From ea8a4436b66877bbae1a73d11917ecdb3bf72718 Mon Sep 17 00:00:00 2001

From: Jakub Hrozek <jhrozek@redhat.com>

Date: Wed, 22 Mar 2017 13:00:31 +0100

Subject: [PATCH 68/72] SYSDB: Allow storing non-POSIX users

Related to:

https://pagure.io/SSSD/sssd/issue/3310

We already do the same for groups. If the user does not have UID number

set but does have the POSIX: false attribute set, then we save the user

with zero UID and the non-POSIX flag.

Reviewed-by: Sumit Bose <sbose@redhat.com>

---

 src/db/sysdb_ops.c      | 32 ++++++++++++++++++++--------

 src/tests/sysdb-tests.c | 56 +++++++++++++++++++++++++++++++++++++++++++++++++

 2 files changed, 79 insertions(+), 9 deletions(-)

diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c

index 919f22370ff87eff2bf0bb569ca90f1ee699a61e..3cf9d903f25b9ccd506d7957c94040bdc7d658a3 100644

--- a/src/db/sysdb_ops.c

+++ b/src/db/sysdb_ops.c

@@ -1855,6 +1855,7 @@ int sysdb_add_user(struct sss_domain_info *domain,

     struct sysdb_attrs *id_attrs;

     uint32_t id;

     int ret;

+    bool posix;

     if (domain->mpg) {

         if (gid != 0) {

@@ -1926,7 +1927,28 @@ int sysdb_add_user(struct sss_domain_info *domain,

         /* Not fatal */

     }

-    if (uid == 0) {

+    if (!attrs) {

+        attrs = sysdb_new_attrs(tmp_ctx);

+        if (!attrs) {

+            ret = ENOMEM;

+            goto done;

+        }

+    }

+

+    ret = sysdb_attrs_get_bool(attrs, SYSDB_POSIX, &posix);

+    if (ret == ENOENT) {

+        posix = true;

+        ret = sysdb_attrs_add_bool(attrs, SYSDB_POSIX, true);

+        if (ret) {

+            DEBUG(SSSDBG_TRACE_LIBS, "Failed to add posix attribute.\n");

+            goto done;

+        }

+    } else if (ret != EOK) {

+        DEBUG(SSSDBG_TRACE_LIBS, "Failed to get posix attribute.\n");

+        goto done;

+    }

+

+    if (uid == 0 && posix == true) {

         ret = sysdb_get_new_id(domain, &id;;

         if (ret) goto done;

@@ -1948,14 +1970,6 @@ int sysdb_add_user(struct sss_domain_info *domain,

         if (ret) goto done;

     }

-    if (!attrs) {

-        attrs = sysdb_new_attrs(tmp_ctx);

-        if (!attrs) {

-            ret = ENOMEM;

-            goto done;

-        }

-    }

-

     if (!now) {

         now = time(NULL);

     }

diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c

index 1767dc3c734c6b2e5f74564debd603e2442f491b..6ec82ce4ca5c4f918bc9f3144c21f33b270ea47e 100644

--- a/src/tests/sysdb-tests.c

+++ b/src/tests/sysdb-tests.c

@@ -1428,6 +1428,59 @@ START_TEST (test_sysdb_get_user_attr_subdomain)

 }

 END_TEST

+START_TEST (test_sysdb_add_nonposix_user)

+{

+    struct sysdb_test_ctx *test_ctx;

+    const char *get_attrs[] = { SYSDB_GIDNUM,

+                                SYSDB_UIDNUM,

+                                SYSDB_POSIX,

+                                NULL };

+    struct ldb_result *res;

+    const char *attrval;

+    const char *username = "test_sysdb_add_nonposix_user";

+    const char *fq_name;

+    struct sysdb_attrs *user_attrs;

+    int ret;

+    uint64_t id;

+

+    /* Setup */

+    ret = setup_sysdb_tests(&test_ctx);

+    fail_if(ret != EOK, "Could not set up the test");

+

+    /* Create user */

+    fq_name = sss_create_internal_fqname(test_ctx, username, test_ctx->domain->name);

+    fail_if(fq_name == NULL, "Failed to create fq name.");

+

+    user_attrs = sysdb_new_attrs(test_ctx);

+    fail_if(user_attrs == NULL);

+

+    ret = sysdb_attrs_add_bool(user_attrs, SYSDB_POSIX, false);

+    fail_if(ret != EOK, "Could not add attribute");

+

+    ret = sysdb_add_user(test_ctx->domain, fq_name, 0, 0, "Gecos",

+                         "/home/userhome", "/bin/bash", NULL, user_attrs, 0, 0);

+    fail_if(ret != EOK, "sysdb_add_user failed.");

+

+    /* Test */

+    ret = sysdb_get_user_attr(test_ctx, test_ctx->domain, fq_name,

+                              get_attrs, &res;;

+    fail_if(ret != EOK, "Could not get user attributes.");

+    fail_if(res->count != 1, "Invalid number of entries, expected 1, got %d",

+            res->count);

+

+    attrval = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_POSIX, NULL);

+    fail_if(strcasecmp(attrval, "false") != 0, "Got bad attribute value.");

+

+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 123);

+    fail_unless(id == 0, "Wrong UID value");

+

+    id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 123);

+    fail_unless(id == 0, "Wrong GID value");

+

+    talloc_free(test_ctx);

+}

+END_TEST

+

 START_TEST (test_sysdb_add_group_member)

 {

     struct sysdb_test_ctx *test_ctx;

@@ -7044,6 +7097,9 @@ Suite *create_sysdb_suite(void)

     /* Test GetUserAttr with subdomain user */

     tcase_add_test(tc_sysdb, test_sysdb_get_user_attr_subdomain);

+    /* Test adding a non-POSIX user */

+    tcase_add_test(tc_sysdb, test_sysdb_add_nonposix_user);

+

 /* ===== NETGROUP TESTS ===== */

     /* Create a new netgroup */

-- 

2.9.3