[SSSD] [sssd PR#984][opened] 1.16: memberof: keep memberOf attribute for nested member

Fri, 07 Feb 2020 02:09:49 -0800 

   URL: https://github.com/SSSD/sssd/pull/984
Author: pbrezina
 Title: #984: 1.16: memberof: keep memberOf attribute for nested member
Action: opened

PR body:
"""
If we have a member that is both direct and nested member,
memberOf attribute was removed if the direct membership
was deleted.

1)
user ----------> groupB -> groupC
     -> groupA /

2)
user -> groupA -> groupB -> groupC

If we remove user->groupB from 1), we get 2) but groupB was still
removed from user memberOf attribute.

Resolves:
https://pagure.io/SSSD/sssd/issue/3636

Reviewed-by: Sumit Bose <sb...@redhat.com>
(cherry picked from commit 1f5d139d103328b6e4be7dc8368abdd39a91d3a6)
"""

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/984/head:pr984
git checkout pr984

From 3e8f69c0563e15e3101a46df2ac8c550910d8b24 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrez...@redhat.com>
Date: Mon, 19 Mar 2018 12:47:17 +0100
Subject: [PATCH] memberof: keep memberOf attribute for nested member

If we have a member that is both direct and nested member,
memberOf attribute was removed if the direct membership
was deleted.

1)
user ----------> groupB -> groupC
     -> groupA /

2)
user -> groupA -> groupB -> groupC

If we remove user->groupB from 1), we get 2) but groupB was still
removed from user memberOf attribute.

Resolves:
https://pagure.io/SSSD/sssd/issue/3636

Reviewed-by: Sumit Bose <sb...@redhat.com>
(cherry picked from commit 1f5d139d103328b6e4be7dc8368abdd39a91d3a6)
---
 src/ldb_modules/memberof.c | 6 +-----
 1 file changed, 1 insertion(+), 5 deletions(-)

diff --git a/src/ldb_modules/memberof.c b/src/ldb_modules/memberof.c
index 5e1ff95a82..dae51938b7 100644
--- a/src/ldb_modules/memberof.c
+++ b/src/ldb_modules/memberof.c
@@ -2055,11 +2055,7 @@ static int mbof_del_anc_callback(struct ldb_request *req,
                     talloc_free(valdn);
                     continue;
                 }
-                /* do not re-add the original deleted entry by mistake */
-                if (ldb_dn_compare(valdn, del_ctx->first->entry_dn) == 0) {
-                    talloc_free(valdn);
-                    continue;
-                }
+
                 new_list->dns = talloc_realloc(new_list,
                                                new_list->dns,
                                                struct ldb_dn *,

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
Fedora Code of Conduct: 
https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: 
https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org

Reply via email to