diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-18 09:33:42 -0500 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-21 08:10:35 -0500 |
| commit | 37ff5568747788c042e450ed2dbfc5d72c5cc5dd (patch) | |
| tree | 6c2ef9eeec63c5ebbb75cc0ec3da578ccaa8ffd6 | |
| parent | c278de2fbf59f7cb187867484972dcb051a1ed97 (diff) | |
| download | sssd-37ff5568747788c042e450ed2dbfc5d72c5cc5dd.tar.gz sssd-37ff5568747788c042e450ed2dbfc5d72c5cc5dd.tar.xz sssd-37ff5568747788c042e450ed2dbfc5d72c5cc5dd.zip | |
Perform initgroups lookups for all domains
Previously, we were setting the client context PAM lookup timeout
after the first domain replied. However, if the user wasn't a
member of the first domain, their information wasn't being
updated.
This patch ensures that we only set this timeout after the user
has been found or all domains were searched.
| -rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 79993d336..8035a6878 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -952,10 +952,12 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, (unsigned int)err_maj, (unsigned int)err_min, err_msg)); } - /* Make sure we don't go to the ID provider too often */ - preq->cctx->pam_timeout = time(NULL) + pctx->id_timeout; - ret = pam_check_user_search(preq); + if (ret == EOK || ret == ENOENT) { + /* Make sure we don't go to the ID provider too often */ + preq->cctx->pam_timeout = time(NULL) + pctx->id_timeout; + } + if (ret == EOK) { pam_dom_forwarder(preq); } |