From 6b7ab672002e3c7f60b2284f679415acc0924388 Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Tue, 9 Dec 2014 17:48:46 +0100 Subject: [PATCH 7/7] IPA: set SYSDB_INITGR_EXPIRE for RESP_USER_GROUPLIST Since RESP_USER_GROUPLIST contains all group memberships it is effectively an initgroups request hence SYSDB_INITGR_EXPIRE will be set. --- src/providers/ipa/ipa_s2n_exop.c | 14 ++++++++++++++ 1 file changed, 14 insertions(+) diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index bd7324ac77878ae2978a2fd4c7e4e9f9434c2a91..0234b8e81473b5706857ce27393588c8370be095 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -1828,6 +1828,20 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, } } + if (attrs->response_type == RESP_USER_GROUPLIST) { + /* Since RESP_USER_GROUPLIST contains all group memberships it + * is effectively an initgroups request hence + * SYSDB_INITGR_EXPIRE will be set.*/ + ret = sysdb_attrs_add_time_t(attrs->sysdb_attrs, + SYSDB_INITGR_EXPIRE, + time(NULL) + timeout); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "sysdb_attrs_add_time_t failed.\n"); + goto done; + } + } + gid = 0; if (dom->mpg == false) { gid = attrs->a.user.pw_gid; -- 2.1.0