diff options
| author | Rob Crittenden <rcritten@redhat.com> | 2011-02-23 17:10:08 -0500 |
|---|---|---|
| committer | Endi S. Dewata <edewata@redhat.com> | 2011-02-23 18:44:23 -0500 |
| commit | af9f9052393697383c79576490127a4426452ba8 (patch) | |
| tree | 68ccfa8cb3c50a51eadc5962f3882038f211125c /ipaserver | |
| parent | 1770750b8adad6d9f2d98c0c9debc54d61f341cf (diff) | |
| download | freeipa-af9f9052393697383c79576490127a4426452ba8.tar.gz freeipa-af9f9052393697383c79576490127a4426452ba8.tar.xz freeipa-af9f9052393697383c79576490127a4426452ba8.zip | |
Collect memberof information for sudo commands.
We weren't searching the cn=sudo container so all members of a
sudocmdgroup looked indirect.
Add a label for sudo command groups.
Update the tests to include verifying that membership is done
properly.
ticket 1003
Diffstat (limited to 'ipaserver')
| -rw-r--r-- | ipaserver/plugins/ldap2.py | 8 |
1 files changed, 8 insertions, 0 deletions
diff --git a/ipaserver/plugins/ldap2.py b/ipaserver/plugins/ldap2.py index d1e31f5e..568792d1 100644 --- a/ipaserver/plugins/ldap2.py +++ b/ipaserver/plugins/ldap2.py @@ -1002,6 +1002,14 @@ class ldap2(CrudBackend, Encoder): except errors.NotFound: pbacresults = [] results = results + pbacresults + try: + (sudoresults, truncated) = self.find_entries(searchfilter, + attr_list, 'cn=sudo,%s' % api.env.basedn, + time_limit=time_limit, size_limit=size_limit, + normalize=normalize) + except errors.NotFound: + sudoresults = [] + results = results + sudoresults direct = [] indirect = [] |