diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-18 15:55:03 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2009-08-20 12:27:14 -0400 |
commit | b776f0af14866051ab9dcdb696345643424261d5 (patch) | |
tree | 4795359336db7332ec74c59504b3566b1d2fe529 /server/db | |
parent | 096e0184d1b359fdfffd62d413451a055a6bfa76 (diff) | |
download | sssd-b776f0af14866051ab9dcdb696345643424261d5.tar.gz sssd-b776f0af14866051ab9dcdb696345643424261d5.tar.bz2 sssd-b776f0af14866051ab9dcdb696345643424261d5.zip |
Ensure nextID doesn't reuse an existing local UID or GID
If there was no maxID set for a domain, the search filter to check
whether the UID was available would always return empty (because
no UIDs can be <= 0)
This patch changes the search filter if the maxID is unset so that
it has no upper limit
Diffstat (limited to 'server/db')
-rw-r--r-- | server/db/sysdb_ops.c | 30 |
1 files changed, 21 insertions, 9 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c index 687c754f..e62711a2 100644 --- a/server/db/sysdb_ops.c +++ b/server/db/sysdb_ops.c @@ -1334,15 +1334,27 @@ static void sysdb_get_new_id_base(struct tevent_req *subreq) /* verify the id is actually really free. * search all entries with id >= new_id and < max_id */ - filter = talloc_asprintf(state, - "(|(&(%s>=%u)(%s<=%u))(&(%s>=%u)(%s<=%u)))", - SYSDB_UIDNUM, state->new_id, - SYSDB_UIDNUM, state->domain->id_max, - SYSDB_GIDNUM, state->new_id, - SYSDB_GIDNUM, state->domain->id_max); - if (!filter) { - tevent_req_error(req, ENOMEM); - return; + if (state->domain->id_max) { + filter = talloc_asprintf(state, + "(|(&(%s>=%u)(%s<=%u))(&(%s>=%u)(%s<=%u)))", + SYSDB_UIDNUM, state->new_id, + SYSDB_UIDNUM, state->domain->id_max, + SYSDB_GIDNUM, state->new_id, + SYSDB_GIDNUM, state->domain->id_max); + if (!filter) { + tevent_req_error(req, ENOMEM); + return; + } + } + else { + filter = talloc_asprintf(state, + "(|(%s>=%u)(%s>=%u))", + SYSDB_UIDNUM, state->new_id, + SYSDB_GIDNUM, state->new_id); + if (!filter) { + tevent_req_error(req, ENOMEM); + return; + } } ret = ldb_build_search_req(&ldbreq, state->handle->ctx->ldb, state, |