diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-18 09:33:42 -0500 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-02-21 07:50:41 -0500 |
| commit | 08dd5107d3f8e349c857cf849d935d65847ffb61 (patch) | |
| tree | ef62df099003c26e108508c9f750423932f2840a | |
| parent | dccff31681954f1a399e3c57834ad826ed248e83 (diff) | |
| download | sssd_unused-08dd5107d3f8e349c857cf849d935d65847ffb61.tar.gz sssd_unused-08dd5107d3f8e349c857cf849d935d65847ffb61.tar.xz sssd_unused-08dd5107d3f8e349c857cf849d935d65847ffb61.zip | |
Perform initgroups lookups for all domains
Previously, we were setting the client context PAM lookup timeout
after the first domain replied. However, if the user wasn't a
member of the first domain, their information wasn't being
updated.
This patch ensures that we only set this timeout after the user
has been found or all domains were searched.
| -rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 8 |
1 files changed, 5 insertions, 3 deletions
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index 79993d33..8035a687 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -952,10 +952,12 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, (unsigned int)err_maj, (unsigned int)err_min, err_msg)); } - /* Make sure we don't go to the ID provider too often */ - preq->cctx->pam_timeout = time(NULL) + pctx->id_timeout; - ret = pam_check_user_search(preq); + if (ret == EOK || ret == ENOENT) { + /* Make sure we don't go to the ID provider too often */ + preq->cctx->pam_timeout = time(NULL) + pctx->id_timeout; + } + if (ret == EOK) { pam_dom_forwarder(preq); } |