Subject: Collected Debian patches for remctl
Author: Russ Allbery <rra@debian.org>

Since I am also upstream for this package, there will normally not be any
patches to apply to the upstream source.  However, occasionally I'll pull
up specific upstream commits prior to making an upstream release.  When
this happens, this patch will collect all of those modifications.

I use Git to maintain both the upstream source and the Debian packages,
and generating individual patches rather than using git cherry-pick takes
extra work for no gain.  Since I'm also upstream, there's no need to
separate the patches for later upstream submission.  Hence, I take this
approach with a unified patch when it's necessary.

For full commit history and separated commits, see the upstream Git
repsitory.
--- remctl-2.16.orig/server/config.c
+++ remctl-2.16/server/config.c
@@ -33,6 +33,14 @@
 #include <util/vector.h>
 #include <util/xmalloc.h>
 
+
+#include <stdio.h>
+#include <grp.h>
+#include <stdbool.h>
+#include <stdlib.h>
+#include <string.h>
+
+
 /*
  * acl_gput_file is currently used only by the test suite to point GPUT at a
  * separate file for testing.  If it becomes available as a configurable
@@ -613,6 +621,73 @@ acl_check_princ(const char *user, const 
 }
 
 
+static void print_gr_info(const struct group *group_info)
+{
+	/*
+                struct group {
+               char   *gr_name;     
+               char   *gr_passwd;  
+               gid_t   gr_gid;        
+               char  **gr_mem;    
+
+	*/	
+	
+	printf("GROUP INFO\n");
+	printf("=========\n");
+	printf("[NAME] %s\n",group_info->gr_name);
+	printf("[PASSWORD] %s\n",group_info->gr_passwd);
+	printf("[GROUP ID] %i\n",group_info->gr_gid);
+	printf("[MEMBERS]\n");
+	int i;
+	for(i=0;i<sizeof(group_info->gr_mem);i++)
+		if(group_info->gr_mem[i]!=NULL)
+			printf("\t* %s\n",group_info->gr_mem[i]);
+	
+	
+};
+
+
+static enum config_status
+acl_check_groups(const char *user, const char *data, const char *file UNUSED,
+		 int lineno UNUSED)
+{
+	struct group *group_info=getgrnam(data);
+
+	if(group_info==NULL)
+		return CONFIG_ERROR;
+
+	print_gr_info(group_info);
+
+	printf("KRB USER: %s\n",user);
+	
+	char* buffer;
+
+	buffer=(char*)malloc(sizeof(char)*strlen(user));
+
+	strcpy(buffer, user);
+
+
+	strtok(buffer,"@");
+
+	printf("USER: %s\n",buffer);
+
+	int i;
+	bool found=false;
+
+	for(i=0;i<sizeof(group_info->gr_mem);i++)
+		if(group_info->gr_mem[i]!=NULL && strcmp(buffer,group_info->gr_mem[i])==0)
+			found=true;
+
+	if(found)
+		return CONFIG_SUCCESS;
+	else
+		return CONFIG_NOMATCH;
+}
+
+
+
+
+
 /*
  * The ACL check operation for the deny method.  Takes the user to check, the
  * scheme:method we are checking against, and the referencing file name and
@@ -826,6 +901,7 @@ static const struct acl_scheme schemes[]
     { "file",  acl_check_file  },
     { "princ", acl_check_princ },
     { "deny",  acl_check_deny  },
+    { "group", acl_check_groups },
 #ifdef HAVE_GPUT
     { "gput",  acl_check_gput  },
 #else