From 73e6feff9b3f30e70d84fe256aff239fafdfdb95 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?G=C3=BCnther=20Deschner?= Date: Thu, 18 Jul 2013 19:04:29 +0200 Subject: [PATCH] wbinfo: allow to define a custom krb5ccname for kerberized pam auth. MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Guenther Signed-off-by: Günther Deschner Reviewed-by: Jeremy Allison --- nsswitch/wbinfo.c | 6 ++++-- 1 file changed, 4 insertions(+), 2 deletions(-) diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index a1ca7fc5741..cba469e469a 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -2097,6 +2097,7 @@ int main(int argc, char **argv, char **envp) bool use_lanman = false; char *logoff_user = getenv("USER"); int logoff_uid = geteuid(); + const char *opt_krb5ccname = "FILE"; struct poptOption long_options[] = { POPT_AUTOHELP @@ -2178,6 +2179,7 @@ int main(int argc, char **argv, char **envp) { "krb5auth", 'K', POPT_ARG_STRING, &string_arg, 'K', "authenticate user using Kerberos", "user%password" }, /* destroys wbinfo --help output */ /* "user%password,DOM\\user%password,user@EXAMPLE.COM,EXAMPLE.COM\\user%password" }, */ + { "krb5ccname", 0, POPT_ARG_STRING, &opt_krb5ccname, '0', "authenticate user using Kerberos and specific credential cache type", "krb5ccname" }, #endif { "separator", 0, POPT_ARG_NONE, 0, OPT_SEPARATOR, "Get the active winbind separator", NULL }, { "verbose", 0, POPT_ARG_NONE, 0, OPT_VERBOSE, "Print additional information per command", NULL }, @@ -2547,13 +2549,13 @@ int main(int argc, char **argv, char **envp) WBFLAG_PAM_INFO3_TEXT | WBFLAG_PAM_CONTACT_TRUSTDOM; - if (!wbinfo_auth_krb5(string_arg, "FILE", + if (!wbinfo_auth_krb5(string_arg, opt_krb5ccname, flags)) { d_fprintf(stderr, "Could not authenticate user " "[%s] with Kerberos " "(ccache: %s)\n", string_arg, - "FILE"); + opt_krb5ccname); goto done; } break;