On 10/06/2014 03:06 PM, Jakub Hrozek wrote:
On Mon, Oct 06, 2014 at 02:18:11PM +0200, Pavel Březina wrote:
Without this patch IFP is unable to find subdomain users.
I think you forgot to attach a unit test. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Here it is.
On (08/10/14 16:20), Pavel Březina wrote:
On 10/06/2014 03:06 PM, Jakub Hrozek wrote:
On Mon, Oct 06, 2014 at 02:18:11PM +0200, Pavel Březina wrote:
Without this patch IFP is unable to find subdomain users.
I think you forgot to attach a unit test. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Here it is.
From a0507d78ebda86583c638f58ddee6debc146a8ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Mon, 6 Oct 2014 13:44:37 +0200 Subject: [PATCH 1/2] sysdb_get_user_attr: use fqn for subdomain users
Name of subdomain users is stored with domain part in the sysdb. We need to use fully qualified names for those user so we can look them up.
src/db/sysdb_search.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 2ae215055fbf0ff85140ce5f484034c1af72b45a..d51d2134a02b4397cb7063c3bee64ad8eb5bb2cc 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -478,6 +478,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, TALLOC_CTX *tmp_ctx; struct ldb_dn *base_dn; struct ldb_result *res;
- const char *src_name; char *sanitized_name; char *lc_sanitized_name; int ret;
@@ -494,8 +495,16 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, goto done; }
- ret = sss_filter_sanitize_for_dom(tmp_ctx, name, domain, &sanitized_name,
&lc_sanitized_name);
- /* If this is a subdomain we need to use fully qualified names for the
* search as well by default */- src_name = sss_get_domain_name(tmp_ctx, name, domain);
- if (!src_name) {
ret = ENOMEM;goto done;- }
- ret = sss_filter_sanitize_for_dom(tmp_ctx, src_name, domain,
&sanitized_name, &lc_sanitized_name);-- 1.7.11.7
Functions sysdb_getpwnam, sysdb_getgrnam already called sss_get_domain_name before sss_filter_sanitize_for_dom.
and IIRC we do not need to do it for netgroups: sysdb_getnetgr, sysdb_get_netgroup_attr
ACK
From 8d3f5b62301653f750262997d2f1d4e014bbb9cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Tue, 7 Oct 2014 16:57:40 +0200 Subject: [PATCH 2/2] tests: add test for sysdb_get_user_attr with subdomain user
src/tests/sysdb-tests.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+)
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 8ba214c83f042bc6d210f5de55aac703c5f828e9..c25115697b246ca6bdb905bb233599b5e184c321 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c
test failed without 1st patch.
ACK
LS
On Thu, Oct 09, 2014 at 02:13:59PM +0200, Lukas Slebodnik wrote:
On (08/10/14 16:20), Pavel Březina wrote:
On 10/06/2014 03:06 PM, Jakub Hrozek wrote:
On Mon, Oct 06, 2014 at 02:18:11PM +0200, Pavel Březina wrote:
Without this patch IFP is unable to find subdomain users.
I think you forgot to attach a unit test. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
Here it is.
From a0507d78ebda86583c638f58ddee6debc146a8ce Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Mon, 6 Oct 2014 13:44:37 +0200 Subject: [PATCH 1/2] sysdb_get_user_attr: use fqn for subdomain users
Name of subdomain users is stored with domain part in the sysdb. We need to use fully qualified names for those user so we can look them up.
src/db/sysdb_search.c | 13 +++++++++++-- 1 file changed, 11 insertions(+), 2 deletions(-)
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index 2ae215055fbf0ff85140ce5f484034c1af72b45a..d51d2134a02b4397cb7063c3bee64ad8eb5bb2cc 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -478,6 +478,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, TALLOC_CTX *tmp_ctx; struct ldb_dn *base_dn; struct ldb_result *res;
- const char *src_name; char *sanitized_name; char *lc_sanitized_name; int ret;
@@ -494,8 +495,16 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx, goto done; }
- ret = sss_filter_sanitize_for_dom(tmp_ctx, name, domain, &sanitized_name,
&lc_sanitized_name);
- /* If this is a subdomain we need to use fully qualified names for the
* search as well by default */- src_name = sss_get_domain_name(tmp_ctx, name, domain);
- if (!src_name) {
ret = ENOMEM;goto done;- }
- ret = sss_filter_sanitize_for_dom(tmp_ctx, src_name, domain,
&sanitized_name, &lc_sanitized_name);-- 1.7.11.7
Functions sysdb_getpwnam, sysdb_getgrnam already called sss_get_domain_name before sss_filter_sanitize_for_dom.
and IIRC we do not need to do it for netgroups: sysdb_getnetgr, sysdb_get_netgroup_attr
ACK
From 8d3f5b62301653f750262997d2f1d4e014bbb9cb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Tue, 7 Oct 2014 16:57:40 +0200 Subject: [PATCH 2/2] tests: add test for sysdb_get_user_attr with subdomain user
src/tests/sysdb-tests.c | 54 +++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 54 insertions(+)
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 8ba214c83f042bc6d210f5de55aac703c5f828e9..c25115697b246ca6bdb905bb233599b5e184c321 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c
test failed without 1st patch.
ACK
LS
* master: * 36ea9f2a4ff47a045625203a02c6deed9c53e169 * 25072dd5274f07255cdc930f6257c4cbf74692de
sssd-devel@lists.fedorahosted.org
-
Jakub Hrozek -
Lukas Slebodnik -
Pavel Březina