On 10/17/2012 03:28 PM, Michal Židek wrote:
On 10/16/2012 03:45 PM, Stef Walter wrote:
> On 10/16/2012 02:04 PM, Jakub Hrozek wrote:
>> I was wondering for a while whether to change the behaviour directly in
>> confdb_get_string_as_list() but I think the attached patch takes a
>> better
>> approach because the other consumers of confdb_get_string_as_list() do
>> not see any difference between empty and missing parameter.
>
> Yeah figures.
>
>> The patch works as advertized, there is just one compilation warning:
>>
>> src/providers/simple/simple_access.c: In function
>> 'get_conf_list_or_empty':
>> src/providers/simple/simple_access.c:284:9: warning: unused variable 'r'
>> [-Wunused-variable]
>
> New patch attached.
>
> Thanks for the review.
>
> Stef
>
Hi Stef,
your patch solves the problem with *empty* 'simple_allow_users = ', but
it introduces new problem with *nonexistent* simple_allow_users. With
your patch, if no simple_allow_users list was specified, it behaves as
if empty simple_allow_users was provided and denies access to all users.
I think this new behaviour could brake existing configurations and it
also differs from the behaviour described in man pages.
Michal
_______________________________________________
sssd-devel mailing list
sssd-devel(a)lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
I fixed the new problem and prepared patch that applies on top of this one.
attached
O.
--
Ondrej Kos
Associate Software Engineer
Identity Management
Red Hat Czech
phone: +420-532-294-558
cell: +420-736-417-909
ext: 82-62558
loc: 1/5C Brno 1 office
irc: okos @ #brno