summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2010-09-14 08:06:31 -0400
committerStephen Gallagher <sgallagh@redhat.com>2010-09-22 09:55:25 -0400
commit1286160a84dadf7d74f0541648717b101d68460a (patch)
tree16002a026b9ab8afd3f22c665ed2dc0d2f8741a1
parent213bcda07484803b9d9b7e226c386f77f469145f (diff)
downloadsssd-1286160a84dadf7d74f0541648717b101d68460a.tar.gz
sssd-1286160a84dadf7d74f0541648717b101d68460a.tar.xz
sssd-1286160a84dadf7d74f0541648717b101d68460a.zip
Initgroups on a non-cached user should go to the data provider
We were accidentally returning an error when sysdb_getpwnam() returned zero results internally in sysdb_initgroups(). The correct behavior here is to return EOK and a result object with zero entries.
-rw-r--r--src/db/sysdb_search.c12
-rw-r--r--src/responder/nss/nsssrv_cmd.c3
2 files changed, 13 insertions, 2 deletions
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index 6029b99d8..a24ea5b17 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -383,10 +383,20 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx,
ret = sysdb_getpwnam(tmpctx, ctx, domain, name, &res);
if (ret != EOK) {
+ DEBUG(1, ("sysdb_getpwnam failed: [%d][%s]\n",
+ ret, strerror(ret)));
goto done;
}
- if (res->count != 1) {
+
+ if (res->count == 0) {
+ /* User is not cached yet */
+ *_res = talloc_steal(mem_ctx, res);
+ ret = EOK;
+ goto done;
+
+ } else if (res->count != 1) {
ret = EIO;
+ DEBUG(1, ("sysdb_getpwnam returned count: [%d]\n", res->count));
goto done;
}
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 6df705fb6..c3f35e13a 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -2895,7 +2895,8 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
ret = sysdb_initgroups(cmdctx, sysdb, dom, name, &dctx->res);
if (ret != EOK) {
- DEBUG(1, ("Failed to make request to our cache!\n"));
+ DEBUG(1, ("Failed to make request to our cache! [%d][%s]\n",
+ ret, strerror(ret)));
return EIO;
}