From c76c2d7018b39f41705363f2760d4b6857d75b36 Mon Sep 17 00:00:00 2001
From: Stef Walter <stefw@redhat.com>
Date: Fri, 12 Apr 2013 13:46:29 +0200
Subject: [PATCH] Use a dollar sign as our simple_allow_users placeholder

We have to use a placeholder to get sssd to recognize that the
simple_allow_users is to allow no users to login.

Simo recommended using a dollar sign instead of a comma.

https://bugs.freedesktop.org/show_bug.cgi?id=62518
---
 service/realm-sssd.c | 10 +++++-----
 1 file changed, 5 insertions(+), 5 deletions(-)

diff --git a/service/realm-sssd.c b/service/realm-sssd.c
index a91dc79..9ce5967 100644
--- a/service/realm-sssd.c
+++ b/service/realm-sssd.c
@@ -85,17 +85,17 @@ sssd_config_change_login_policy (RealmIniConfig *config,
 
 	if (access_provider)
 		realm_ini_config_set (config, section, "access_provider", access_provider);
-	realm_ini_config_set_list_diff (config, section, "simple_allow_users", ",",
+	realm_ini_config_set_list_diff (config, section, "simple_allow_users", "$",
 	                                add_names, remove_names);
 
 	/*
 	 * HACK: Work around for sssd problem where it allows users if
-	 * simple_allow_users is empty. Set it to a comma in this case.
+	 * simple_allow_users is empty. Set it to a dollar in this case.
 	 */
 	allow = realm_ini_config_get (config, section, "simple_allow_users");
 	if (allow != NULL) {
 		g_strstrip (allow);
-		if (g_str_equal (allow, "") || g_str_equal (allow, ",")) {
+		if (g_str_equal (allow, "") || g_str_equal (allow, "$") || g_str_equal (allow, ",")) {
 			g_free (allow);
 			allow = NULL;
 		}
@@ -103,7 +103,7 @@ sssd_config_change_login_policy (RealmIniConfig *config,
 
 	if (allow == NULL) {
 		if (g_str_equal (access_provider, "simple"))
-			realm_ini_config_set (config, section, "simple_allow_users", ",");
+			realm_ini_config_set (config, section, "simple_allow_users", "$");
 		else
 			realm_ini_config_set (config, section, "simple_allow_users", NULL);
 	}
@@ -318,7 +318,7 @@ update_login_policy (RealmSssd *self)
 		access = realm_ini_config_get (self->pv->config, self->pv->section, "access_provider");
 	if (g_strcmp0 (access, "simple") == 0) {
 		values = realm_ini_config_get_list (self->pv->config, self->pv->section,
-		                                    "simple_allow_users", ",");
+		                                    "simple_allow_users", "$");
 		for (i = 0; values != NULL && values[i] != NULL; i++) {
 			if (!g_str_equal (values[i], ""))
 				g_ptr_array_add (permitted, realm_kerberos_format_login (kerberos, values[i]));
-- 
1.8.1.4