diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2012-04-18 12:54:21 +0200 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2012-04-20 10:55:14 -0400 |
commit | f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485 (patch) | |
tree | edd3236b42ee2baa2835d5ffc7a0c125cff86e46 /src/providers/ldap | |
parent | b83e43eb88879c7fb3114aafcc525356ff7d4235 (diff) | |
download | sssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.tar.gz sssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.tar.bz2 sssd-f34a9f4bd791d9ba7b4bb1df5011e68eb9f6d485.zip |
sdap_check_aliases must not error when detects the same user
https://fedorahosted.org/sssd/ticket/1307
Diffstat (limited to 'src/providers/ldap')
-rw-r--r-- | src/providers/ldap/sdap_async.c | 44 |
1 files changed, 31 insertions, 13 deletions
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c index b21d9c38..b8283ef9 100644 --- a/src/providers/ldap/sdap_async.c +++ b/src/providers/ldap/sdap_async.c @@ -2084,7 +2084,7 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb, struct ldb_message *msg; TALLOC_CTX *tmp_ctx = NULL; char **parents; - uid_t alias_uid; + uid_t alias_uid, uid; int i; tmp_ctx = talloc_new(NULL); @@ -2094,14 +2094,22 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb, opts->user_map[SDAP_AT_USER_NAME].name, &name); if (ret != EOK) { - DEBUG(1, ("Could not get the primary name\n")); + DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get the primary name\n")); + goto done; + } + + ret = sysdb_attrs_get_uint32_t(user_attrs, + opts->user_map[SDAP_AT_USER_UID].name, + &uid); + if (ret != EOK) { + DEBUG(SSSDBG_TRACE_INTERNAL, ("Could not get UID\n")); goto done; } ret = sysdb_attrs_get_aliases(tmp_ctx, user_attrs, name, !dom->case_sensitive, &aliases); if (ret != EOK) { - DEBUG(1, ("Failed to get the alias list\n")); + DEBUG(SSSDBG_TRACE_INTERNAL, ("Failed to get the alias list\n")); goto done; } @@ -2112,21 +2120,28 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb, ret = sysdb_search_user_by_name(tmp_ctx, sysdb, aliases[i], NULL, &msg); if (ret && ret != ENOENT) { - DEBUG(1, ("Error searching the cache\n")); + DEBUG(SSSDBG_TRACE_INTERNAL, ("Error searching the cache\n")); goto done; } else if (ret == ENOENT) { - DEBUG(9, ("No user with primary name same as alias %s\n", aliases[i])); + DEBUG(SSSDBG_TRACE_INTERNAL, + ("No user with primary name same as alias %s\n", aliases[i])); continue; } alias_uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0); if (alias_uid) { - DEBUG(1, ("Cache contains non-fake user with same name " - "as alias %s\n", aliases[i])); + if (alias_uid == uid) { + DEBUG(SSSDBG_TRACE_INTERNAL, + ("User already cached, skipping\n")); + continue; + } + DEBUG(SSSDBG_FATAL_FAILURE, + ("Cache contains non-fake user with same name " + "as alias %s\n", aliases[i])); ret = EIO; goto done; } - DEBUG(7, ("%s is a fake user\n", aliases[i])); + DEBUG(SSSDBG_TRACE_FUNC, ("%s is a fake user\n", aliases[i])); if (steal_memberships) { /* Get direct sysdb parents */ @@ -2134,8 +2149,9 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb, SYSDB_MEMBER_USER, aliases[i], &parents); if (ret) { - DEBUG(1, ("Could not get direct parents for %s: %d [%s]\n", - aliases[i], ret, strerror(ret))); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Could not get direct parents for %s: %d [%s]\n", + aliases[i], ret, strerror(ret))); goto done; } @@ -2143,15 +2159,17 @@ errno_t sdap_check_aliases(struct sysdb_ctx *sysdb, (const char *const *) parents, NULL); if (ret != EOK) { - DEBUG(1, ("Membership update failed [%d]: %s\n", - ret, strerror(ret))); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Membership update failed [%d]: %s\n", + ret, strerror(ret))); goto done; } } ret = sysdb_delete_user(sysdb, aliases[i], alias_uid); if (ret) { - DEBUG(1, ("Error deleting fake user %s\n", aliases[i])); + DEBUG(SSSDBG_FATAL_FAILURE, + ("Error deleting fake user %s\n", aliases[i])); goto done; } } |