summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2011-08-26 11:43:56 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-08-26 16:52:52 -0400
commit5215f682e5beda6fa85456576237de8a5a057bb8 (patch)
treee7b3f651def67df58e09ba1fb2ca252a39afb182 /src
parent7452c325c1440feae92ac9862ea0121ea2446af4 (diff)
downloadsssd-5215f682e5beda6fa85456576237de8a5a057bb8.tar.gz
sssd-5215f682e5beda6fa85456576237de8a5a057bb8.tar.xz
sssd-5215f682e5beda6fa85456576237de8a5a057bb8.zip
HBAC: Handle saving groups that have no members
Diffstat (limited to 'src')
-rw-r--r--src/providers/ipa/ipa_hbac_common.c28
1 files changed, 21 insertions, 7 deletions
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index 08cb02543..2bf40042b 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -185,17 +185,31 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
goto done;
}
- lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL);
- if (lret != LDB_SUCCESS) {
- ret = sysdb_error_to_errno(lret);
- goto done;
- }
-
ret = sysdb_attrs_get_string_array(groups[i],
SYSDB_ORIG_MEMBER,
tmp_ctx,
&orig_member_dns);
- if (ret != EOK) {
+
+ if (ret == EOK) {
+ /* One or more members were detected, prep the LDB message */
+ lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL);
+ if (lret != LDB_SUCCESS) {
+ ret = sysdb_error_to_errno(lret);
+ goto done;
+ }
+ } else if (ret == ENOENT) {
+ /* Useless group, has no members */
+ orig_member_dns = talloc_array(tmp_ctx, const char *, 1);
+ if (!orig_member_dns) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ /* Just set the member list to zero length so we skip
+ * processing it below
+ */
+ orig_member_dns[0] = NULL;
+ } else {
DEBUG(1, ("Could not determine original members\n"));
goto done;
}