From e354a96bbca5da8525ee51f91907e75af897b856 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Thu, 14 Feb 2013 10:13:59 +0100 Subject: [PATCH] Fix the krb5 password expiration warning https://fedorahosted.org/sssd/ticket/1808 --- src/confdb/confdb.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index 31efd9443be8490715961c8a45f9352bd1ade653..31c48bd28aee37008687e7e255ebf2ef2d79798a 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1020,7 +1020,11 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, goto done; } - /* Set the PAM warning time, if specified */ + /* Set the PAM warning time, if specified. If not specified, pass on + * the "not set" value of "-1" which means "use provider default". The + * value 0 means "always display the warning if server sends one" */ + domain->pwd_expiration_warning = -1; + val = ldb_msg_find_attr_as_int(res->msgs[0], CONFDB_DOMAIN_PWD_EXPIRATION_WARNING, -1); @@ -1035,6 +1039,8 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, } if (val > 0) { + DEBUG(SSSDBG_CONF_SETTINGS, + ("Setting domain password expiration warning to %d days\n", val)); /* The value is in days, transform it to seconds */ domain->pwd_expiration_warning = val * 24 * 3600; } -- 1.8.1.2