summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2011-08-29 08:51:05 -0400
committerStephen Gallagher <sgallagh@redhat.com>2011-08-29 10:18:09 -0400
commit1dd195b9a3df01a0ef51e9f963201f1f79d1f90b (patch)
treedca1427e02efad2ade8b615a3be0142e1c682eb1
parent7e7fa5394d042c63dddfe48a85f1d80552e63d81 (diff)
downloadsssd-1dd195b9a3df01a0ef51e9f963201f1f79d1f90b.tar.gz
sssd-1dd195b9a3df01a0ef51e9f963201f1f79d1f90b.tar.bz2
sssd-1dd195b9a3df01a0ef51e9f963201f1f79d1f90b.zip
HBAC: Properly skip all non-group memberOf entries
-rw-r--r--src/providers/ipa/ipa_hbac_users.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/src/providers/ipa/ipa_hbac_users.c b/src/providers/ipa/ipa_hbac_users.c
index 888f866d..cf838e50 100644
--- a/src/providers/ipa/ipa_hbac_users.c
+++ b/src/providers/ipa/ipa_hbac_users.c
@@ -73,7 +73,8 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx,
if (ldb_dn_get_comp_num(dn) < 4) {
/* RDN, groups, accounts, and at least one DC= */
- ret = EINVAL;
+ /* If it's fewer, it's not a group DN */
+ ret = ENOENT;
goto done;
}