diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-27 16:02:33 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-01-30 12:40:50 +0100 |
commit | 108db0e3b9e06e530364ef8228634f5e3f6bd3b5 (patch) | |
tree | 9fd0b05e9b534995c36d25d46661df188c4f91c1 | |
parent | 2c7a47b6ed9c9dc721af1eac6c53b706bf1769b6 (diff) | |
download | sssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.tar.gz sssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.tar.xz sssd-108db0e3b9e06e530364ef8228634f5e3f6bd3b5.zip |
LDAP: Add UUID when saving incomplete groups
Related to:
https://fedorahosted.org/sssd/ticket/2571
Reviewed-by: Sumit Bose <sbose@redhat.com>
-rw-r--r-- | src/db/sysdb.h | 1 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 6 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 16 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups_ad.c | 2 | ||||
-rw-r--r-- | src/tests/sysdb-tests.c | 16 |
5 files changed, 29 insertions, 12 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 3fb18b9bb..0574a91fb 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -797,6 +797,7 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain, gid_t gid, const char *original_dn, const char *sid_str, + const char *uuid, bool posix, time_t now); diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 0c254d8cd..6085762dc 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -1610,6 +1610,7 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain, gid_t gid, const char *original_dn, const char *sid_str, + const char *uuid, bool posix, time_t now) { @@ -1656,6 +1657,11 @@ int sysdb_add_incomplete_group(struct sss_domain_info *domain, if (ret) goto done; } + if (uuid) { + ret = sysdb_attrs_add_string(attrs, SYSDB_UUID, uuid); + if (ret) goto done; + } + ret = sysdb_set_group_attr(domain, name, attrs, SYSDB_MOD_REP); done: diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index d3e080013..6b3179d2d 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -41,6 +41,7 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, int i, mi, ai; const char *groupname; const char *original_dn; + const char *uuid = NULL; char **missing; gid_t gid; int ret; @@ -191,15 +192,24 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, &original_dn); if (ret) { DEBUG(SSSDBG_FUNC_DATA, - "The group has no name original DN\n"); + "The group has no original DN\n"); original_dn = NULL; } + ret = sysdb_attrs_get_string(ldap_groups[ai], + SYSDB_UUID, + &uuid); + if (ret) { + DEBUG(SSSDBG_FUNC_DATA, + "The group has no UUID\n"); + uuid = NULL; + } + DEBUG(SSSDBG_TRACE_INTERNAL, "Adding fake group %s to sysdb\n", groupname); ret = sysdb_add_incomplete_group(domain, groupname, gid, - original_dn, sid_str, posix, - now); + original_dn, sid_str, + uuid, posix, now); if (ret != EOK) { goto done; } diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c index a533279f6..1b8c8d981 100644 --- a/src/providers/ldap/sdap_async_initgroups_ad.c +++ b/src/providers/ldap/sdap_async_initgroups_ad.c @@ -929,7 +929,7 @@ static void sdap_ad_tokengroups_initgr_mapping_done(struct tevent_req *subreq) * it will replace this temporary entry. */ name = sid; ret = sysdb_add_incomplete_group(domain, name, gid, - NULL, sid, false, now); + NULL, sid, NULL, false, now); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, "Could not create incomplete " "group: [%s]\n", strerror(ret)); diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 6643710db..7c2c6d208 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -266,7 +266,7 @@ static int test_add_incomplete_group(struct test_data *data) int ret; ret = sysdb_add_incomplete_group(data->ctx->domain, data->groupname, - data->gid, NULL, NULL, true, 0); + data->gid, NULL, NULL, NULL, true, 0); return ret; } @@ -4038,8 +4038,8 @@ START_TEST(test_odd_characters) /* ===== Groups ===== */ /* Add */ - ret = sysdb_add_incomplete_group(test_ctx->domain, - odd_groupname, 20000, NULL, NULL, true, 0); + ret = sysdb_add_incomplete_group(test_ctx->domain, odd_groupname, + 20000, NULL, NULL, NULL, true, 0); fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]", ret, strerror(ret)); @@ -4195,8 +4195,8 @@ START_TEST(test_SSS_LDB_SEARCH) fail_if(nonexist_dn == NULL, "sysdb_group_dn failed"); /* Add */ - ret = sysdb_add_incomplete_group(test_ctx->domain, - groupname, 20000, NULL, NULL, true, 0); + ret = sysdb_add_incomplete_group(test_ctx->domain, groupname, + 20000, NULL, NULL, NULL, true, 0); fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]", ret, strerror(ret)); @@ -4992,14 +4992,14 @@ START_TEST(test_sysdb_original_dn_case_insensitive) ret = sysdb_add_incomplete_group(test_ctx->domain, "case_sensitive_group1", 29000, "cn=case_sensitive_group1,cn=example,cn=com", - NULL, true, 0); + NULL, NULL, true, 0); fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]", ret, strerror(ret)); ret = sysdb_add_incomplete_group(test_ctx->domain, "case_sensitive_group2", 29001, "cn=CASE_SENSITIVE_GROUP1,cn=EXAMPLE,cn=COM", - NULL, true, 0); + NULL, NULL, true, 0); fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]", ret, strerror(ret)); @@ -5035,7 +5035,7 @@ START_TEST(test_sysdb_search_sid_str) ret = sysdb_add_incomplete_group(test_ctx->domain, "group", 29000, "cn=group,cn=example,cn=com", - "S-1-2-3-4", true, 0); + "S-1-2-3-4", NULL, true, 0); fail_unless(ret == EOK, "sysdb_add_incomplete_group error [%d][%s]", ret, strerror(ret)); |