summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSumit Bose <sbose@redhat.com>2013-08-07 12:12:48 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-08-19 22:32:34 +0200
commitfd04fbbf93d33db729404cdc4408f59226025ea6 (patch)
tree91a9261a044268d07945da42a1e55c6b339fc12f
parent15b5d885e28afcd6c3c19f900eea2a8e00c3e6d3 (diff)
downloadsssd-fd04fbbf93d33db729404cdc4408f59226025ea6.tar.gz
sssd-fd04fbbf93d33db729404cdc4408f59226025ea6.tar.xz
sssd-fd04fbbf93d33db729404cdc4408f59226025ea6.zip
save_rfc2307bis_user_memberships: use fq names for subdomains
For subdomains the group names must be expanded to fully qualified names to be able to find existing groups or properly add new ones.
Diffstat
-rw-r--r--src/providers/ldap/sdap_async_initgroups.c16
1 files changed, 16 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 513de2748..9a46dc9b9 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -1984,6 +1984,8 @@ errno_t save_rfc2307bis_user_memberships(
char **add_groups;
char **del_groups;
bool in_transaction = false;
+ size_t c;
+ char *tmp_str;
TALLOC_CTX *tmp_ctx = talloc_new(NULL);
if(!tmp_ctx) {
@@ -2019,6 +2021,20 @@ errno_t save_rfc2307bis_user_memberships(
if (ret != EOK) {
goto error;
}
+
+ if (IS_SUBDOMAIN(state->dom)) {
+ for (c = 0; ldap_grouplist[c] != NULL; c++) {
+ tmp_str = sss_tc_fqname(ldap_grouplist, state->dom->names,
+ state->dom, ldap_grouplist[c]);
+ if (tmp_str == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, ("sss_tc_fqname failed.\n"));
+ ret = ENOMEM;
+ goto error;
+ }
+ talloc_free(ldap_grouplist[c]);
+ ldap_grouplist[c] = tmp_str;
+ }
+ }
}
/* Find the differences between the sysdb and ldap lists
generated by cgit (git 2.34.1) at 2024-11-12 23:50:28 +0000