diff options
| author | Sumit Bose <sbose@redhat.com> | 2014-11-27 10:01:40 +0100 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2014-12-03 14:23:45 +0100 |
| commit | f2a61159a9d8a73405d5dbc6f74bb176b3ee34c9 (patch) | |
| tree | e62fd38ca346d6071dbc74a67cbc9ae90b2a1b78 | |
| parent | 377741700be52a7f496231ab808a673e3e8ff10e (diff) | |
| download | sssd-f2a61159a9d8a73405d5dbc6f74bb176b3ee34c9.tar.gz sssd-f2a61159a9d8a73405d5dbc6f74bb176b3ee34c9.tar.xz sssd-f2a61159a9d8a73405d5dbc6f74bb176b3ee34c9.zip | |
krb5: make krb5 provider view aware
https://fedorahosted.org/sssd/ticket/2510
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/providers/ipa/ipa_subdomains.c | 13 | ||||
| -rw-r--r-- | src/providers/krb5/krb5_auth.c | 18 |
2 files changed, 25 insertions, 6 deletions
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index 6fdb0befa..d053d46ac 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -1174,6 +1174,19 @@ static void ipa_get_view_name_done(struct tevent_req *req) DEBUG(SSSDBG_CRIT_FAILURE, "Cannot copy view name.\n"); } } + + /* TODO: only needed if view changed */ + ret = sysdb_master_domain_update(ctx->sd_ctx->be_ctx->domain); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_master_domain_update failed.\n"); + goto done; + } + + ret = sysdb_update_subdomains(ctx->sd_ctx->be_ctx->domain); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_update_subdomains failed.\n"); + goto done; + } } ret = ipa_check_master(ctx); diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index e791aee1c..e43b36527 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -462,8 +462,8 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, } kr = state->kr; - ret = sysdb_get_user_attr(state, state->domain, state->pd->user, attrs, - &res); + ret = sysdb_get_user_attr_with_views(state, state->domain, state->pd->user, + attrs, &res); if (ret) { DEBUG(SSSDBG_FUNC_DATA, "sysdb search for upn of user [%s] failed.\n", pd->user); @@ -503,14 +503,18 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, goto done; } - kr->homedir = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_HOMEDIR, - NULL); + kr->homedir = sss_view_ldb_msg_find_attr_as_string(state->domain, + res->msgs[0], + SYSDB_HOMEDIR, + NULL); if (kr->homedir == NULL) { DEBUG(SSSDBG_CONF_SETTINGS, "Home directory for user [%s] not known.\n", pd->user); } - kr->uid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 0); + kr->uid = sss_view_ldb_msg_find_attr_as_uint64(state->domain, + res->msgs[0], + SYSDB_UIDNUM, 0); if (kr->uid == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "UID for user [%s] not known.\n", pd->user); @@ -518,7 +522,9 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx, goto done; } - kr->gid = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 0); + kr->gid = sss_view_ldb_msg_find_attr_as_uint64(state->domain, + res->msgs[0], + SYSDB_GIDNUM, 0); if (kr->gid == 0) { DEBUG(SSSDBG_CONF_SETTINGS, "GID for user [%s] not known.\n", pd->user); |