diff options
author | Sumit Bose <sbose@redhat.com> | 2016-09-12 15:18:07 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-10-14 20:40:45 +0200 |
commit | e0903f41922721edf292a9f7e6605a4519db53a1 (patch) | |
tree | b5ad220550c3d015460e36fb99c1058c915b9b91 | |
parent | f3347a0c72afc75b4d829e9981d1bac6b05a8306 (diff) | |
download | sssd-e0903f41922721edf292a9f7e6605a4519db53a1.tar.gz sssd-e0903f41922721edf292a9f7e6605a4519db53a1.tar.xz sssd-e0903f41922721edf292a9f7e6605a4519db53a1.zip |
LDAP: Removing of member link from group
Resolves:
https://fedorahosted.org/sssd/ticket/2940
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index 72760b75a..08dfa01b1 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -878,6 +878,8 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx, size_t nuserdns = 0; struct sss_domain_info *group_dom = NULL; int ret; + const char *remove_attrs[] = {SYSDB_MEMBER, SYSDB_ORIG_MEMBER, SYSDB_GHOST, + NULL}; if (dom->ignore_group_members) { DEBUG(SSSDBG_CRIT_FAILURE, @@ -962,6 +964,13 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx, if (el->num_values == 0 && nuserdns == 0) { DEBUG(SSSDBG_TRACE_FUNC, "No members for group [%s]\n", group_name); + + ret = sysdb_remove_attrs(group_dom, group_name, SYSDB_MEMBER_GROUP, + discard_const(remove_attrs)); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_remove_attrs failed.\n"); + goto fail; + } } else { DEBUG(SSSDBG_TRACE_FUNC, "Adding member users to group [%s]\n", group_name); |