OSC · johrstrom · Sep 25, 2024 · Sep 13, 2024 · Sep 13, 2024 · Sep 13, 2024
diff --git a/mod_ood_proxy/lib/ood/user_map.lua b/mod_ood_proxy/lib/ood/user_map.lua
@@ -17,6 +17,12 @@ function map(r, user_map_match, user_map_cmd, remote_user)
     handle:close()
   end
 
+  -- if sys_user is a number, then it's the uid, so convert to username
+  if tonumber(sys_user) then
+    local pwd = require "posix.pwd"
+    sys_user = pwd.getpwuid(tonumber(sys_user)).pw_name
+  end
+
   time_user_map = (r:clock() - now)/1000.0
   r:debug("Mapped '" .. remote_user .. "' => '" .. (sys_user or "") .. "' [" .. time_user_map .. " ms]")
 
@@ -25,6 +31,7 @@ function map(r, user_map_match, user_map_cmd, remote_user)
     return nil
   end
 
+
   r.subprocess_env['MAPPED_USER'] = sys_user -- set as CGI variable for later hooks (i.e., analytics)
   r.subprocess_env['OOD_TIME_USER_MAP'] = time_user_map -- set as CGI variable for later hooks (i.e., analytics)
   return sys_user

diff --git a/nginx_stage/lib/nginx_stage/user.rb b/nginx_stage/lib/nginx_stage/user.rb
@@ -33,11 +33,12 @@ class User
     # @param user [String] the user name defining this object
     # @raise [ArgumentError] if user or primary group doesn't exist on local system
     def initialize(user)
-      @passwd = Etc.getpwnam user.to_s
+      user_is_uid = (user[0].to_i and user.to_i > 0)
+      @passwd = (user_is_uid) ? Etc.getpwuid(user.to_i) : Etc.getpwnam(user)
       @group = Etc.getgrgid gid
       @groups = get_groups
 
-      if name.to_s != user.to_s
+      if not user_is_uid and (name.to_s != user.to_s)
         err_msg = <<~HEREDOC
           Username '#{user}' is being mapped to '#{name}' in SSSD and they don't match.
           Users with domain names cannot be mapped correctly. If '#{name}' still has the