IPA: allow initgroups by UUID for FreeIPA users

If a FreeIPA user is searched with the help of an override name the UUID from the override anchor is used to search the user. Currently the initgroups request only allows searches by SID or name. With this patch a UUID can be used as well. Related to https://fedorahosted.org/sssd/ticket/2642 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 0f9c28eb52d2b45c8a97f709308dc11377831b8c) (cherry picked from commit 3b00bcd8b6d53d33207005c4e7a631b6a241d300)
author: Sumit Bose <sbose@redhat.com> 2015-04-29 16:46:14 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2015-05-06 11:05:44 +0200
commit: 874ce9f485bf217cf120278de88c32bd8b450c33 (patch)
tree: 121d590baf07a41cba907e09f1ec1a132b926b8d /src/db
parent: 7a2980496f615e2dc82f991842d9ce83c34efa30 (diff)
download: sssd-874ce9f485bf217cf120278de88c32bd8b450c33.tar.gz
sssd-874ce9f485bf217cf120278de88c32bd8b450c33.tar.xz
sssd-874ce9f485bf217cf120278de88c32bd8b450c33.zip
1 files changed, 21 insertions, 11 deletions
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
index da0c6d90c..ccd8fa080 100644
--- a/src/db/sysdb_search.c
+++ b/src/db/sysdb_search.c
@@ -1612,20 +1612,30 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
     if (res->count == 0) {
         ret = sysdb_search_user_by_upn(tmp_ctx, domain, name_or_upn_or_sid,
                                        NULL, &msg);
-        if (ret != EOK) {
+        if (ret == ENOENT) {
+            ret = sysdb_search_user_by_sid_str(tmp_ctx, domain,
+                                               name_or_upn_or_sid, NULL, &msg);
             if (ret == ENOENT) {
-                ret = sysdb_search_user_by_sid_str(tmp_ctx, domain,
-                                                   name_or_upn_or_sid, NULL,
-                                                   &msg);
-            }
-
-            if (ret != EOK) {
-                /* User cannot be found in cache */
-                DEBUG(SSSDBG_OP_FAILURE, "Cannot find user [%s] in cache\n",
-                                         name_or_upn_or_sid);
-                goto done;
+                ret = sysdb_search_object_by_uuid(tmp_ctx, domain,
+                                                  name_or_upn_or_sid, NULL,
+                                                  &res);
+                if (ret == EOK && res->count == 1) {
+                    msg = res->msgs[0];
+                } else {
+                    DEBUG(SSSDBG_OP_FAILURE,
+                          "sysdb_search_object_by_uuid did not return a " \
+                          "single result.\n");
+                    ret = ENOENT;
+                    goto done;
+                }
             }
         }
+        if (ret != EOK) {
+            /* User cannot be found in cache */
+            DEBUG(SSSDBG_OP_FAILURE, "Cannot find user [%s] in cache\n",
+                                     name_or_upn_or_sid);
+            goto done;
+        }
     } else if (res->count == 1) {
         msg = res->msgs[0];
     } else {
author	Sumit Bose <sbose@redhat.com>	2015-04-29 16:46:14 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2015-05-06 11:05:44 +0200
commit	874ce9f485bf217cf120278de88c32bd8b450c33 (patch)
tree	121d590baf07a41cba907e09f1ec1a132b926b8d /src/db
parent	7a2980496f615e2dc82f991842d9ce83c34efa30 (diff)
download	sssd-874ce9f485bf217cf120278de88c32bd8b450c33.tar.gz sssd-874ce9f485bf217cf120278de88c32bd8b450c33.tar.xz sssd-874ce9f485bf217cf120278de88c32bd8b450c33.zip