55d04dd MEMBEROF: Implement delete operation for ghost users

Authored and Committed by jhrozek 7 years ago
    MEMBEROF: Implement delete operation for ghost users
    
    https://fedorahosted.org/sssd/ticket/1668
    
    The memberof plugin did only expand the ghost users attribute to
    parents when adding a nested group, but didn't implement the reverse
    operation.
    
    This bug resulted in users being reported as group members even
    after the direct parent went away as the expanded ghost attributes were
    never removed from the parent entry.
    
    When a ghost entry is removed from a group, all its parent groups are
    expired from the cache by setting the expire timestamp to 1. Doing so
    would force the SSSD to re-read the group next time it is requested in
    order to make sure its members are really up-to-date.
    
        
file modified
+256 -6
file modified
+106 -1