sudo: print better debug message when a rule has multiple cn values

author: Pavel Březina <pbrezina@redhat.com> 2013-07-26 12:29:37 +0200
committer: Jakub Hrozek <jhrozek@redhat.com> 2013-08-05 16:52:44 +0200
commit: 006d178c70e0469061068e607f20446f7995f773 (patch)
tree: 22776279621d45fa6431f47728a815d8869fd2f0
parent: 2c7ab882bcc64c9d2bc16091d10a56073c472775 (diff)
download: sssd-006d178c70e0469061068e607f20446f7995f773.tar.gz
sssd-006d178c70e0469061068e607f20446f7995f773.tar.xz
sssd-006d178c70e0469061068e607f20446f7995f773.zip
1 files changed, 5 insertions, 1 deletions
diff --git a/src/providers/ldap/sdap_sudo_cache.c b/src/providers/ldap/sdap_sudo_cache.c
index db51d1c37..50bb0bd52 100644
--- a/src/providers/ldap/sdap_sudo_cache.c
+++ b/src/providers/ldap/sdap_sudo_cache.c
@@ -69,7 +69,11 @@ sdap_save_native_sudorule(TALLOC_CTX *mem_ctx,
 
     ret = sysdb_attrs_get_string(attrs, map[SDAP_AT_SUDO_NAME].sys_name,
                                  &rule_name);
-    if (ret != EOK) {
+    if (ret == ERANGE) {
+        DEBUG(SSSDBG_OP_FAILURE, ("Warning: found rule that contains none "
+              "or multiple CN values. It will be skipped.\n"));
+        return ret;
+    } else if (ret != EOK) {
         DEBUG(SSSDBG_OP_FAILURE, ("Could not get rule name [%d]: %s\n",
               ret, strerror(ret)));
         return ret;
author	Pavel Březina <pbrezina@redhat.com>	2013-07-26 12:29:37 +0200
committer	Jakub Hrozek <jhrozek@redhat.com>	2013-08-05 16:52:44 +0200
commit	006d178c70e0469061068e607f20446f7995f773 (patch)
tree	22776279621d45fa6431f47728a815d8869fd2f0
parent	2c7ab882bcc64c9d2bc16091d10a56073c472775 (diff)
download	sssd-006d178c70e0469061068e607f20446f7995f773.tar.gz sssd-006d178c70e0469061068e607f20446f7995f773.tar.xz sssd-006d178c70e0469061068e607f20446f7995f773.zip