Resolves: bug 439628
Bug Description: When deleting a member value from a group, the member
entry has the proper memberOf value removed, but a check is not made
to see if the entry is still a member of parent groups through some
other grouping path first. This results in an inconsistency between
member and memberOf attribute values.
Reviewed by: ???
Files: see diff
Fix Description: The fix is to check if an entry is an indirect group
member before removing the memberOf attribute value form the entry.
I had to add a few new helper functions to perform this check. The new
utility functions allow you to check if a specific entry is a member of
a specific group by looking at member values only. There is a function
for checking if the entry is a direct member, and one that will check
for direct or indirect membership. Both of these functions will not
modify the entry, which is what was lacking in the previous code. These
utility functions required a recursive function underneath to trace
through indirect memberships. This recursive function will detect group
loopings to ensure it doesn't endlessly recurse.
I also did some refactoring and commenting of existing code to make
more clear. These changes have been checked for memory leaks with
and I've also checked for regressions of other recently fixed bugs
Platforms tested: RHEL5.1 x86_64
Flag Day: No.
Doc impact: None.