summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2012-04-18 12:54:21 +0200
committerStephen Gallagher <sgallagh@redhat.com>2012-04-20 10:55:14 -0400
commitf34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485 (patch)
treeedd3236b42ee2baa2835d5ffc7a0c125cff86e46 /src/providers/ldap
parentb83e43eb88879c7fb3114aafcc525356ff7d4235 (diff)
downloadsssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.tar.gz
sssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.tar.bz2
sssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.zip
sdap_check_aliases must not error when detects the same user
https://fedorahosted.org/sssd/ticket/1307
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_async.c44
1 files changed, 31 insertions, 13 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
index b21d9c38..b8283ef9 100644
--- a/src/providers/ldap/sdap_async.c
+++ b/src/providers/ldap/sdap_async.c
@@ -2084,7 +2084,7 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
struct ldb_message *msg;
TALLOC_CTX *tmp_ctx = NULL;
char **parents;
- uid_t alias_uid;
+ uid_t alias_uid, uid;
int i;
tmp_ctx = talloc_new(NULL);
@@ -2094,14 +2094,22 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
opts->user_map[SDAP_AT_USER_NAME].name,
&name);
if (ret != EOK) {
- DEBUG(1, ("Could not get the primary name\n"));
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get the primary name\n"));
+ goto done;
+ }
+
+ ret = sysdb_attrs_get_uint32_t(user_attrs,
+ opts->user_map[SDAP_AT_USER_UID].name,
+ &uid);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get UID\n"));
goto done;
}
ret = sysdb_attrs_get_aliases(tmp_ctx, user_attrs, name,
!dom->case_sensitive, &aliases);
if (ret != EOK) {
- DEBUG(1, ("Failed to get the alias list\n"));
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Failed to get the alias list\n"));
goto done;
}
@@ -2112,21 +2120,28 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
aliases[i], NULL, &msg);
if (ret && ret != ENOENT) {
- DEBUG(1, ("Error searching the cache\n"));
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Error searching the cache\n"));
goto done;
} else if (ret == ENOENT) {
- DEBUG(9, ("No user with primary name same as alias %s\n", aliases[i]));
+ DEBUG(SSSDBG_TRACE_INTERNAL,
+ ("No user with primary name same as alias %s\n", aliases[i]));
continue;
}
alias_uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0);
if (alias_uid) {
- DEBUG(1, ("Cache contains non-fake user with same name "
- "as alias %s\n", aliases[i]));
+ if (alias_uid == uid) {
+ DEBUG(SSSDBG_TRACE_INTERNAL,
+ ("User already cached, skipping\n"));
+ continue;
+ }
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ ("Cache contains non-fake user with same name "
+ "as alias %s\n", aliases[i]));
ret = EIO;
goto done;
}
- DEBUG(7, ("%s is a fake user\n", aliases[i]));
+ DEBUG(SSSDBG_TRACE_FUNC, ("%s is a fake user\n", aliases[i]));
if (steal_memberships) {
/* Get direct sysdb parents */
@@ -2134,8 +2149,9 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
SYSDB_MEMBER_USER,
aliases[i], &parents);
if (ret) {
- DEBUG(1, ("Could not get direct parents for %s: %d [%s]\n",
- aliases[i], ret, strerror(ret)));
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ ("Could not get direct parents for %s: %d [%s]\n",
+ aliases[i], ret, strerror(ret)));
goto done;
}
@@ -2143,15 +2159,17 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb,
(const char *const *) parents,
NULL);
if (ret != EOK) {
- DEBUG(1, ("Membership update failed [%d]: %s\n",
- ret, strerror(ret)));
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ ("Membership update failed [%d]: %s\n",
+ ret, strerror(ret)));
goto done;
}
}
ret = sysdb_delete_user(sysdb, aliases[i], alias_uid);
if (ret) {
- DEBUG(1, ("Error deleting fake user %s\n", aliases[i]));
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ ("Error deleting fake user %s\n", aliases[i]));
goto done;
}
}