summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2009-08-12 18:21:53 +0200
committerStephen Gallagher <sgallagh@redhat.com>2009-08-13 09:16:19 -0400
commit7fb74edcde011adef137357c916494409a94f1a1 (patch)
tree242e11cc307162d3aadd3e6a8df27c8e010a0d73
parent1771d32e945b758326951384f0e17121042ad74e (diff)
downloadsssd-7fb74edcde011adef137357c916494409a94f1a1.tar.gz
sssd-7fb74edcde011adef137357c916494409a94f1a1.tar.bz2
sssd-7fb74edcde011adef137357c916494409a94f1a1.zip
Tools ID range fixes
The tools did not take the special case where id_max = 0 (no limit) into account. Also disallow adding users when ID is specified outside any domain. Resolves trac tickets #86 and #89
-rw-r--r--server/tools/sss_groupadd.c6
-rw-r--r--server/tools/sss_useradd.c11
-rw-r--r--server/tools/tools_util.c3
3 files changed, 16 insertions, 4 deletions
diff --git a/server/tools/sss_groupadd.c b/server/tools/sss_groupadd.c
index 05f814a7..5c4733d7 100644
--- a/server/tools/sss_groupadd.c
+++ b/server/tools/sss_groupadd.c
@@ -237,13 +237,17 @@ int main(int argc, const char **argv)
break;
case ID_IN_LEGACY_LOCAL:
- case ID_OUTSIDE:
ret = groupadd_legacy(data);
if(ret != EOK) {
ERROR("Cannot add group to domain using the legacy tools\n");
}
goto fini;
+ case ID_OUTSIDE:
+ ERROR("The selected GID is outside all domain ranges\n");
+ ret = EXIT_FAILURE;
+ goto fini;
+
case ID_IN_OTHER:
DEBUG(1, ("Cannot add group to domain %s\n", dom->name));
ERROR("Unsupported domain type");
diff --git a/server/tools/sss_useradd.c b/server/tools/sss_useradd.c
index 35dcee76..51f0eed8 100644
--- a/server/tools/sss_useradd.c
+++ b/server/tools/sss_useradd.c
@@ -296,7 +296,10 @@ static int useradd_legacy(struct ops_ctx *ctx, char *grouplist)
APPEND_PARAM(command, USERADD_UID_MIN, ctx->domain->id_min);
- APPEND_PARAM(command, USERADD_UID_MAX, ctx->domain->id_max);
+ /* id_max == 0 means no limit */
+ if (ctx->domain->id_max) {
+ APPEND_PARAM(command, USERADD_UID_MAX, ctx->domain->id_max);
+ }
APPEND_PARAM(command, USERADD_GROUPS, grouplist);
@@ -499,13 +502,17 @@ int main(int argc, const char **argv)
break;
case ID_IN_LEGACY_LOCAL:
- case ID_OUTSIDE:
ret = useradd_legacy(data, groups);
if(ret != EOK) {
ERROR("Cannot add user to domain using the legacy tools\n");
}
goto fini;
+ case ID_OUTSIDE:
+ ERROR("The selected UID is outside all domain ranges\n");
+ ret = EXIT_FAILURE;
+ goto fini;
+
case ID_IN_OTHER:
DEBUG(1, ("Cannot add user to domain %s\n", dom->name));
ERROR("Unsupported domain type\n");
diff --git a/server/tools/tools_util.c b/server/tools/tools_util.c
index 1e0e91de..79f73ac6 100644
--- a/server/tools/tools_util.c
+++ b/server/tools/tools_util.c
@@ -108,7 +108,8 @@ int get_domain_by_id(struct tools_ctx *ctx,
if (id) {
for (dom = ctx->domains; dom; dom = dom->next) {
- if (id >= dom->id_min && id <= dom->id_max) {
+ if (id >= dom->id_min &&
+ (dom->id_max == 0 || id <= dom->id_max)) {
break;
}
}