This is an automated email from the git hooks/post-receive script. tbordaz pushed a commit to branch 389-ds-base-1.3.9 in repository 389-ds-base. The following commit(s) were added to refs/heads/389-ds-base-1.3.9 by this push: new bcacbf2 Ticket 50282 - OPERATIONS ERROR when trying to delete a group with automember members bcacbf2 is described below commit bcacbf24bdfca1716c0cb033535fcb8836306c38 Author: Thierry Bordaz <tbordaz(a)redhat.com&gt; AuthorDate: Thu Mar 14 17:33:35 2019 +0100 Ticket 50282 - OPERATIONS ERROR when trying to delete a group with automember members Bug Description: When automember and memberof are enabled, if a user is member of a group because of an automember rule. Then when the group is deleted, memberof updates the member (to update 'memberof' attribute) that trigger automember to reevaluate the automember rule and add the member to the group. But at this time the group is already deleted. Chaining back the failure up to the top level operation the deletion of the group fails Fix Description: The fix consists to check that if a automember rule tries to add a user in a group, then to check that the group exists before updating it. https://pagure.io/389-ds-base/issue/50282 Reviewed by: Mark Reynolds, William Brown Platforms tested: F29 Flag Day: no Doc impact: no --- ldap/servers/plugins/automember/automember.c | 23 +++++++++++++++++++++++ 1 file changed, 23 insertions(+) diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c index bb6ff1f..fcf0cdb 100644 --- a/ldap/servers/plugins/automember/automember.c +++ b/ldap/servers/plugins/automember/automember.c @@ -1636,6 +1636,29 @@ automember_update_member_value(Slapi_Entry *member_e, const char *group_dn, char char *member_value = NULL; int freeit = 0; int rc = 0; + Slapi_DN *group_sdn; + Slapi_Entry *group_entry = NULL; + + /* First thing check that the group still exists */ + group_sdn = slapi_sdn_new_dn_byval(group_dn); + rc = slapi_search_internal_get_entry(group_sdn, NULL, &group_entry, automember_get_plugin_id()); + slapi_sdn_free(&group_sdn); + if (rc != LDAP_SUCCESS || group_entry == NULL) { + if (rc == LDAP_NO_SUCH_OBJECT) { + /* the automember group (default or target) does not exist, just skip this definition */ + slapi_log_err(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM, + "automember_update_member_value - group (default or target) does not exist (%s)\n", + group_dn); + rc = 0; + } else { + slapi_log_err(SLAPI_LOG_ERR, AUTOMEMBER_PLUGIN_SUBSYSTEM, + "automember_update_member_value - group (default or target) can not be retrieved (%s) err=%d\n", + group_dn, rc); + } + slapi_entry_free(group_entry); + return rc; + } + slapi_entry_free(group_entry); /* If grouping_value is dn, we need to fetch the dn instead. */ if (slapi_attr_type_cmp(grouping_value, "dn", SLAPI_TYPE_CMP_EXACT) == 0) { -- To stop receiving notification emails like this one, please contact the administrator of this repository.