diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 11:43:56 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-08-26 16:52:52 -0400 |
commit | 5215f682e5beda6fa85456576237de8a5a057bb8 (patch) | |
tree | e7b3f651def67df58e09ba1fb2ca252a39afb182 /src/providers/ipa | |
parent | 7452c325c1440feae92ac9862ea0121ea2446af4 (diff) | |
download | sssd-5215f682e5beda6fa85456576237de8a5a057bb8.tar.gz sssd-5215f682e5beda6fa85456576237de8a5a057bb8.tar.bz2 sssd-5215f682e5beda6fa85456576237de8a5a057bb8.zip |
HBAC: Handle saving groups that have no members
Diffstat (limited to 'src/providers/ipa')
-rw-r--r-- | src/providers/ipa/ipa_hbac_common.c | 28 |
1 files changed, 21 insertions, 7 deletions
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c index 08cb0254..2bf40042 100644 --- a/src/providers/ipa/ipa_hbac_common.c +++ b/src/providers/ipa/ipa_hbac_common.c @@ -185,17 +185,31 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, goto done; } - lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL); - if (lret != LDB_SUCCESS) { - ret = sysdb_error_to_errno(lret); - goto done; - } - ret = sysdb_attrs_get_string_array(groups[i], SYSDB_ORIG_MEMBER, tmp_ctx, &orig_member_dns); - if (ret != EOK) { + + if (ret == EOK) { + /* One or more members were detected, prep the LDB message */ + lret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL); + if (lret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(lret); + goto done; + } + } else if (ret == ENOENT) { + /* Useless group, has no members */ + orig_member_dns = talloc_array(tmp_ctx, const char *, 1); + if (!orig_member_dns) { + ret = ENOMEM; + goto done; + } + + /* Just set the member list to zero length so we skip + * processing it below + */ + orig_member_dns[0] = NULL; + } else { DEBUG(1, ("Could not determine original members\n")); goto done; } |