sudo: send original name and id with local views if possible

Resolves: https://fedorahosted.org/sssd/ticket/2833 Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
author: Pavel Březina <pbrezina@redhat.com> 2015-10-11 17:53:28 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-10-14 13:07:45 +0200
commit: fb8985a3a3a267940760967beaf8af3979ce91ea (patch)
tree: 0260eec6df16a6bd3adaa33dfdfabc26b6a3477d
parent: 51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7 (diff)
download: sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.gz
sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.xz
sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.zip
1 files changed, 13 insertions, 5 deletions
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index cc06977d9..c3336960e 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -79,6 +79,7 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
     struct dp_callback_ctx *cb_ctx;
     const char *original_name = NULL;
     const char *extra_flag = NULL;
+    const char *search_name = NULL;
     char *name = NULL;
     uid_t uid = 0;
     errno_t ret;
@@ -160,16 +161,23 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
         if ((user->count == 0 || cache_expire < time(NULL))
             && dctx->check_provider) {
 
-            if (DOM_HAS_VIEWS(dom) && (user->count == 0
-                    || ldb_msg_find_attr_as_string(user->msgs[0],
-                                                   OVERRIDE_PREFIX SYSDB_NAME,
-                                                   NULL) != NULL)) {
+            search_name = cmd_ctx->username;
+            if (is_local_view(dom->view_name)) {
+                /* Search with original name in case of local view. */
+                if (user->count != 0) {
+                    search_name = ldb_msg_find_attr_as_string(user->msgs[0],
+                                                              SYSDB_NAME, NULL);
+                }
+            } else if (DOM_HAS_VIEWS(dom) && (user->count == 0
+                || ldb_msg_find_attr_as_string(user->msgs[0],
+                                               OVERRIDE_PREFIX SYSDB_NAME,
+                                               NULL) != NULL)) {
                 extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;
             }
 
             dpreq = sss_dp_get_account_send(cli_ctx, cli_ctx->rctx,
                                             dom, false, SSS_DP_INITGROUPS,
-                                            cmd_ctx->username, 0, extra_flag);
+                                            search_name, 0, extra_flag);
             if (!dpreq) {
                 DEBUG(SSSDBG_CRIT_FAILURE,
                       "Out of memory sending data provider request\n");
author	Pavel Březina <pbrezina@redhat.com>	2015-10-11 17:53:28 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-10-14 13:07:45 +0200
commit	fb8985a3a3a267940760967beaf8af3979ce91ea (patch)
tree	0260eec6df16a6bd3adaa33dfdfabc26b6a3477d
parent	51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7 (diff)
download	sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.gz sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.tar.xz sssd-fb8985a3a3a267940760967beaf8af3979ce91ea.zip