diff options
author | Jan Zeleny <jzeleny@redhat.com> | 2011-05-23 07:08:01 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-06-02 15:35:20 -0400 |
commit | ea9a1b158585b3626b8e25ed79b92c579502e58c (patch) | |
tree | 8db5247da08766e274b7fc1d0fcc266d33c746e5 /src/providers/ldap/ldap_id_cleanup.c | |
parent | 28dab46aaa2c0d65160492f1d9d7c88652d8c714 (diff) | |
download | sssd_unused-453b0128410fdb0a36877e6fccbe5809133afcad.tar.gz sssd_unused-453b0128410fdb0a36877e6fccbe5809133afcad.tar.xz sssd_unused-453b0128410fdb0a36877e6fccbe5809133afcad.zip |
Handle non-POSIX groups in nestingsssd-1.5.1-40.el6
Added sysdb_attrs_get_bool() function
Non-posix group processing - sysdb changes
Non-posix group processing - ldap provider and nss responder
Diffstat (limited to 'src/providers/ldap/ldap_id_cleanup.c')
-rw-r--r-- | src/providers/ldap/ldap_id_cleanup.c | 24 |
1 files changed, 12 insertions, 12 deletions
diff --git a/src/providers/ldap/ldap_id_cleanup.c b/src/providers/ldap/ldap_id_cleanup.c index 293681cf..a457f60b 100644 --- a/src/providers/ldap/ldap_id_cleanup.c +++ b/src/providers/ldap/ldap_id_cleanup.c @@ -374,6 +374,7 @@ static int cleanup_groups(TALLOC_CTX *memctx, size_t u_count; int ret; int i; + const char *posix; tmpctx = talloc_new(memctx); if (!tmpctx) { @@ -412,19 +413,18 @@ static int cleanup_groups(TALLOC_CTX *memctx, goto done; } - gid = (gid_t) ldb_msg_find_attr_as_uint(msgs[i], SYSDB_GIDNUM, 0); - if (!gid) { - DEBUG(2, ("Entry has no GID\n")); - ret = EIO; - goto done; + posix = ldb_msg_find_attr_as_string(msgs[i], SYSDB_POSIX, NULL); + if (!posix || strcmp(posix, "TRUE") == 0) { + /* Search for users that are members of this group, or + * that have this group as their primary GID + */ + gid = (gid_t) ldb_msg_find_attr_as_uint(msgs[i], SYSDB_GIDNUM, 0); + subfilter = talloc_asprintf(tmpctx, "(|(%s=%s)(%s=%lu))", + SYSDB_MEMBEROF, dn, + SYSDB_GIDNUM, (long unsigned) gid); + } else { + subfilter = talloc_asprintf(tmpctx, "(%s=%s)", SYSDB_MEMBEROF, dn); } - - /* Search for users that are members of this group, or - * that have this group as their primary GID - */ - subfilter = talloc_asprintf(tmpctx, "(|(%s=%s)(%s=%lu))", - SYSDB_MEMBEROF, dn, - SYSDB_GIDNUM, (long unsigned) gid); if (!subfilter) { DEBUG(2, ("Failed to build filter\n")); ret = ENOMEM; |