mulder <dmulder@samba.org>
Reviewed-by: Alexander Bokovoy <ab@samba.org>
This commit is contained in:
David Mulder 2024-08-01 09:52:45 -06:00
parent 426c43963a
commit 5350b31a78
2 changed files with 51 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
himmelblaud/src/himmelblaud.rs
View File

@ -220,6 +220,9 @@ pub(crate) async fn handle_client(
resolver.getgrnam(&grp_id).await? resolver.getgrnam(&grp_id).await?
} }
Request::NssGroupByGid(gid) => resolver.getgrgid(gid).await?, Request::NssGroupByGid(gid) => resolver.getgrgid(gid).await?,
Request::PamAccountAllowed(account_id) => {
resolver.pam_acct_mgmt(&account_id).await?
}
_ => todo!(), _ => todo!(),
}; };
reqs.send(resp).await?; reqs.send(resp).await?;
@ -237,4 +240,5 @@ mod himmelblaud_getgrnam;
mod himmelblaud_getpwent; mod himmelblaud_getpwent;
mod himmelblaud_getpwnam; mod himmelblaud_getpwnam;
mod himmelblaud_getpwuid; mod himmelblaud_getpwuid;
mod himmelblaud_pam_acct_mgmt;
mod himmelblaud_pam_auth; mod himmelblaud_pam_auth;

47
himmelblaud/src/himmelblaud/himmelblaud_pam_acct_mgmt.rs Normal file
View File

@ -0,0 +1,47 @@
/*
Unix SMB/CIFS implementation.
Himmelblau daemon implementation for pam_acct_mgmt
Copyright (C) David Mulder 2024
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
use crate::himmelblaud::Resolver;
use dbg::DBG_WARNING;
use ntstatus_gen::*;
use sock::Response;
impl Resolver {
pub(crate) async fn pam_acct_mgmt(
&self,
account_id: &str,
) -> Result<Response, Box<NTSTATUS>> {
// Check if the user exists in Entra ID
// TODO: If we're offline, check the cache instead
match self
.client
.lock()
.await
.check_user_exists(&account_id)
.await
{
Ok(exists) => Ok(Response::PamStatus(Some(exists))),
Err(e) => {
DBG_WARNING!("{:?}", e);
Ok(Response::PamStatus(None))
}
}
}
}