On Tue, 20 May 2014, Jakub Hrozek wrote:
On Tue, May 13, 2014 at 11:45:29AM +0200, Pavel Reichl wrote:
Hello,
Alexander has prepared attached patches, but he was not able to post
them himself as he is currently having bad connection.
Pavel Reichl
I've tested the patches atop my patch called "AD: Initialize
user_map_cnt in server mode" that I sent to master today. It's a good
start but I would like to propose two amendments that I attach.
One makes sure the search by SID also includes UID which we read later,
the second makes sure ENOENT or an empty message is handled gracefully
and doesn't pollute the logs with a DEBUG message.
If you agree, we can apply these patches atop yours or squash them in, I
don't mind either way.
The second patch looks good to me.
ACK to both. I'm fine with squashing the patches together.
From 67bcb741597cacd72e620c4157c12f443f960cd3 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 20 May 2014 20:45:52 +0200
Subject: [PATCH 1/2] IPA: Also retrieve UID when searching for user by SID
---
src/providers/ipa/ipa_subdomains_id.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/providers/ipa/ipa_subdomains_id.c
b/src/providers/ipa/ipa_subdomains_id.c
index
9aea76cd92c107aa350740f9c3e59a40ef7a6259..f7d76d099f84c30fe86ef662a31e8b553f63c2af
100644
--- a/src/providers/ipa/ipa_subdomains_id.c
+++ b/src/providers/ipa/ipa_subdomains_id.c
@@ -486,6 +486,9 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct
sss_domain_info *dom,
const char *homedir = NULL;
struct ldb_result *res = NULL;
struct ldb_message *msg = NULL;
+ const char *attrs[] = { SYSDB_NAME,
+ SYSDB_UIDNUM,
+ NULL };
if (filter_type == BE_FILTER_NAME) {
ret = sysdb_getpwnam(mem_ctx, dom, filter_value, &res);
@@ -498,7 +501,8 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct
sss_domain_info *dom,
}
ret = sysdb_getpwuid(mem_ctx, dom, uid, &res);
} else if (filter_type == BE_FILTER_SECID) {
- ret = sysdb_search_user_by_sid_str(mem_ctx, dom, filter_value, NULL,
&msg);
+ ret = sysdb_search_user_by_sid_str(mem_ctx, dom, filter_value,
+ attrs, &msg);
} else {
DEBUG(SSSDBG_OP_FAILURE,
"Unsupported filter type: [%d].\n", filter_type);
--
1.8.5.3
From efd8004af9551122fc86e37efefe0cfb2ba34485 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Tue, 20 May 2014 20:46:20 +0200
Subject: [PATCH 2/2] IPA: Handle ENOENT gracefully when retrieving user by SID
---
src/providers/ipa/ipa_subdomains_id.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/providers/ipa/ipa_subdomains_id.c
b/src/providers/ipa/ipa_subdomains_id.c
index
f7d76d099f84c30fe86ef662a31e8b553f63c2af..21e9f85a1bf9277073c94708d31612e3bd8e6113
100644
--- a/src/providers/ipa/ipa_subdomains_id.c
+++ b/src/providers/ipa/ipa_subdomains_id.c
@@ -510,14 +510,14 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct
sss_domain_info *dom,
goto done;
}
- if (ret != EOK) {
+ if (ret != EOK && ret != ENOENT) {
DEBUG(SSSDBG_OP_FAILURE,
"Failed to make request to our cache: [%d]: [%s]\n",
ret, sss_strerror(ret));
goto done;
}
- if (res && res->count == 0) {
+ if ((res && res->count == 0) || (msg && msg->num_elements == 0)) {
ret = ENOENT;
goto done;
}
--
1.8.5.3
--
/ Alexander Bokovoy
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://lists.fedorahosted.org/mailman/listinfo/sssd-devel
