mart-w/kanidm
1
0
Fork 0
mirror of https://github.com/kanidm/kanidm.git synced 2025-04-29 21:55:05 +02:00
Code Issues Actions10 Packages Projects Releases Wiki Activity

Implement libnss side possibly

Browse source
This commit is contained in:
Doridian 2024-12-29 21:46:24 -08:00
parent 685746796e
commit 8af51175f5
2 changed files with 50 additions and 0 deletions
unix_integration/nss_kanidm/src
core.rshooks.rs

36
unix_integration/nss_kanidm/src/core.rs
View file

@ -285,6 +285,42 @@ pub fn get_group_entry_by_name(name: String, req_options: RequestOptions) -> Res
} }
} }
pub fn get_group_entries_by_member(member: String, req_options: RequestOptions) -> Response<Vec<Group>> {
match req_options.connect_to_daemon() {
Source::Daemon(mut daemon_client) => {
let req = ClientRequest::NssGroupsByMember(member);
daemon_client
.call_and_wait(&req, None)
.map(|r| match r {
ClientResponse::NssGroups(l) => {
l.into_iter().map(group_from_nssgroup).collect()
}
_ => Vec::new(),
})
.map(Response::Success)
.unwrap_or_else(|_| Response::Success(vec![]))
}
Source::Fallback { users: _, groups } => {
if groups.is_empty() {
return Response::Unavail;
}
let membergroups = groups
.into_iter()
.filter_map(|etcgroup| {
if etcgroup.members.contains(&member) {
Some(group_from_etcgroup(etcgroup))
} else {
None
}
})
.collect();
Response::Success(membergroups)
}
}
}
fn passwd_from_etcuser(etc: EtcUser) -> Passwd { fn passwd_from_etcuser(etc: EtcUser) -> Passwd {
Passwd { Passwd {
name: etc.name, name: etc.name,

14
unix_integration/nss_kanidm/src/hooks.rs
View file

@ -3,6 +3,7 @@ use kanidm_unix_common::constants::DEFAULT_CONFIG_PATH;
use libnss::group::{Group, GroupHooks}; use libnss::group::{Group, GroupHooks};
use libnss::interop::Response; use libnss::interop::Response;
use libnss::passwd::{Passwd, PasswdHooks}; use libnss::passwd::{Passwd, PasswdHooks};
use libnss::initgroups::{InitgroupsHooks};
struct KanidmPasswd; struct KanidmPasswd;
libnss_passwd_hooks!(kanidm, KanidmPasswd); libnss_passwd_hooks!(kanidm, KanidmPasswd);
@ -61,3 +62,16 @@ impl GroupHooks for KanidmGroup {
core::get_group_entry_by_name(name, req_opt) core::get_group_entry_by_name(name, req_opt)
} }
} }
struct KanidmInitgroups;
libnss_initgroups_hooks!(kanidm, KanidmInitgroups);
impl InitgroupsHooks for KanidmInitgroups {
fn get_entries_by_user(user: String) -> Response<Vec<Group>> {
let req_opt = RequestOptions::Main {
config_path: DEFAULT_CONFIG_PATH,
};
core::get_group_entries_by_member(user, req_opt)
}
}