diff options
| author | Pavel Březina <pbrezina@redhat.com> | 2015-10-11 17:38:34 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-10-14 13:07:42 +0200 |
| commit | 51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7 (patch) | |
| tree | ac301de993a560af80e56e19e1acf65f09365043 | |
| parent | 2f793681b4debbe015815f908dc12c0463711609 (diff) | |
| download | sssd-51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7.tar.gz sssd-51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7.tar.xz sssd-51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7.zip | |
sudo: search with view even if user is found
If an overriden name is provided and the user is already cache we fail
to refresh it since we won't search with VIEW flag. This patch fix
it.
Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/responder/sudo/sudosrv_get_sudorules.c | 5 |
1 files changed, 4 insertions, 1 deletions
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c index a0b09e69b..cc06977d9 100644 --- a/src/responder/sudo/sudosrv_get_sudorules.c +++ b/src/responder/sudo/sudosrv_get_sudorules.c @@ -160,7 +160,10 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx) if ((user->count == 0 || cache_expire < time(NULL)) && dctx->check_provider) { - if (DOM_HAS_VIEWS(dom) && user->count == 0) { + if (DOM_HAS_VIEWS(dom) && (user->count == 0 + || ldb_msg_find_attr_as_string(user->msgs[0], + OVERRIDE_PREFIX SYSDB_NAME, + NULL) != NULL)) { extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW; } |