From f69e9a566540896682c1021de92e5eec6a95dd9d Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>

Date: Sun, 11 Oct 2015 17:38:34 +0200

Subject: [PATCH 103/104] sudo: search with view even if user is found

If an overriden name is provided and the user is already cache we fail

to refresh it since we won't search with VIEW flag. This patch fix

it.

Reviewed-by: Sumit Bose <sbose@redhat.com>

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

(cherry picked from commit 51a0e3a2ef9186d19cbc28d87fe6fc5d5998a0a7)

---

 src/responder/sudo/sudosrv_get_sudorules.c | 5 ++++-

 1 file changed, 4 insertions(+), 1 deletion(-)

diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c

index a0b09e69b71f963c353c9c6331c0708cc364924c..cc06977d97e3319584251bdab26e85855d275e8a 100644

--- a/src/responder/sudo/sudosrv_get_sudorules.c

+++ b/src/responder/sudo/sudosrv_get_sudorules.c

@@ -160,7 +160,10 @@ static errno_t sudosrv_get_user(struct sudo_dom_ctx *dctx)

         if ((user->count == 0 || cache_expire < time(NULL))

             && dctx->check_provider) {

-            if (DOM_HAS_VIEWS(dom) && user->count == 0) {

+            if (DOM_HAS_VIEWS(dom) && (user->count == 0

+                    || ldb_msg_find_attr_as_string(user->msgs[0],

+                                                   OVERRIDE_PREFIX SYSDB_NAME,

+                                                   NULL) != NULL)) {

                 extra_flag = EXTRA_INPUT_MAYBE_WITH_VIEW;

             }

-- 

2.4.3