diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2009-08-21 11:18:49 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-21 12:55:42 -0400 |
commit | 9c0069c375d041b2af7a1b1ffbd32ac3955f150c (patch) | |
tree | f3e14c766eef6e70221a83c363a1b8a44397f229 /server/tools/sss_usermod.c | |
parent | 9a5ad27a1d083a1859344d9e7f5ddcecc1b0178c (diff) | |
download | sssd-9c0069c375d041b2af7a1b1ffbd32ac3955f150c.tar.gz sssd-9c0069c375d041b2af7a1b1ffbd32ac3955f150c.tar.xz sssd-9c0069c375d041b2af7a1b1ffbd32ac3955f150c.zip |
Disallow all operations outside domains, fix deleting cache for files
One of the previous patches disallowed adding users and groups outside
known domains but it was missing disallowing modifying, deleting, etc.
Also don't error if there's no sysdb cache to delete after deleting
legacy user/domain.
Fixes: tickets #113,#114
Diffstat (limited to 'server/tools/sss_usermod.c')
-rw-r--r-- | server/tools/sss_usermod.c | 6 |
1 files changed, 5 insertions, 1 deletions
diff --git a/server/tools/sss_usermod.c b/server/tools/sss_usermod.c index 0e1055dd3..1dfd2a721 100644 --- a/server/tools/sss_usermod.c +++ b/server/tools/sss_usermod.c @@ -504,7 +504,6 @@ int main(int argc, const char **argv) break; case ID_IN_LEGACY_LOCAL: - case ID_OUTSIDE: ret = usermod_legacy(ctx, data, pc_uid, pc_gid, pc_gecos, pc_home, pc_shell, pc_lock, data->domain); if(ret != EOK) { @@ -512,6 +511,11 @@ int main(int argc, const char **argv) } goto fini; + case ID_OUTSIDE: + ERROR("The selected UID is outside all domain ranges\n"); + ret = EXIT_FAILURE; + goto fini; + case ID_IN_OTHER: DEBUG(1, ("Cannot modify user from domain %s\n", dom->name)); ERROR("Unsupported domain type\n"); |