diff options
-rw-r--r-- | src/db/sysdb_ops.c | 41 |
1 files changed, 38 insertions, 3 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 0e39a629a..2f8e36c6c 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -1960,16 +1960,34 @@ int sysdb_add_user(struct sss_domain_info *domain, } if (domain->mpg) { - /* In MPG domains you can't have groups with the same name as users, - * search if a group with the same name exists. + /* In MPG domains you can't have groups with the same name or GID + * as users, search if a group with the same name exists. * Don't worry about users, if we try to add a user with the same * name the operation will fail */ ret = sysdb_search_group_by_name(tmp_ctx, domain, name, NULL, &msg); if (ret != ENOENT) { - if (ret == EOK) ret = EEXIST; + if (ret == EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "Group named %s already exists in an MPG domain\n", + name); + ret = EEXIST; + } goto done; } + + if (strcasecmp(domain->provider, "local") != 0) { + ret = sysdb_search_group_by_gid(tmp_ctx, domain, uid, NULL, &msg); + if (ret != ENOENT) { + if (ret == EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "Group with GID [%"SPRIgid"] already exists in an " + "MPG domain\n", gid); + ret = EEXIST; + } + goto done; + } + } } /* check no other user with the same uid exist */ @@ -2177,6 +2195,23 @@ int sysdb_add_group(struct sss_domain_info *domain, } goto done; } + + if (strcasecmp(domain->provider, "local") != 0) { + ret = sysdb_search_user_by_uid(tmp_ctx, domain, gid, NULL, &msg); + if (ret != ENOENT) { + if (ret == EOK) { + DEBUG(SSSDBG_TRACE_LIBS, + "User with the same UID exists in MPG domain: " + "[%"SPRIgid"].\n", gid); + ret = EEXIST; + } else { + DEBUG(SSSDBG_TRACE_LIBS, + "sysdb_search_user_by_uid failed for gid: " + "[%"SPRIgid"].\n", gid); + } + goto done; + } + } } /* check no other groups with the same gid exist */ |