diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-29 08:51:05 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-29 10:23:06 -0400 |
commit | 0a432138750a8d790e9eaded5c2ba25369dfffeb (patch) | |
tree | 17b35b0e45f2b17b9b39bc68f7e1766fee8da4f0 | |
parent | 207d5890c73c707b3f05c003e65a86984c3548b8 (diff) | |
download | sssd-0a432138750a8d790e9eaded5c2ba25369dfffeb.tar.gz sssd-0a432138750a8d790e9eaded5c2ba25369dfffeb.tar.xz sssd-0a432138750a8d790e9eaded5c2ba25369dfffeb.zip |
HBAC: Properly skip all non-group memberOf entries
-rw-r--r-- | src/providers/ipa/ipa_hbac_users.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_hbac_users.c b/src/providers/ipa/ipa_hbac_users.c index 9b7cadb2e..56259da5a 100644 --- a/src/providers/ipa/ipa_hbac_users.c +++ b/src/providers/ipa/ipa_hbac_users.c @@ -73,7 +73,8 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx, if (ldb_dn_get_comp_num(dn) < 4) { /* RDN, groups, accounts, and at least one DC= */ - ret = EINVAL; + /* If it's fewer, it's not a group DN */ + ret = ENOENT; goto done; } |