rpms / 389-ds-base

Clone
Source Code
GIT

Blame SOURCES/0008-Ticket-50282-OPERATIONS-ERROR-when-trying-to-delete-.patch

c4 c5 c5-plus c6 c6-plus c7 c7-alt c7-armhfp c7-beta c8-beta-stream-1.4 c8-stream-1.4 c8s-stream-1.4 c8s-stream-ds c9 c9-beta
  1.   47a30d4d27c3710188c9cd7a9c363d02939b3fc2
  2.   SOURCES
  3.   0008-Ticket-50282-OPERATIONS-ERROR-when-trying-to-delete-.patch
Blob History Raw
26521d 
From 57f661a8acea18aa19985d0556a78d81a9361b89 Mon Sep 17 00:00:00 2001
26521d 
From: Thierry Bordaz <tbordaz@redhat.com>
26521d 
Date: Thu, 14 Mar 2019 17:33:35 +0100
26521d 
Subject: [PATCH 1/4] Ticket 50282 - OPERATIONS ERROR when trying to delete a
26521d 
 group with automember members
26521d
26521d 
Bug Description:
26521d 
	When automember and memberof are enabled, if a user is member of a group
26521d 
	because of an automember rule. Then when the group is deleted,
26521d 
	memberof updates the member (to update 'memberof' attribute) that
26521d 
	trigger automember to reevaluate the automember rule and add the member
26521d 
	to the group. But at this time the group is already deleted.
26521d 
	Chaining back the failure up to the top level operation the deletion
26521d 
	of the group fails
26521d
26521d 
Fix Description:
26521d 
	The fix consists to check that if a automember rule tries to add a user
26521d 
	in a group, then to check that the group exists before updating it.
26521d
26521d 
https://pagure.io/389-ds-base/issue/50282
26521d
26521d 
Reviewed by: Mark Reynolds, William Brown
26521d
26521d 
Platforms tested: F29
26521d
26521d 
Flag Day: no
26521d
26521d 
Doc impact: no
26521d 
---
26521d 
 ldap/servers/plugins/automember/automember.c | 23 ++++++++++++++++++++
26521d 
 1 file changed, 23 insertions(+)
26521d
26521d 
diff --git a/ldap/servers/plugins/automember/automember.c b/ldap/servers/plugins/automember/automember.c
26521d 
index bb6ff1f8e..fcf0cdb9a 100644
26521d 
--- a/ldap/servers/plugins/automember/automember.c
26521d 
+++ b/ldap/servers/plugins/automember/automember.c
26521d 
@@ -1636,6 +1636,29 @@ automember_update_member_value(Slapi_Entry *member_e, const char *group_dn, char
26521d 
     char *member_value = NULL;
26521d 
     int freeit = 0;
26521d 
     int rc = 0;
26521d 
+    Slapi_DN *group_sdn;
26521d 
+    Slapi_Entry *group_entry = NULL;
26521d 
+
26521d 
+    /* First thing check that the group still exists */
26521d 
+    group_sdn = slapi_sdn_new_dn_byval(group_dn);
26521d 
+    rc = slapi_search_internal_get_entry(group_sdn, NULL, &group_entry, automember_get_plugin_id());
26521d 
+    slapi_sdn_free(&group_sdn);
26521d 
+    if (rc != LDAP_SUCCESS || group_entry == NULL) {
26521d 
+        if (rc == LDAP_NO_SUCH_OBJECT) {
26521d 
+            /* the automember group (default or target) does not exist, just skip this definition */
26521d 
+            slapi_log_err(SLAPI_LOG_PLUGIN, AUTOMEMBER_PLUGIN_SUBSYSTEM,
26521d 
+                      "automember_update_member_value - group (default or target) does not exist (%s)\n",
26521d 
+                      group_dn);
26521d 
+            rc = 0;
26521d 
+        } else {
26521d 
+            slapi_log_err(SLAPI_LOG_ERR, AUTOMEMBER_PLUGIN_SUBSYSTEM,
26521d 
+                      "automember_update_member_value - group (default or target) can not be retrieved (%s) err=%d\n",
26521d 
+                      group_dn, rc);
26521d 
+        }
26521d 
+        slapi_entry_free(group_entry);
26521d 
+        return rc;
26521d 
+    }
26521d 
+    slapi_entry_free(group_entry);
26521d
26521d 
     /* If grouping_value is dn, we need to fetch the dn instead. */
26521d 
     if (slapi_attr_type_cmp(grouping_value, "dn", SLAPI_TYPE_CMP_EXACT) == 0) {
26521d 
--
26521d 
2.17.2
26521d

Powered by Pagure 5.14.1

SSH Hostkey/Fingerprint | Documentation