mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-02-23 12:37:00 +01:00
Code Issues Actions 16 Packages Projects Releases Wiki Activity

Canonicalize path for user shell check (#3265)

Browse source
This commit is contained in:
James Hodgkinson 2024-12-04 11:55:30 +10:00 committed by GitHub
parent 388ed679a8
commit 516874460b
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
1 changed files with 10 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
unix_integration/resolver/src/resolver.rs
View file

@ -320,7 +320,10 @@ impl Resolver {
let offset = ex_time let offset = ex_time
.duration_since(SystemTime::UNIX_EPOCH) .duration_since(SystemTime::UNIX_EPOCH)
.map_err(|e| { .map_err(|e| {
error!("time conversion error - ex_time less than epoch? {:?}", e); error!(
"Time conversion error - cache expiry time became less than epoch? {:?}",
e
);
})?; })?;
// Check if requested `shell` exists on the system, else use `default_shell` // Check if requested `shell` exists on the system, else use `default_shell`
@ -328,10 +331,13 @@ impl Resolver {
.shell .shell
.as_ref() .as_ref()
.map(|shell| { .map(|shell| {
let exists = Path::new(shell).exists(); let exists = Path::new(shell).canonicalize()
.map_err(|err|{
debug!("Failed to canonicalize path, using base path. Tried: {} Error: {:?}", shell, err);
}).unwrap_or(Path::new(shell).to_path_buf()).exists();
if !exists { if !exists {
info!( warn!(
"User shell is not present on this system - {}. Check `/etc/shells` for valid shell options.", "Configured shell for {} is not present on this system - {}. Check `/etc/shells` for valid shell options.", token.name,
shell shell
) )
} }