diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2009-08-12 18:21:53 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-13 09:16:19 -0400 |
commit | 7fb74edcde011adef137357c916494409a94f1a1 (patch) | |
tree | 242e11cc307162d3aadd3e6a8df27c8e010a0d73 | |
parent | 1771d32e945b758326951384f0e17121042ad74e (diff) | |
download | sssd-7fb74edcde011adef137357c916494409a94f1a1.tar.gz sssd-7fb74edcde011adef137357c916494409a94f1a1.tar.bz2 sssd-7fb74edcde011adef137357c916494409a94f1a1.zip |
Tools ID range fixes
The tools did not take the special case where id_max = 0 (no limit)
into account.
Also disallow adding users when ID is specified outside any domain.
Resolves trac tickets #86 and #89
-rw-r--r-- | server/tools/sss_groupadd.c | 6 | ||||
-rw-r--r-- | server/tools/sss_useradd.c | 11 | ||||
-rw-r--r-- | server/tools/tools_util.c | 3 |
3 files changed, 16 insertions, 4 deletions
diff --git a/server/tools/sss_groupadd.c b/server/tools/sss_groupadd.c index 05f814a7..5c4733d7 100644 --- a/server/tools/sss_groupadd.c +++ b/server/tools/sss_groupadd.c @@ -237,13 +237,17 @@ int main(int argc, const char **argv) break; case ID_IN_LEGACY_LOCAL: - case ID_OUTSIDE: ret = groupadd_legacy(data); if(ret != EOK) { ERROR("Cannot add group to domain using the legacy tools\n"); } goto fini; + case ID_OUTSIDE: + ERROR("The selected GID is outside all domain ranges\n"); + ret = EXIT_FAILURE; + goto fini; + case ID_IN_OTHER: DEBUG(1, ("Cannot add group to domain %s\n", dom->name)); ERROR("Unsupported domain type"); diff --git a/server/tools/sss_useradd.c b/server/tools/sss_useradd.c index 35dcee76..51f0eed8 100644 --- a/server/tools/sss_useradd.c +++ b/server/tools/sss_useradd.c @@ -296,7 +296,10 @@ static int useradd_legacy(struct ops_ctx *ctx, char *grouplist) APPEND_PARAM(command, USERADD_UID_MIN, ctx->domain->id_min); - APPEND_PARAM(command, USERADD_UID_MAX, ctx->domain->id_max); + /* id_max == 0 means no limit */ + if (ctx->domain->id_max) { + APPEND_PARAM(command, USERADD_UID_MAX, ctx->domain->id_max); + } APPEND_PARAM(command, USERADD_GROUPS, grouplist); @@ -499,13 +502,17 @@ int main(int argc, const char **argv) break; case ID_IN_LEGACY_LOCAL: - case ID_OUTSIDE: ret = useradd_legacy(data, groups); if(ret != EOK) { ERROR("Cannot add user to domain using the legacy tools\n"); } goto fini; + case ID_OUTSIDE: + ERROR("The selected UID is outside all domain ranges\n"); + ret = EXIT_FAILURE; + goto fini; + case ID_IN_OTHER: DEBUG(1, ("Cannot add user to domain %s\n", dom->name)); ERROR("Unsupported domain type\n"); diff --git a/server/tools/tools_util.c b/server/tools/tools_util.c index 1e0e91de..79f73ac6 100644 --- a/server/tools/tools_util.c +++ b/server/tools/tools_util.c @@ -108,7 +108,8 @@ int get_domain_by_id(struct tools_ctx *ctx, if (id) { for (dom = ctx->domains; dom; dom = dom->next) { - if (id >= dom->id_min && id <= dom->id_max) { + if (id >= dom->id_min && + (dom->id_max == 0 || id <= dom->id_max)) { break; } } |