bab31444d7
- Resolves: upstream #3154 - sssd exits if clock is adjusted backwards after
boot
- Resolves: upstream #3163 - resolving IPA nested user group is broken in 1.14
(cherry picked from commit 2b61bbee11
)
51 lines
1.9 KiB
Diff
51 lines
1.9 KiB
Diff
From 5ac050f0f5160dc433aba21fd1ae2f2a8ffa9a88 Mon Sep 17 00:00:00 2001
|
|
From: Petr Cech <pcech@redhat.com>
|
|
Date: Fri, 22 Jul 2016 14:28:54 +0200
|
|
Subject: [PATCH 05/39] LDAP: Fixing of removing netgroup from cache
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
There were problem with local key which wasn't properly removed.
|
|
This patch fixes it.
|
|
|
|
Resolves:
|
|
https://fedorahosted.org/sssd/ticket/2841
|
|
|
|
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
|
(cherry picked from commit bf141e052a81b28ee0ad2f61ff8b4879e4faa13b)
|
|
---
|
|
src/providers/ldap/sdap_async_netgroups.c | 16 ++++++++++++++++
|
|
1 file changed, 16 insertions(+)
|
|
|
|
diff --git a/src/providers/ldap/sdap_async_netgroups.c b/src/providers/ldap/sdap_async_netgroups.c
|
|
index df233d956df70cfcb5f68bd2afc9e2a23c50c3bb..e1d69ad769f542cccffca50547932a5bfb352230 100644
|
|
--- a/src/providers/ldap/sdap_async_netgroups.c
|
|
+++ b/src/providers/ldap/sdap_async_netgroups.c
|
|
@@ -138,6 +138,22 @@ static errno_t sdap_save_netgroup(TALLOC_CTX *memctx,
|
|
goto fail;
|
|
}
|
|
|
|
+ /* We store memberNisNetgroup from LDAP as originalMemberNisNetgroup in
|
|
+ * sysdb. It may contain simple name or DN. That's the reason why we always
|
|
+ * translate/generate simple name and store it in SYSDB_NETGROUP_MEMBER
|
|
+ * (memberNisNetgroup) in sysdb which is internally used for searching
|
|
+ * netgropus.
|
|
+ * We need to ensure if originalMemberNisNetgroup is missing,
|
|
+ * memberNisNetgroup is missing too.
|
|
+ */
|
|
+ if (string_in_list(SYSDB_ORIG_NETGROUP_MEMBER, missing, false)) {
|
|
+ ret = add_string_to_list(attrs, SYSDB_NETGROUP_MEMBER, &missing);
|
|
+ if (ret != EOK) {
|
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to add string into list\n");
|
|
+ goto fail;
|
|
+ }
|
|
+ }
|
|
+
|
|
ret = sysdb_add_netgroup(dom, name, NULL, netgroup_attrs, missing,
|
|
dom->netgroup_timeout, now);
|
|
if (ret) goto fail;
|
|
--
|
|
2.9.3
|
|
|