From 4663b9a486964533183533046f7093e9a3a9b75b Mon Sep 17 00:00:00 2001 From: Sumit Bose Date: Wed, 21 Jan 2015 12:35:00 +0100 Subject: [PATCH 174/176] views: fix GID overrride for mpg domains When adding a user sysdb internally adds a value to SYSDB_GIDNUM for mpg domain which might cause conflicts with the one we added to users git GID overrides. With this patch the override GID is added after the user is created but in the same transaction Releted to https://fedorahosted.org/sssd/ticket/2514 Reviewed-by: Jakub Hrozek (cherry picked from commit ba818cc39dfe94c2b8613f4badf7912811f0f737) --- src/providers/ipa/ipa_s2n_exop.c | 21 ++++++++++++++++++++- 1 file changed, 20 insertions(+), 1 deletion(-) diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c index e7c2d9bb97908746eb5ab6cacc6fc58d353dea06..a9c2f1ae3955bc3d2707bbcd186609a8d76b6169 100644 --- a/src/providers/ipa/ipa_s2n_exop.c +++ b/src/providers/ipa/ipa_s2n_exop.c @@ -1748,6 +1748,7 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, char **del_groups_dns; bool in_transaction = false; int tret; + struct sysdb_attrs *gid_override_attrs = NULL; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -1939,7 +1940,16 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, if (ret == EOK || ret == ENOENT) { if ((orig_gid != 0 && orig_gid != attrs->a.user.pw_gid) || attrs->a.user.pw_uid != attrs->a.user.pw_gid) { - ret = sysdb_attrs_add_uint32(attrs->sysdb_attrs, + + gid_override_attrs = sysdb_new_attrs(tmp_ctx); + if (gid_override_attrs == NULL) { + DEBUG(SSSDBG_OP_FAILURE, + "sysdb_new_attrs failed.\n"); + ret = ENOMEM; + goto done; + } + + ret = sysdb_attrs_add_uint32(gid_override_attrs, SYSDB_GIDNUM, attrs->a.user.pw_gid); if (ret != EOK) { @@ -1973,6 +1983,15 @@ static errno_t ipa_s2n_save_objects(struct sss_domain_info *dom, goto done; } + if (gid_override_attrs != NULL) { + ret = sysdb_set_user_attr(dom, name, gid_override_attrs, + SYSDB_MOD_REP); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "sysdb_set_user_attr failed.\n"); + goto done; + } + } + if (attrs->response_type == RESP_USER_GROUPLIST) { ret = get_sysdb_grouplist(tmp_ctx, dom->sysdb, dom, name, &sysdb_grouplist); -- 2.1.0