From 51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7 Mon Sep 17 00:00:00 2001
From: Pavel Březina <pbrezina@redhat.com>
Date: Sun, 11 Oct 2015 17:38:34 +0200
Subject: sudo: search with view even if user is found

If an overriden name is provided and the user is already cache we fail
to refresh it since we won't search with VIEW flag. This patch fix
it.

Reviewed-by: Sumit Bose <sbose@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/responder/sudo/sudosrv_get_sudorules.c | 5 ++++-
 1 file changed, 4 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index a0b09e69b..cc06977d9 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -160,7 +160,10 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)
         if ((user->count == 0 || cache_expire < time(NULL))
             && dctx->check_provider) {
 
-            if (DOM_HAS_VIEWS(dom) && user->count == 0) {
+            if (DOM_HAS_VIEWS(dom) && (user->count == 0
+                    || ldb_msg_find_attr_as_string(user->msgs[0],
+                                                   OVERRIDE_PREFIX SYSDB_NAME,
+                                                   NULL) != NULL)) {
                 extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;
             }
 
-- 
cgit