SYSDB: Allow storing non-POSIX users

Related to: https://pagure.io/SSSD/sssd/issue/3310 We already do the same for groups. If the user does not have UID number set but does have the POSIX: false attribute set, then we save the user with zero UID and the non-POSIX flag. Reviewed-by: Sumit Bose <sbose@redhat.com>
author: Jakub Hrozek <jhrozek@redhat.com> 2017-03-22 13:00:31 +0100
committer: Jakub Hrozek <jhrozek@redhat.com> 2017-03-30 14:09:57 +0200
commit: 5f7f249f2a8a1c7284e991aa64dbf850d482b0aa (patch)
tree: c9af8fa574f929a53a3c8c91b778c2b117941144
parent: 3e789aa0bd6b7bb6e62f91458b76753498030fb5 (diff)
download: sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.tar.gz
sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.tar.xz
sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.zip
2 files changed, 79 insertions, 9 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 919f22370..3cf9d903f 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1855,6 +1855,7 @@ int sysdb_add_user(struct sss_domain_info *domain,
     struct sysdb_attrs *id_attrs;
     uint32_t id;
     int ret;
+    bool posix;
 
     if (domain->mpg) {
         if (gid != 0) {
@@ -1926,7 +1927,28 @@ int sysdb_add_user(struct sss_domain_info *domain,
         /* Not fatal */
     }
 
-    if (uid == 0) {
+    if (!attrs) {
+        attrs = sysdb_new_attrs(tmp_ctx);
+        if (!attrs) {
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
+    ret = sysdb_attrs_get_bool(attrs, SYSDB_POSIX, &posix);
+    if (ret == ENOENT) {
+        posix = true;
+        ret = sysdb_attrs_add_bool(attrs, SYSDB_POSIX, true);
+        if (ret) {
+            DEBUG(SSSDBG_TRACE_LIBS, "Failed to add posix attribute.\n");
+            goto done;
+        }
+    } else if (ret != EOK) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Failed to get posix attribute.\n");
+        goto done;
+    }
+
+    if (uid == 0 && posix == true) {
         ret = sysdb_get_new_id(domain, &id);
         if (ret) goto done;
 
@@ -1948,14 +1970,6 @@ int sysdb_add_user(struct sss_domain_info *domain,
         if (ret) goto done;
     }
 
-    if (!attrs) {
-        attrs = sysdb_new_attrs(tmp_ctx);
-        if (!attrs) {
-            ret = ENOMEM;
-            goto done;
-        }
-    }
-
     if (!now) {
         now = time(NULL);
     }
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 1767dc3c7..6ec82ce4c 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -1428,6 +1428,59 @@ START_TEST (test_sysdb_get_user_attr_subdomain)
 }
 END_TEST
 
+START_TEST (test_sysdb_add_nonposix_user)
+{
+    struct sysdb_test_ctx *test_ctx;
+    const char *get_attrs[] = { SYSDB_GIDNUM,
+                                SYSDB_UIDNUM,
+                                SYSDB_POSIX,
+                                NULL };
+    struct ldb_result *res;
+    const char *attrval;
+    const char *username = "test_sysdb_add_nonposix_user";
+    const char *fq_name;
+    struct sysdb_attrs *user_attrs;
+    int ret;
+    uint64_t id;
+
+    /* Setup */
+    ret = setup_sysdb_tests(&test_ctx);
+    fail_if(ret != EOK, "Could not set up the test");
+
+    /* Create user */
+    fq_name = sss_create_internal_fqname(test_ctx, username, test_ctx->domain->name);
+    fail_if(fq_name == NULL, "Failed to create fq name.");
+
+    user_attrs = sysdb_new_attrs(test_ctx);
+    fail_if(user_attrs == NULL);
+
+    ret = sysdb_attrs_add_bool(user_attrs, SYSDB_POSIX, false);
+    fail_if(ret != EOK, "Could not add attribute");
+
+    ret = sysdb_add_user(test_ctx->domain, fq_name, 0, 0, "Gecos",
+                         "/home/userhome", "/bin/bash", NULL, user_attrs, 0, 0);
+    fail_if(ret != EOK, "sysdb_add_user failed.");
+
+    /* Test */
+    ret = sysdb_get_user_attr(test_ctx, test_ctx->domain, fq_name,
+                              get_attrs, &res);
+    fail_if(ret != EOK, "Could not get user attributes.");
+    fail_if(res->count != 1, "Invalid number of entries, expected 1, got %d",
+            res->count);
+
+    attrval = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_POSIX, NULL);
+    fail_if(strcasecmp(attrval, "false") != 0, "Got bad attribute value.");
+
+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 123);
+    fail_unless(id == 0, "Wrong UID value");
+
+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 123);
+    fail_unless(id == 0, "Wrong GID value");
+
+    talloc_free(test_ctx);
+}
+END_TEST
+
 START_TEST (test_sysdb_add_group_member)
 {
     struct sysdb_test_ctx *test_ctx;
@@ -7044,6 +7097,9 @@ Suite *create_sysdb_suite(void)
     /* Test GetUserAttr with subdomain user */
     tcase_add_test(tc_sysdb, test_sysdb_get_user_attr_subdomain);
 
+    /* Test adding a non-POSIX user */
+    tcase_add_test(tc_sysdb, test_sysdb_add_nonposix_user);
+
 /* ===== NETGROUP TESTS ===== */
 
     /* Create a new netgroup */
author	Jakub Hrozek <jhrozek@redhat.com>	2017-03-22 13:00:31 +0100
committer	Jakub Hrozek <jhrozek@redhat.com>	2017-03-30 14:09:57 +0200
commit	5f7f249f2a8a1c7284e991aa64dbf850d482b0aa (patch)
tree	c9af8fa574f929a53a3c8c91b778c2b117941144
parent	3e789aa0bd6b7bb6e62f91458b76753498030fb5 (diff)
download	sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.tar.gz sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.tar.xz sssd-5f7f249f2a8a1c7284e991aa64dbf850d482b0aa.zip