summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2015-01-27 16:02:33 +0100
committerJakub Hrozek <jhrozek@redhat.com>2015-01-30 12:40:50 +0100
commit108db0e3b9e06e530364ef8228634f5e3f6bd3b5 (patch)
tree9fd0b05e9b534995c36d25d46661df188c4f91c1
parent2c7a47b6ed9c9dc721af1eac6c53b706bf1769b6 (diff)
downloadsssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.tar.gz
sssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.tar.xz
sssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.zip
LDAP: Add UUID when saving incomplete groups
Related to: https://fedorahosted.org/sssd/ticket/2571 Reviewed-by: Sumit Bose <sbose@redhat.com>
-rw-r--r--src/db/sysdb.h1
-rw-r--r--src/db/sysdb_ops.c6
-rw-r--r--src/providers/ldap/sdap_async_initgroups.c16
-rw-r--r--src/providers/ldap/sdap_async_initgroups_ad.c2
-rw-r--r--src/tests/sysdb-tests.c16
5 files changed, 29 insertions, 12 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 3fb18b9bb..0574a91fb 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -797,6 +797,7 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain,
gid_t gid,
const char *original_dn,
const char *sid_str,
+ const char *uuid,
bool posix,
time_t now);
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 0c254d8cd..6085762dc 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1610,6 +1610,7 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain,
gid_t gid,
const char *original_dn,
const char *sid_str,
+ const char *uuid,
bool posix,
time_t now)
{
@@ -1656,6 +1657,11 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain,
if (ret) goto done;
}
+ if (uuid) {
+ ret = sysdb_attrs_add_string(attrs, SYSDB_UUID, uuid);
+ if (ret) goto done;
+ }
+
ret = sysdb_set_group_attr(domain, name, attrs, SYSDB_MOD_REP);
done:
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index d3e080013..6b3179d2d 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -41,6 +41,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
int i, mi, ai;
const char *groupname;
const char *original_dn;
+ const char *uuid = NULL;
char **missing;
gid_t gid;
int ret;
@@ -191,15 +192,24 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb,
&original_dn);
if (ret) {
DEBUG(SSSDBG_FUNC_DATA,
- "The group has no name original DN\n");
+ "The group has no original DN\n");
original_dn = NULL;
}
+ ret = sysdb_attrs_get_string(ldap_groups[ai],
+ SYSDB_UUID,
+ &uuid);
+ if (ret) {
+ DEBUG(SSSDBG_FUNC_DATA,
+ "The group has no UUID\n");
+ uuid = NULL;
+ }
+
DEBUG(SSSDBG_TRACE_INTERNAL,
"Adding fake group %s to sysdb\n", groupname);
ret = sysdb_add_incomplete_group(domain, groupname, gid,
- original_dn, sid_str, posix,
- now);
+ original_dn, sid_str,
+ uuid, posix, now);
if (ret != EOK) {
goto done;
}
diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c
index a533279f6..1b8c8d981 100644
--- a/src/providers/ldap/sdap_async_initgroups_ad.c
+++ b/src/providers/ldap/sdap_async_initgroups_ad.c
@@ -929,7 +929,7 @@ static void sdap_ad_tokengroups_initgr_mapping_done(struct tevent_req *subreq)
* it will replace this temporary entry. */
name = sid;
ret = sysdb_add_incomplete_group(domain, name, gid,
- NULL, sid, false, now);
+ NULL, sid, NULL, false, now);
if (ret != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE, "Could not create incomplete "
"group: [%s]\n", strerror(ret));
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 6643710db..7c2c6d208 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -266,7 +266,7 @@ static int test_add_incomplete_group(struct test_data *data)
int ret;
ret = sysdb_add_incomplete_group(data->ctx->domain, data->groupname,
- data->gid, NULL, NULL, true, 0);
+ data->gid, NULL, NULL, NULL, true, 0);
return ret;
}
@@ -4038,8 +4038,8 @@ START_TEST(test_odd_characters)
/* ===== Groups ===== */
/* Add */
- ret = sysdb_add_incomplete_group(test_ctx->domain,
- odd_groupname, 20000, NULL, NULL, true, 0);
+ ret = sysdb_add_incomplete_group(test_ctx->domain, odd_groupname,
+ 20000, NULL, NULL, NULL, true, 0);
fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]",
ret, strerror(ret));
@@ -4195,8 +4195,8 @@ START_TEST(test_SSS_LDB_SEARCH)
fail_if(nonexist_dn == NULL, "sysdb_group_dn failed");
/* Add */
- ret = sysdb_add_incomplete_group(test_ctx->domain,
- groupname, 20000, NULL, NULL, true, 0);
+ ret = sysdb_add_incomplete_group(test_ctx->domain, groupname,
+ 20000, NULL, NULL, NULL, true, 0);
fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]",
ret, strerror(ret));
@@ -4992,14 +4992,14 @@ START_TEST(test_sysdb_original_dn_case_insensitive)
ret = sysdb_add_incomplete_group(test_ctx->domain,
"case_sensitive_group1", 29000,
"cn=case_sensitive_group1,cn=example,cn=com",
- NULL, true, 0);
+ NULL, NULL, true, 0);
fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]",
ret, strerror(ret));
ret = sysdb_add_incomplete_group(test_ctx->domain,
"case_sensitive_group2", 29001,
"cn=CASE_SENSITIVE_GROUP1,cn=EXAMPLE,cn=COM",
- NULL, true, 0);
+ NULL, NULL, true, 0);
fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]",
ret, strerror(ret));
@@ -5035,7 +5035,7 @@ START_TEST(test_sysdb_search_sid_str)
ret = sysdb_add_incomplete_group(test_ctx->domain,
"group", 29000,
"cn=group,cn=example,cn=com",
- "S-1-2-3-4", true, 0);
+ "S-1-2-3-4", NULL, true, 0);
fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]",
ret, strerror(ret));