diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-23 08:40:07 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-05-03 14:09:14 -0400 |
commit | c20a339d54b39120b4051f690ca759e6d079f177 (patch) | |
tree | 941c782432c27094f098eafc97a3a881b9d123a3 /src/providers/ldap | |
parent | 8be5e4497e5008f7807178acdfcbf97365ec4e73 (diff) | |
download | sssd-c20a339d54b39120b4051f690ca759e6d079f177.tar.gz sssd-c20a339d54b39120b4051f690ca759e6d079f177.tar.bz2 sssd-c20a339d54b39120b4051f690ca759e6d079f177.zip |
LDAP: Treat groups with unmappable SIDs as non-POSIX groups
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 21 |
1 files changed, 12 insertions, 9 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index 0a864c7d..8ca73878 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -125,17 +125,20 @@ static errno_t sdap_add_incomplete_groups(struct sysdb_ctx *sysdb, /* Convert the SID into a UNIX group ID */ ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &gid); - if (ret != EOK) { - DEBUG(SSSDBG_MINOR_FAILURE, - ("Could not convert objectSID [%s] to a UNIX ID\n", - sid_str)); - ret = EIO; - goto fail; + if (ret == EOK) { + DEBUG(SSSDBG_TRACE_INTERNAL, + ("Group [%s] has mapped gid [%lu]\n", + name, (unsigned long)gid)); + } else { + posix = false; + gid = 0; + + DEBUG(SSSDBG_TRACE_INTERNAL, + ("Group [%s] cannot be mapped. " + "Treating as a non-POSIX group\n", + name)); } - DEBUG(SSSDBG_TRACE_INTERNAL, - ("Group [%s] has mapped gid [%lu]\n", - name, (unsigned long)gid)); } else { ret = sysdb_attrs_get_uint32_t(ldap_groups[ai], SYSDB_GIDNUM, |