Imported Debian patch 1.6.9p14-1

[debian/sudo] / ldap.c

diff --git a/ldap.c b/ldap.c
index 9097310cbf9354c96596a085ac46eba7c733fea8..0477f81231f4dfbc3d97dbd2b939d7c3ea847d18 100644 (file)
--- a/ldap.c
+++ b/ldap.c
@@ -71,7 +71,7 @@
 #include "parse.h"
 
 #ifndef lint
-__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.36 2008/01/21 16:08:26 millert Exp $";
+__unused static const char rcsid[] = "$Sudo: ldap.c,v 1.11.2.37 2008/02/09 14:44:47 millert Exp $";
 #endif /* lint */
 
 #ifndef LINE_MAX
@@ -1189,6 +1189,13 @@ sudo_ldap_check(pwflag)
                if (setenv_implied)
                    def_setenv = TRUE;
                sudo_ldap_parse_options(ld, entry);
+#ifdef HAVE_SELINUX
+               /* Set role and type if not specified on command line. */
+               if (user_role == NULL)
+                   user_role = def_role;
+               if (user_type == NULL)
+                   user_type = def_type;
+#endif /* HAVE_SELINUX */
                /* make sure we don't reenter loop */
                ret = VALIDATE_OK;
                /* break from inside for loop */