[sssd/f20] Fix a sysdb lookup error that resulted in IFP not returning subdomain users
Jakub Hrozek
jhrozek at fedoraproject.org
Thu Dec 11 10:17:50 UTC 2014
commit c71c6ccc3596957b30e2a6ccb612b9784e5a6de1
Author: Jakub Hrozek <jhrozek at redhat.com>
Date: Wed Oct 8 10:22:09 2014 +0200
Fix a sysdb lookup error that resulted in IFP not returning subdomain users
...get_user_attr-use-fqn-for-subdomain-users.patch | 46 ++++++++++++++++++++
sssd.spec | 6 ++-
2 files changed, 51 insertions(+), 1 deletions(-)
---
diff --git a/0001-sysdb_get_user_attr-use-fqn-for-subdomain-users.patch b/0001-sysdb_get_user_attr-use-fqn-for-subdomain-users.patch
new file mode 100644
index 0000000..a4faf62
--- /dev/null
+++ b/0001-sysdb_get_user_attr-use-fqn-for-subdomain-users.patch
@@ -0,0 +1,46 @@
+From 7e055a9766775dbb2f929c000535fe9282104473 Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina at redhat.com>
+Date: Mon, 6 Oct 2014 13:44:37 +0200
+Subject: [PATCH] sysdb_get_user_attr: use fqn for subdomain users
+
+Name of subdomain users is stored with domain part in the sysdb.
+We need to use fully qualified names for those user so we can
+look them up.
+---
+ src/db/sysdb_search.c | 13 +++++++++++--
+ 1 file changed, 11 insertions(+), 2 deletions(-)
+
+diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
+index d4b823bf36ea76fd93dbccb52cde598a77730f25..f88a11586d3b8b188d032b6dc516ad18fa05d878 100644
+--- a/src/db/sysdb_search.c
++++ b/src/db/sysdb_search.c
+@@ -901,6 +901,7 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
+ TALLOC_CTX *tmp_ctx;
+ struct ldb_dn *base_dn;
+ struct ldb_result *res;
++ const char *src_name;
+ char *sanitized_name;
+ char *lc_sanitized_name;
+ int ret;
+@@ -917,8 +918,16 @@ int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
+ goto done;
+ }
+
+- ret = sss_filter_sanitize_for_dom(tmp_ctx, name, domain, &sanitized_name,
+- &lc_sanitized_name);
++ /* If this is a subdomain we need to use fully qualified names for the
++ * search as well by default */
++ src_name = sss_get_domain_name(tmp_ctx, name, domain);
++ if (!src_name) {
++ ret = ENOMEM;
++ goto done;
++ }
++
++ ret = sss_filter_sanitize_for_dom(tmp_ctx, src_name, domain,
++ &sanitized_name, &lc_sanitized_name);
+ if (ret != EOK) {
+ goto done;
+ }
+--
+1.7.11.7
+
diff --git a/sssd.spec b/sssd.spec
index 5fac396..78b0a68 100644
--- a/sssd.spec
+++ b/sssd.spec
@@ -14,7 +14,7 @@
Name: sssd
Version: 1.11.7
-Release: 2%{?dist}
+Release: 3%{?dist}
Group: Applications/System
Summary: System Security Services Daemon
License: GPLv3+
@@ -23,6 +23,7 @@ Source0: https://fedorahosted.org/released/sssd/%{name}-%{version}.tar.gz
BuildRoot: %(mktemp -ud %{_tmppath}/%{name}-%{version}-%{release}-XXXXXX)
### Patches ###
+Patch0001: 0001-sysdb_get_user_attr-use-fqn-for-subdomain-users.patch
Patch0602: 0602-FEDORA-Add-CIFS-idmap-plugin.patch
### Dependencies ###
@@ -751,6 +752,9 @@ fi
%postun -n libsss_idmap -p /sbin/ldconfig
%changelog
+* Thu Sep 25 2014 Jakub Hrozek <jhrozek at redhat.com> - 1.11.7-3
+- Fix a sysdb lookup error that resulted in IFP not returning subdomain users
+
* Thu Sep 25 2014 Jakub Hrozek <jhrozek at redhat.com> - 1.11.7-2
- update the libldb requirement to 1.1.17, which is required by Samba
More information about the scm-commits
mailing list