sssd.git - sssd with jhrozek's patches

diff options

author	Sumit Bose <sbose@redhat.com>	2015-04-28 17:20:05 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-05-06 05:58:23 +0200
commit	f643fadbd072a9d3725f5f750340d5b13628ce6a (patch)
tree	ab329f53a380b15d89c97f6627613d1eeeb3b130 /scripts
parent	24905d4ecbf210687e385449448f5a5ec97d2833 (diff)
download	sssd-f643fadbd072a9d3725f5f750340d5b13628ce6a.tar.gz sssd-f643fadbd072a9d3725f5f750340d5b13628ce6a.tar.xz sssd-f643fadbd072a9d3725f5f750340d5b13628ce6a.zip

IPA: update initgr expire timestamp conditionally

Newer versions of the extdom plugin return the full list of group-memberships during user lookups. As a result the lifetime of the group-membership data is updates in those cases. But if the user is not looked up directly but is resolved as a group member during a group lookup SSSD does not resolve all group-membership of the user to avoid deep recursion and eventually a complete enumeration of the user and group base. In this case the lifetime of the group-memberships should not be updated because it might be incomplete. Related to https://fedorahosted.org/sssd/ticket/2633 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit cffe3135f29c737f2598f3c1384bfba1694fb843)

Diffstat (limited to 'scripts')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: