Every time use permissive control in function memberof_mod.

Storing cyclic groups into sysdb can cause adding ghost members, which has already been stored. Function ldb_modify will fail with error [Attribute or value exists]. With permisive control, duplicated attributes will be skipped as if it was never added. https://fedorahosted.org/sssd/ticket/1846
author: Lukas Slebodnik <lslebodn@redhat.com> 2013-07-15 11:00:04 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-07-17 14:56:55 +0200
commit: e4c8fd085da8132db082de616675061018fdc5a2 (patch)
tree: 5f300e63fa43a7fba084b35f6808b7d80a6e4cfc /src
parent: 26df163ef0526bef4396028596ae73294d0ab578 (diff)
download: sssd-e4c8fd085da8132db082de616675061018fdc5a2.tar.gz
sssd-e4c8fd085da8132db082de616675061018fdc5a2.tar.xz
sssd-e4c8fd085da8132db082de616675061018fdc5a2.zip
1 files changed, 7 insertions, 0 deletions
diff --git a/src/ldb_modules/memberof.c b/src/ldb_modules/memberof.c
index 338d18a46..355feac2f 100644
--- a/src/ldb_modules/memberof.c
+++ b/src/ldb_modules/memberof.c
@@ -1139,6 +1139,13 @@ static int mbof_add_muop(struct mbof_add_ctx *add_ctx)
         return ret;
     }
 
+    ret = ldb_request_add_control(mod_req, LDB_CONTROL_PERMISSIVE_MODIFY_OID,
+                                  false, NULL);
+    if (ret != LDB_SUCCESS) {
+        talloc_free(mod_req);
+        return ret;
+    }
+
     return ldb_next_request(ctx->module, mod_req);
 }
author	Lukas Slebodnik <lslebodn@redhat.com>	2013-07-15 11:00:04 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-07-17 14:56:55 +0200
commit	e4c8fd085da8132db082de616675061018fdc5a2 (patch)
tree	5f300e63fa43a7fba084b35f6808b7d80a6e4cfc /src
parent	26df163ef0526bef4396028596ae73294d0ab578 (diff)
download	sssd-e4c8fd085da8132db082de616675061018fdc5a2.tar.gz sssd-e4c8fd085da8132db082de616675061018fdc5a2.tar.xz sssd-e4c8fd085da8132db082de616675061018fdc5a2.zip