summaryrefslogtreecommitdiffstats
path: root/src/responder/nss/nsssrv_cmd.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/responder/nss/nsssrv_cmd.c')
-rw-r--r--src/responder/nss/nsssrv_cmd.c63
1 files changed, 39 insertions, 24 deletions
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index 2153d649c..db301b380 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -532,12 +532,17 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
/* if neg cached, return we didn't find it */
if (ret == EEXIST) {
- DEBUG(2, ("User [%s] does not exist! (negative cache)\n", name));
+ DEBUG(2, ("User [%s] does not exist in [%s]! (negative cache)\n",
+ name, dom->name));
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
continue;
}
+ /* There are no further domains or this was a
+ * fully-qualified user request.
+ */
+ return ENOENT;
}
DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name));
@@ -560,20 +565,20 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx)
}
if (dctx->res->count == 0 && !dctx->check_provider) {
+ /* set negative cache only if not result of cache check */
+ ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name);
+ if (ret != EOK) {
+ return ret;
+ }
+
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
- continue;
+ if (dom) continue;
}
DEBUG(2, ("No results for getpwnam call\n"));
- /* set negative cache only if not result of cache check */
- ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name);
- if (ret != EOK) {
- return ret;
- }
-
return ENOENT;
}
@@ -1794,12 +1799,17 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
/* if neg cached, return we didn't find it */
if (ret == EEXIST) {
- DEBUG(2, ("Group [%s] does not exist! (negative cache)\n", name));
+ DEBUG(2, ("Group [%s] does not exist in [%s]! (negative cache)\n",
+ name, dom->name));
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
continue;
}
+ /* There are no further domains or this was a
+ * fully-qualified user request.
+ */
+ return ENOENT;
}
DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name));
@@ -1822,20 +1832,20 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx)
}
if (dctx->res->count == 0 && !dctx->check_provider) {
+ /* set negative cache only if not result of cache check */
+ ret = sss_ncache_set_group(nctx->ncache, false, dom->name, name);
+ if (ret != EOK) {
+ return ret;
+ }
+
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
- continue;
+ if (dom) continue;
}
DEBUG(2, ("No results for getgrnam call\n"));
- /* set negative cache only if not result of cache check */
- ret = sss_ncache_set_group(nctx->ncache, false, dom->name, name);
- if (ret != EOK) {
- return ret;
- }
-
return ENOENT;
}
@@ -2827,12 +2837,17 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
/* if neg cached, return we didn't find it */
if (ret == EEXIST) {
- DEBUG(2, ("User [%s] does not exist! (negative cache)\n", name));
+ DEBUG(2, ("User [%s] does not exist in [%s]! (negative cache)\n",
+ dom->name, name));
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
continue;
}
+ /* There are no further domains or this was a
+ * fully-qualified user request.
+ */
+ return ENOENT;
}
DEBUG(4, ("Requesting info for [%s@%s]\n", name, dom->name));
@@ -2851,20 +2866,20 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx)
}
if (dctx->res->count == 0 && !dctx->check_provider) {
+ /* set negative cache only if not result of cache check */
+ ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name);
+ if (ret != EOK) {
+ return ret;
+ }
+
/* if a multidomain search, try with next */
if (cmdctx->check_next) {
dom = dom->next;
- continue;
+ if (dom) continue;
}
DEBUG(2, ("No results for initgroups call\n"));
- /* set negative cache only if not result of cache check */
- ret = sss_ncache_set_user(nctx->ncache, false, dom->name, name);
- if (ret != EOK) {
- return ret;
- }
-
return ENOENT;
}