|
 |
b2d430 |
From 16196f3248a32a7bd9e395b0fdc85249ca4201d7 Mon Sep 17 00:00:00 2001
|
|
|
b2d430 |
From: Sumit Bose <sbose@redhat.com>
|
|
|
b2d430 |
Date: Tue, 30 Aug 2016 17:30:10 +0200
|
|
|
b2d430 |
Subject: [PATCH 126/126] sdap_initgr_nested_get_membership_diff: use
|
|
|
b2d430 |
fully-qualified names
|
|
|
b2d430 |
|
|
|
b2d430 |
I think this is a leftover from the change to use fully-qualified names
|
|
|
b2d430 |
in sysdb. To verify this you can create a nested group in IPA. Without
|
|
|
b2d430 |
this patch the id command will only show the groups the user is a direct
|
|
|
b2d430 |
member of. With the patch the indirect groups memberships should be
|
|
|
b2d430 |
shown as well.
|
|
|
b2d430 |
|
|
|
b2d430 |
https://fedorahosted.org/sssd/ticket/3163
|
|
|
b2d430 |
|
|
|
b2d430 |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
b2d430 |
---
|
|
|
b2d430 |
src/providers/ldap/sdap_async_initgroups.c | 2 +-
|
|
|
b2d430 |
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
b2d430 |
|
|
|
b2d430 |
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
|
|
|
b2d430 |
index 82c708c226bf1a645ff5a395947dfdbad71e0f1f..f9593f0dfaa2dc6e33fd6c9d1f0c9b78cad3a1d9 100644
|
|
|
b2d430 |
--- a/src/providers/ldap/sdap_async_initgroups.c
|
|
|
b2d430 |
+++ b/src/providers/ldap/sdap_async_initgroups.c
|
|
|
b2d430 |
@@ -1414,7 +1414,7 @@ sdap_initgr_nested_get_membership_diff(TALLOC_CTX *mem_ctx,
|
|
|
b2d430 |
group_name, parents_count);
|
|
|
b2d430 |
|
|
|
b2d430 |
if (parents_count > 0) {
|
|
|
b2d430 |
- ret = sysdb_attrs_primary_name_list(dom, tmp_ctx,
|
|
|
b2d430 |
+ ret = sysdb_attrs_primary_fqdn_list(dom, tmp_ctx,
|
|
|
b2d430 |
ldap_parentlist,
|
|
|
b2d430 |
parents_count,
|
|
|
b2d430 |
opts->group_map[SDAP_AT_GROUP_NAME].name,
|
|
|
b2d430 |
--
|
|
|
b2d430 |
2.4.11
|
|
|
b2d430 |
|