summaryrefslogtreecommitdiff
path: root/server/db
diff options
context:
space:
mode:
authorStephen Gallagher <sgallagh@redhat.com>2009-08-18 15:55:03 -0400
committerStephen Gallagher <sgallagh@redhat.com>2009-08-20 12:27:14 -0400
commitb776f0af14866051ab9dcdb696345643424261d5 (patch)
tree4795359336db7332ec74c59504b3566b1d2fe529 /server/db
parent096e0184d1b359fdfffd62d413451a055a6bfa76 (diff)
downloadsssd-b776f0af14866051ab9dcdb696345643424261d5.tar.gz
sssd-b776f0af14866051ab9dcdb696345643424261d5.tar.bz2
sssd-b776f0af14866051ab9dcdb696345643424261d5.zip
Ensure nextID doesn't reuse an existing local UID or GID
If there was no maxID set for a domain, the search filter to check whether the UID was available would always return empty (because no UIDs can be <= 0) This patch changes the search filter if the maxID is unset so that it has no upper limit
Diffstat (limited to 'server/db')
-rw-r--r--server/db/sysdb_ops.c30
1 files changed, 21 insertions, 9 deletions
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
index 687c754f..e62711a2 100644
--- a/server/db/sysdb_ops.c
+++ b/server/db/sysdb_ops.c
@@ -1334,15 +1334,27 @@ static void sysdb_get_new_id_base(struct tevent_req *subreq)
/* verify the id is actually really free.
* search all entries with id >= new_id and < max_id */
- filter = talloc_asprintf(state,
- "(|(&(%s>=%u)(%s<=%u))(&(%s>=%u)(%s<=%u)))",
- SYSDB_UIDNUM, state->new_id,
- SYSDB_UIDNUM, state->domain->id_max,
- SYSDB_GIDNUM, state->new_id,
- SYSDB_GIDNUM, state->domain->id_max);
- if (!filter) {
- tevent_req_error(req, ENOMEM);
- return;
+ if (state->domain->id_max) {
+ filter = talloc_asprintf(state,
+ "(|(&(%s>=%u)(%s<=%u))(&(%s>=%u)(%s<=%u)))",
+ SYSDB_UIDNUM, state->new_id,
+ SYSDB_UIDNUM, state->domain->id_max,
+ SYSDB_GIDNUM, state->new_id,
+ SYSDB_GIDNUM, state->domain->id_max);
+ if (!filter) {
+ tevent_req_error(req, ENOMEM);
+ return;
+ }
+ }
+ else {
+ filter = talloc_asprintf(state,
+ "(|(%s>=%u)(%s>=%u))",
+ SYSDB_UIDNUM, state->new_id,
+ SYSDB_GIDNUM, state->new_id);
+ if (!filter) {
+ tevent_req_error(req, ENOMEM);
+ return;
+ }
}
ret = ldb_build_search_req(&ldbreq, state->handle->ctx->ldb, state,