summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2011-08-26 11:43:56 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-10-26 10:29:38 -0400
commit0329f79e8c3bd9123dcaa40e217e2257fe04c045 (patch)
tree5b0f13adad562b970a4e44ed33345d4738c53db5
parentf9cf00f40317bf67df48194aa55658e8cbaf0ddc (diff)
downloadsssd-0329f79e8c3bd9123dcaa40e217e2257fe04c045.tar.gz
sssd-0329f79e8c3bd9123dcaa40e217e2257fe04c045.tar.xz
sssd-0329f79e8c3bd9123dcaa40e217e2257fe04c045.zip
HBAC: Handle saving groups that have no members
-rw-r--r--src/providers/ipa/ipa_hbac_common.c28
1 files changed, 21 insertions, 7 deletions
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index 4633f2f9e..a9be90b84 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -186,17 +186,31 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
goto done;
}
- lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL);
- if (lret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(lret);
- goto done;
- }
-
ret = sysdb_attrs_get_string_array(groups[i],
SYSDB_ORIG_MEMBER,
tmp_ctx,
&orig_member_dns);
- if (ret != EOK) {
+
+ if (ret == EOK) {
+ /* One or more members were detected, prep the LDB message */
+ lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL);
+ if (lret != LDB_SUCCESS) {
+ ret = sysdb_error_to_errno(lret);
+ goto done;
+ }
+ } else if (ret == ENOENT) {
+ /* Useless group, has no members */
+ orig_member_dns = talloc_array(tmp_ctx, const char *, 1);
+ if (!orig_member_dns) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ /* Just set the member list to zero length so we skip
+ * processing it below
+ */
+ orig_member_dns[0] = NULL;
+ } else {
DEBUG(1, ("Could not determine original members\n"));
goto done;
}