diff options
author | Sumit Bose <sbose@redhat.com> | 2015-04-29 16:46:14 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-05-06 10:43:59 +0200 |
commit | 0f9c28eb52d2b45c8a97f709308dc11377831b8c (patch) | |
tree | 4fd1d28e4a9fe217fa7e1d3faf43e5c781ec9d50 /src/db | |
parent | 35b178d02dfd293778aefbc0b465a5a3a4b6cd8f (diff) | |
download | sssd-0f9c28eb52d2b45c8a97f709308dc11377831b8c.tar.gz sssd-0f9c28eb52d2b45c8a97f709308dc11377831b8c.tar.xz sssd-0f9c28eb52d2b45c8a97f709308dc11377831b8c.zip |
IPA: allow initgroups by UUID for FreeIPA users
If a FreeIPA user is searched with the help of an override name the UUID
from the override anchor is used to search the user. Currently the
initgroups request only allows searches by SID or name. With this patch
a UUID can be used as well.
Related to https://fedorahosted.org/sssd/ticket/2642
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb_search.c | 32 |
1 files changed, 21 insertions, 11 deletions
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 39b3abb55..a8dcc9f8d 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -1604,20 +1604,30 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx, if (res->count == 0) { ret = sysdb_search_user_by_upn(tmp_ctx, domain, name_or_upn_or_sid, NULL, &msg); - if (ret != EOK) { + if (ret == ENOENT) { + ret = sysdb_search_user_by_sid_str(tmp_ctx, domain, + name_or_upn_or_sid, NULL, &msg); if (ret == ENOENT) { - ret = sysdb_search_user_by_sid_str(tmp_ctx, domain, - name_or_upn_or_sid, NULL, - &msg); - } - - if (ret != EOK) { - /* User cannot be found in cache */ - DEBUG(SSSDBG_OP_FAILURE, "Cannot find user [%s] in cache\n", - name_or_upn_or_sid); - goto done; + ret = sysdb_search_object_by_uuid(tmp_ctx, domain, + name_or_upn_or_sid, NULL, + &res); + if (ret == EOK && res->count == 1) { + msg = res->msgs[0]; + } else { + DEBUG(SSSDBG_OP_FAILURE, + "sysdb_search_object_by_uuid did not return a " \ + "single result.\n"); + ret = ENOENT; + goto done; + } } } + if (ret != EOK) { + /* User cannot be found in cache */ + DEBUG(SSSDBG_OP_FAILURE, "Cannot find user [%s] in cache\n", + name_or_upn_or_sid); + goto done; + } } else if (res->count == 1) { msg = res->msgs[0]; } else { |