On Tue, Feb 07, 2012 at 04:35:21PM +0100, Jan Zelený wrote: > If all triplets of a netgroup are removed from LDAP server record, this > change won't be projected to the sysdb and all triplets will remain > there. The same situation will happen when removing all netgroup > members. > > This patch fixes these bugs and provides the possibility to fix similar > issues elsewhere. > > https://fedorahosted.org/sssd/ticket/1136 > > Thanks > Jan
I think that situations like this was the reason we use the list_missing_attrs() function and then remove the "extra" attributes during save. I see that list_missing_attrs() is used only when saving users and services, not netgroups. Have you reproduced the bug with users or groups? (I see the patch also touches sdap_save_user()) Using list_missing_attrs() and extending sysdb_add_netgroup() (maybe with a sysdb_store_user() so the code is similar to users) seems like the proper fix to me. _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://fedorahosted.org/mailman/listinfo/sssd-devel
