SUDO: Don't save duplicates when saving qualified names
The sudoUser attribute which is part of the sudo rule can contain any
name that sudo can parse on the LDAP side. Internally, however, the
attribute is always qualified with the name of the SSSD domain.
This patch makes sure that if two or more sudoUser attributes contain
the same name in both qualified and an unqualified form, the rule is
actually saved. Previously, the rule would have failed to be saved and
the sysdb sudo code would have errored out with EEXIST.
Resolves:
https://pagure.io/SSSD/sssd/issue/3596
Reviewed-by: Pavel Březina <pbrezina@redhat.com>