On 09/16/2013 12:15 PM, Jakub Hrozek wrote:
On Mon, Sep 16, 2013 at 11:01:36AM +0200, Pavel Březina wrote:
On 09/13/2013 04:52 PM, Lukas Slebodnik wrote:
ehlo,
Attached patch resolves ticket #2075
LS
Hi,
minor nack.
+ ret = sdap_get_netgroup_primary_name(memctx, opts, attrs, dom, &name);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Failed to get netgroup name\n"));
+ goto fail;
+ }
Wrong indentation ^^ otherwise LGTM
Can you provide steps to reproduce please? I tries following netgroups:
dn: cn=ng-1,ou=Netgroups,dc=ldap,dc=pb
objectClass: top
objectClass: nisNetgroup
cn: ng-1
cn: ng-3
nisNetgroupTriple: (,,bobby,example.com)
nisNetgroupTriple: (,,johny.example.com)
Would it trigger the bug if you reversed the order of the cn attributes?
Or would that make saving the netgroup fail in sssd_be?
Reversing the order of cn attributes did not help but I triggered the
bug when dn=cn=ng-1 had only one cn, but dn=ng-3 had cn=ng-3 and cn=ng-1.
With Lukas' patch:
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]]
[sdap_get_generic_ext_step] (0x0400): calling ldap_search_ext with
[(&(cn=ng-1)(objectclass=nisNetgroup))][dc=ldap,dc=pb].
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]]
[sdap_get_generic_ext_done] (0x0400): Search result: Success(0), no
errmsg set
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]]
[sdap_get_netgroups_process] (0x0400): Search for netgroups, returned 2
results.
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_get_primary_name]
(0x0400): Processing object ng-1
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_save_netgroup]
(0x0400): Processing netgroup ng-1
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_save_netgroup]
(0x0400): Storing info for netgroup ng-1
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_get_primary_name]
(0x0400): Processing object ng-3
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_save_netgroup]
(0x0400): Processing netgroup ng-3
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [sdap_save_netgroup]
(0x0400): Storing info for netgroup ng-3
(Mon Sep 16 12:19:47 2013) [sssd[be[LDAP.PB]]] [ldap_netgroup_get_done]
(0x0020): Found more than one netgroup with the name [ng-1].
(Mon Sep 16 12:19:47 2013) [sssd[nss]] [lookup_netgr_dp_callback]
(0x0040): Unable to get information from Data Provider
Error: 3, 22, Netgroup lookup failed
Will try to return what we have in cache
Both netgroups are stored in ldb, but dp fails and $ getent netgroup
ng-1 yields empty result.
# record 5
dn: name=ng-1,cn=Netgroups,cn=LDAP.PB,cn=sysdb
createTimestamp: 1379326787
name: ng-1
objectClass: netgroup
originalDN: cn=ng-1,ou=Netgroups,dc=ldap,dc=pb
originalModifyTimestamp: 20130916101927Z
netgroupTriple: (,,bobby,example.com)
netgroupTriple: (,,johny.example.com)
lastUpdate: 1379326787
dataExpireTimestamp: 1379332187
distinguishedName: name=ng-1,cn=Netgroups,cn=LDAP.PB,cn=sysdb
# record 6
dn: name=ng-3,cn=Netgroups,cn=LDAP.PB,cn=sysdb
createTimestamp: 1379326787
name: ng-3
objectClass: netgroup
originalDN: cn=ng-3,ou=Netgroups,dc=ldap,dc=pb
originalModifyTimestamp: 20130916101936Z
netgroupTriple: (,,ajohny.example.com)
netgroupTriple: (,,abobby,example.com)
nameAlias: ng-1
lastUpdate: 1379326787
dataExpireTimestamp: 1379332187
distinguishedName: name=ng-3,cn=Netgroups,cn=LDAP.PB,cn=sysdb
dn: cn=ng-3,ou=Netgroups,dc=ldap,dc=pb
objectClass: top
objectClass: nisNetgroup
cn: ng-3
nisNetgroupTriple: (,,ajohny.example.com)
nisNetgroupTriple: (,,abobby,example.com)
$ getent netgroup ng-1
ng-1 ( ,,bobby,example.com) ( ,,johny.example.com)
$ getent netgroup ng-3
ng-3 ( ,,bobby,example.com) ( ,,johny.example.com)
But I got the same result (ng-1, no errors) with and without the patch.
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
