diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2010-09-14 08:06:31 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-09-22 09:55:25 -0400 |
commit | 1286160a84dadf7d74f0541648717b101d68460a (patch) | |
tree | 16002a026b9ab8afd3f22c665ed2dc0d2f8741a1 | |
parent | 213bcda07484803b9d9b7e226c386f77f469145f (diff) | |
download | sssd-1286160a84dadf7d74f0541648717b101d68460a.tar.gz sssd-1286160a84dadf7d74f0541648717b101d68460a.tar.xz sssd-1286160a84dadf7d74f0541648717b101d68460a.zip |
Initgroups on a non-cached user should go to the data provider
We were accidentally returning an error when sysdb_getpwnam()
returned zero results internally in sysdb_initgroups(). The
correct behavior here is to return EOK and a result object with
zero entries.
-rw-r--r-- | src/db/sysdb_search.c | 12 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 3 |
2 files changed, 13 insertions, 2 deletions
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 6029b99d8..a24ea5b17 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -383,10 +383,20 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx, ret = sysdb_getpwnam(tmpctx, ctx, domain, name, &res); if (ret != EOK) { + DEBUG(1, ("sysdb_getpwnam failed: [%d][%s]\n", + ret, strerror(ret))); goto done; } - if (res->count != 1) { + + if (res->count == 0) { + /* User is not cached yet */ + *_res = talloc_steal(mem_ctx, res); + ret = EOK; + goto done; + + } else if (res->count != 1) { ret = EIO; + DEBUG(1, ("sysdb_getpwnam returned count: [%d]\n", res->count)); goto done; } diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index 6df705fb6..c3f35e13a 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -2895,7 +2895,8 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) ret = sysdb_initgroups(cmdctx, sysdb, dom, name, &dctx->res); if (ret != EOK) { - DEBUG(1, ("Failed to make request to our cache!\n")); + DEBUG(1, ("Failed to make request to our cache! [%d][%s]\n", + ret, strerror(ret))); return EIO; } |