URL: https://github.com/SSSD/sssd/pull/166
Author: jhrozek
Title: #166: Please see the commit message for commit description.
Action: opened
PR body:
"""
To reproduce, log in as a user from a trusted domain. Before the patch,
you should see an error message about the domain not being found such as:
(Wed Feb 22 20:35:33 2017) [sssd[nss]] [nss_update_initgr_memcache]
(0x0040): Unknown domain (win.trust.test) requested by provider
and the memory cache wouldn't be in fact be invalidated.
"""
To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/166/head:pr166
git checkout pr166
From 4ecdd930e60929c8fd00d7b82fab9473cc4c9b51 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhro...@redhat.com>
Date: Wed, 22 Feb 2017 21:36:37 +0100
Subject: [PATCH] NSS: Fix invalidating memory cache for subdomain users
get_next_domain() was called without any special flags, meaning it only
iterates over main domains. We need to instead use the SSS_GND_DESCEND
flag to make sure sudomains are taken into account, too.
---
src/responder/nss/nss_iface.c | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/src/responder/nss/nss_iface.c b/src/responder/nss/nss_iface.c
index fee95f8..c40d3d1 100644
--- a/src/responder/nss/nss_iface.c
+++ b/src/responder/nss/nss_iface.c
@@ -36,7 +36,9 @@ void nss_update_initgr_memcache(struct nss_ctx *nctx,
int ret;
int i, j;
- for (dom = nctx->rctx->domains; dom; dom = get_next_domain(dom, 0)) {
+ for (dom = nctx->rctx->domains;
+ dom;
+ dom = get_next_domain(dom, SSS_GND_DESCEND)) {
if (strcasecmp(dom->name, domain) == 0) {
break;
}
_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
