From 5f7f249f2a8a1c7284e991aa64dbf850d482b0aa Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Mar 30 2017 12:09:57 +0000 Subject: SYSDB: Allow storing non-POSIX users Related to: https://pagure.io/SSSD/sssd/issue/3310 We already do the same for groups. If the user does not have UID number set but does have the POSIX: false attribute set, then we save the user with zero UID and the non-POSIX flag. Reviewed-by: Sumit Bose --- diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 919f223..3cf9d90 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -1855,6 +1855,7 @@ int sysdb_add_user(struct sss_domain_info *domain, struct sysdb_attrs *id_attrs; uint32_t id; int ret; + bool posix; if (domain->mpg) { if (gid != 0) { @@ -1926,7 +1927,28 @@ int sysdb_add_user(struct sss_domain_info *domain, /* Not fatal */ } - if (uid == 0) { + if (!attrs) { + attrs = sysdb_new_attrs(tmp_ctx); + if (!attrs) { + ret = ENOMEM; + goto done; + } + } + + ret = sysdb_attrs_get_bool(attrs, SYSDB_POSIX, &posix); + if (ret == ENOENT) { + posix = true; + ret = sysdb_attrs_add_bool(attrs, SYSDB_POSIX, true); + if (ret) { + DEBUG(SSSDBG_TRACE_LIBS, "Failed to add posix attribute.\n"); + goto done; + } + } else if (ret != EOK) { + DEBUG(SSSDBG_TRACE_LIBS, "Failed to get posix attribute.\n"); + goto done; + } + + if (uid == 0 && posix == true) { ret = sysdb_get_new_id(domain, &id); if (ret) goto done; @@ -1948,14 +1970,6 @@ int sysdb_add_user(struct sss_domain_info *domain, if (ret) goto done; } - if (!attrs) { - attrs = sysdb_new_attrs(tmp_ctx); - if (!attrs) { - ret = ENOMEM; - goto done; - } - } - if (!now) { now = time(NULL); } diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 1767dc3..6ec82ce 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -1428,6 +1428,59 @@ START_TEST (test_sysdb_get_user_attr_subdomain) } END_TEST +START_TEST (test_sysdb_add_nonposix_user) +{ + struct sysdb_test_ctx *test_ctx; + const char *get_attrs[] = { SYSDB_GIDNUM, + SYSDB_UIDNUM, + SYSDB_POSIX, + NULL }; + struct ldb_result *res; + const char *attrval; + const char *username = "test_sysdb_add_nonposix_user"; + const char *fq_name; + struct sysdb_attrs *user_attrs; + int ret; + uint64_t id; + + /* Setup */ + ret = setup_sysdb_tests(&test_ctx); + fail_if(ret != EOK, "Could not set up the test"); + + /* Create user */ + fq_name = sss_create_internal_fqname(test_ctx, username, test_ctx->domain->name); + fail_if(fq_name == NULL, "Failed to create fq name."); + + user_attrs = sysdb_new_attrs(test_ctx); + fail_if(user_attrs == NULL); + + ret = sysdb_attrs_add_bool(user_attrs, SYSDB_POSIX, false); + fail_if(ret != EOK, "Could not add attribute"); + + ret = sysdb_add_user(test_ctx->domain, fq_name, 0, 0, "Gecos", + "/home/userhome", "/bin/bash", NULL, user_attrs, 0, 0); + fail_if(ret != EOK, "sysdb_add_user failed."); + + /* Test */ + ret = sysdb_get_user_attr(test_ctx, test_ctx->domain, fq_name, + get_attrs, &res); + fail_if(ret != EOK, "Could not get user attributes."); + fail_if(res->count != 1, "Invalid number of entries, expected 1, got %d", + res->count); + + attrval = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_POSIX, NULL); + fail_if(strcasecmp(attrval, "false") != 0, "Got bad attribute value."); + + id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_UIDNUM, 123); + fail_unless(id == 0, "Wrong UID value"); + + id = ldb_msg_find_attr_as_uint64(res->msgs[0], SYSDB_GIDNUM, 123); + fail_unless(id == 0, "Wrong GID value"); + + talloc_free(test_ctx); +} +END_TEST + START_TEST (test_sysdb_add_group_member) { struct sysdb_test_ctx *test_ctx; @@ -7044,6 +7097,9 @@ Suite *create_sysdb_suite(void) /* Test GetUserAttr with subdomain user */ tcase_add_test(tc_sysdb, test_sysdb_get_user_attr_subdomain); + /* Test adding a non-POSIX user */ + tcase_add_test(tc_sysdb, test_sysdb_add_nonposix_user); + /* ===== NETGROUP TESTS ===== */ /* Create a new netgroup */