summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--src/providers/ldap/sdap_async_initgroups.c31
1 files changed, 25 insertions, 6 deletions
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 8a9160d4..0ab30cfd 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -167,14 +167,14 @@ static int sdap_initgr_common_store(struct sysdb_ctx *sysdb,
enum sysdb_member_type type,
char **sysdb_grouplist,
struct sysdb_attrs **ldap_groups,
- int ldap_groups_count,
- bool add_fake)
+ int ldap_groups_count)
{
TALLOC_CTX *tmp_ctx;
char **ldap_grouplist = NULL;
char **add_groups;
char **del_groups;
- int ret;
+ int ret, tret;
+ bool in_transaction = false;
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
@@ -205,10 +205,17 @@ static int sdap_initgr_common_store(struct sysdb_ctx *sysdb,
&add_groups, &del_groups, NULL);
if (ret != EOK) goto done;
+ ret = sysdb_transaction_start(sysdb);
+ if (ret != EOK) {
+ DEBUG(1, ("Failed to start transaction\n"));
+ goto done;
+ }
+ in_transaction = true;
+
/* Add fake entries for any groups the user should be added as
* member of but that are not cached in sysdb
*/
- if (add_fake && add_groups && add_groups[0]) {
+ if (add_groups && add_groups[0]) {
ret = sdap_add_incomplete_groups(sysdb, opts, dom,
add_groups, ldap_groups,
ldap_groups_count);
@@ -228,8 +235,21 @@ static int sdap_initgr_common_store(struct sysdb_ctx *sysdb,
goto done;
}
+ ret = sysdb_transaction_commit(sysdb);
+ if (ret != EOK) {
+ DEBUG(1, ("Failed to commit transaction\n"));
+ goto done;
+ }
+ in_transaction = false;
+
ret = EOK;
done:
+ if (in_transaction) {
+ tret = sysdb_transaction_cancel(sysdb);
+ if (tret != EOK) {
+ DEBUG(1, ("Failed to cancel transaction\n"));
+ }
+ }
talloc_zfree(tmp_ctx);
return ret;
}
@@ -469,8 +489,7 @@ static void sdap_initgr_rfc2307_process(struct tevent_req *subreq)
SYSDB_MEMBER_USER,
sysdb_grouplist,
state->ldap_groups,
- state->ldap_groups_count,
- true);
+ state->ldap_groups_count);
if (ret != EOK) {
tevent_req_error(req, ret);
return;