This is an automated email from the git hooks/post-receive script.
tbordaz pushed a commit to branch 389-ds-base-1.3.9
in repository 389-ds-base.
The following commit(s) were added to refs/heads/389-ds-base-1.3.9 by this push:
new bcacbf2 Ticket 50282 - OPERATIONS ERROR when trying to delete a group with
automember members
bcacbf2 is described below
commit bcacbf24bdfca1716c0cb033535fcb8836306c38
Author: Thierry Bordaz <tbordaz(a)redhat.com>
AuthorDate: Thu Mar 14 17:33:35 2019 +0100
Ticket 50282 - OPERATIONS ERROR when trying to delete a group with automember members
Bug Description:
When automember and memberof are enabled, if a user is member of a group
because of an automember rule. Then when the group is deleted,
memberof updates the member (to update 'memberof' attribute) that
trigger automember to reevaluate the automember rule and add the member
to the group. But at this time the group is already deleted.
Chaining back the failure up to the top level operation the deletion
of the group fails
Fix Description:
The fix consists to check that if a automember rule tries to add a user
in a group, then to check that the group exists before updating it.
https://pagure.io/389-ds-base/issue/50282
Reviewed by: Mark Reynolds, William Brown
Platforms tested: F29
Flag Day: no
Doc impact: no
---
ldap/servers/plugins/automember/automember.c | 23 +++++++++++++++++++++++
1 file changed, 23 insertions(+)
diff --git a/ldap/servers/plugins/automember/automember.c
b/ldap/servers/plugins/automember/automember.c
index bb6ff1f..fcf0cdb 100644
--- a/ldap/servers/plugins/automember/automember.c
+++ b/ldap/servers/plugins/automember/automember.c
@@ -1636,6 +1636,29 @@ automember_update_member_value(Slapi_Entry *member_e, const char
*group_dn, char
char *member_value = NULL;
int freeit = 0;
int rc = 0;
+ Slapi_DN *group_sdn;
+ Slapi_Entry *group_entry = NULL;
+
+ /* First thing check that the group still exists */
+ group_sdn = slapi_sdn_new_dn_byval(group_dn);
+ rc = slapi_search_internal_get_entry(group_sdn, NULL, &group_entry,
automember_get_plugin_id());
+ slapi_sdn_free(&group_sdn);
+ if (rc != LDAP_SUCCESS || group_entry == NULL) {
+ if (rc == LDAP_NO_SUCH_OBJECT) {
+ /* the automember group (default or target) does not exist, just skip this
definition */
+ slapi_log_err(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
+ "automember_update_member_value - group (default or target)
does not exist (%s)\n",
+ group_dn);
+ rc = 0;
+ } else {
+ slapi_log_err(SLAPI_LOG_ERR, AUTOMEMBER_PLUGIN_SUBSYSTEM,
+ "automember_update_member_value - group (default or target)
can not be retrieved (%s) err=%d\n",
+ group_dn, rc);
+ }
+ slapi_entry_free(group_entry);
+ return rc;
+ }
+ slapi_entry_free(group_entry);
/* If grouping_value is dn, we need to fetch the dn instead. */
if (slapi_attr_type_cmp(grouping_value, "dn", SLAPI_TYPE_CMP_EXACT) == 0)
{
--
To stop receiving notification emails like this one, please contact
the administrator of this repository.