dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Blob Blame History Raw
From ea8a4436b66877bbae1a73d11917ecdb3bf72718 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Wed, 22 Mar 2017 13:00:31 +0100
Subject: [PATCH 68/72] SYSDB: Allow storing non-POSIX users

Related to:
https://pagure.io/SSSD/sssd/issue/3310

We already do the same for groups. If the user does not have UID number
set but does have the POSIX: false attribute set, then we save the user
with zero UID and the non-POSIX flag.

Reviewed-by: Sumit Bose <sbose@redhat.com>
---
 src/db/sysdb_ops.c      | 32 ++++++++++++++++++++--------
 src/tests/sysdb-tests.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 79 insertions(+), 9 deletions(-)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 919f22370ff87eff2bf0bb569ca90f1ee699a61e..3cf9d903f25b9ccd506d7957c94040bdc7d658a3 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1855,6 +1855,7 @@ int sysdb_add_user(struct sss_domain_info *domain,
     struct sysdb_attrs *id_attrs;
     uint32_t id;
     int ret;
+    bool posix;
 
     if (domain->mpg) {
         if (gid != 0) {
@@ -1926,7 +1927,28 @@ int sysdb_add_user(struct sss_domain_info *domain,
         /* Not fatal */
     }
 
-    if (uid == 0) {
+    if (!attrs) {
+        attrs = sysdb_new_attrs(tmp_ctx);
+        if (!attrs) {
+            ret = ENOMEM;
+            goto done;
+        }
+    }
+
+    ret = sysdb_attrs_get_bool(attrs, SYSDB_POSIX, &posix);
+    if (ret == ENOENT) {
+        posix = true;
+        ret = sysdb_attrs_add_bool(attrs, SYSDB_POSIX, true);
+        if (ret) {
+            DEBUG(SSSDBG_TRACE_LIBS, "Failed to add posix attribute.\n");
+            goto done;
+        }
+    } else if (ret != EOK) {
+        DEBUG(SSSDBG_TRACE_LIBS, "Failed to get posix attribute.\n");
+        goto done;
+    }
+
+    if (uid == 0 && posix == true) {
         ret = sysdb_get_new_id(domain, &id);
         if (ret) goto done;
 
@@ -1948,14 +1970,6 @@ int sysdb_add_user(struct sss_domain_info *domain,
         if (ret) goto done;
     }
 
-    if (!attrs) {
-        attrs = sysdb_new_attrs(tmp_ctx);
-        if (!attrs) {
-            ret = ENOMEM;
-            goto done;
-        }
-    }
-
     if (!now) {
         now = time(NULL);
     }
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 1767dc3c734c6b2e5f74564debd603e2442f491b..6ec82ce4ca5c4f918bc9f3144c21f33b270ea47e 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -1428,6 +1428,59 @@ START_TEST (test_sysdb_get_user_attr_subdomain)
 }
 END_TEST
 
+START_TEST (test_sysdb_add_nonposix_user)
+{
+    struct sysdb_test_ctx *test_ctx;
+    const char *get_attrs[] = { SYSDB_GIDNUM,
+                                SYSDB_UIDNUM,
+                                SYSDB_POSIX,
+                                NULL };
+    struct ldb_result *res;
+    const char *attrval;
+    const char *username = "test_sysdb_add_nonposix_user";
+    const char *fq_name;
+    struct sysdb_attrs *user_attrs;
+    int ret;
+    uint64_t id;
+
+    /* Setup */
+    ret = setup_sysdb_tests(&test_ctx);
+    fail_if(ret != EOK, "Could not set up the test");
+
+    /* Create user */
+    fq_name = sss_create_internal_fqname(test_ctx, username, test_ctx->domain->name);
+    fail_if(fq_name == NULL, "Failed to create fq name.");
+
+    user_attrs = sysdb_new_attrs(test_ctx);
+    fail_if(user_attrs == NULL);
+
+    ret = sysdb_attrs_add_bool(user_attrs, SYSDB_POSIX, false);
+    fail_if(ret != EOK, "Could not add attribute");
+
+    ret = sysdb_add_user(test_ctx->domain, fq_name, 0, 0, "Gecos",
+                         "/home/userhome", "/bin/bash", NULL, user_attrs, 0, 0);
+    fail_if(ret != EOK, "sysdb_add_user failed.");
+
+    /* Test */
+    ret = sysdb_get_user_attr(test_ctx, test_ctx->domain, fq_name,
+                              get_attrs, &res);
+    fail_if(ret != EOK, "Could not get user attributes.");
+    fail_if(res->count != 1, "Invalid number of entries, expected 1, got %d",
+            res->count);
+
+    attrval = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_POSIX, NULL);
+    fail_if(strcasecmp(attrval, "false") != 0, "Got bad attribute value.");
+
+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 123);
+    fail_unless(id == 0, "Wrong UID value");
+
+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 123);
+    fail_unless(id == 0, "Wrong GID value");
+
+    talloc_free(test_ctx);
+}
+END_TEST
+
 START_TEST (test_sysdb_add_group_member)
 {
     struct sysdb_test_ctx *test_ctx;
@@ -7044,6 +7097,9 @@ Suite *create_sysdb_suite(void)
     /* Test GetUserAttr with subdomain user */
     tcase_add_test(tc_sysdb, test_sysdb_get_user_attr_subdomain);
 
+    /* Test adding a non-POSIX user */
+    tcase_add_test(tc_sysdb, test_sysdb_add_nonposix_user);
+
 /* ===== NETGROUP TESTS ===== */
 
     /* Create a new netgroup */
-- 
2.9.3