On (03/08/16 15:07), Lukas Slebodnik wrote: >On (03/08/16 14:02), Jakub Hrozek wrote: >>Hi, >> >>see the attached patch. You can use Lukas' integration tests to help >>with review. > >>From 46a705afa5c04399e8ae41bfa98836cf40803f0f Mon Sep 17 00:00:00 2001 >>From: Jakub Hrozek <jhro...@redhat.com> >>Date: Wed, 3 Aug 2016 13:18:51 +0200 >>Subject: [PATCH] LDAP: Use FQDN when linking parent LDAP groups >> >>Resolves: >> https://fedorahosted.org/sssd/ticket/3093 >> >>Because we compare the list of LDAP names with the list of sysdb names, >>we need to qualify the list of LDAP names before running the diff. >>--- >> src/providers/ldap/sdap_async_initgroups.c | 2 +- >> 1 file changed, 1 insertion(+), 1 deletion(-) >> >>diff --git a/src/providers/ldap/sdap_async_initgroups.c >>b/src/providers/ldap/sdap_async_initgroups.c >>index >>cc63dff781338e33a9802f97d98174fce2167b4b..82c708c226bf1a645ff5a395947dfdbad71e0f1f >> 100644 >>--- a/src/providers/ldap/sdap_async_initgroups.c >>+++ b/src/providers/ldap/sdap_async_initgroups.c >>@@ -2080,7 +2080,7 @@ rfc2307bis_group_memberships_build(hash_entry_t *item, >>void *user_data) >> } >> >> if (group->parents_count > 0) { >>- ret = sysdb_attrs_primary_name_list(mstate->dom, tmp_ctx, >>+ ret = sysdb_attrs_primary_fqdn_list(mstate->dom, tmp_ctx, >> group->ldap_parents, group->parents_count, >> mstate->opts->group_map[SDAP_AT_GROUP_NAME].name, >> &ldap_parents_names_list); > >The patch helped a bit but I can still see some failures in rfc2307 bis tests. > >I will provided more details later (== users/group hierarchy) > The failures are not related to processing of nested groups. There are some issues with updating initgroups memory cache.
So ACK to oneliner :-) LS _______________________________________________ sssd-devel mailing list sssd-devel@lists.fedorahosted.org https://lists.fedorahosted.org/admin/lists/sssd-devel@lists.fedorahosted.org
