Bug 232377
| Summary: | PAM passthru ENTRY method not working | ||||||||
|---|---|---|---|---|---|---|---|---|---|
| Product: | [Retired] 389 | Reporter: | Rich Megginson <rmeggins> | ||||||
| Component: | Server - Plugins | Assignee: | Rich Megginson <rmeggins> | ||||||
| Status: | CLOSED CURRENTRELEASE | QA Contact: | Viktor Ashirov <vashirov> | ||||||
| Severity: | medium | Docs Contact: | |||||||
| Priority: | medium | ||||||||
| Version: | 1.0.4 | CC: | amsharma | ||||||
| Target Milestone: | --- | ||||||||
| Target Release: | --- | ||||||||
| Hardware: | All | ||||||||
| OS: | Linux | ||||||||
| Whiteboard: | |||||||||
| Fixed In Version: | Doc Type: | Bug Fix | |||||||
| Doc Text: | Story Points: | --- | |||||||
| Clone Of: | Environment: | ||||||||
| Last Closed: | 2015-12-07 16:55:19 UTC | Type: | --- | ||||||
| Regression: | --- | Mount Type: | --- | ||||||
| Documentation: | --- | CRM: | |||||||
| Verified Versions: | Category: | --- | |||||||
| oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
| Cloudforms Team: | --- | Target Upstream Version: | |||||||
| Embargoed: | |||||||||
| Bug Depends On: | |||||||||
| Bug Blocks: | 427409 | ||||||||
| Attachments: |
|
||||||||
|
Description
Rich Megginson
2007-03-15 02:24:56 UTC
Created attachment 150138 [details]
diffs
Looks good to me. Created attachment 150148 [details]
cvs commit log
Reviewed by: prowley (Thanks!)
Files: see diff
Branch: HEAD
Fix Description: There are several problems.
1) For the ENTRY method to perform the internal search to get the entry for the
bind DN, it must have a component ID (aka plugin identity). The code was
already there to get/set it, but it was never initialized in the init function.
2) You cannot mix slapi_sdn_new* with slapi_sdn_init* - slapi_sdn_init will
erase the knowledge that the Slapi_DN was allocated with malloc and it will not
free it in slapi_sdn_free().
3) People may assume they can specify a subtree (e.g.
ou=people,dc=example,dc=com) instead of a suffix for the list of
included/excluded suffixes. The error message will not print a list of valid
suffixes for the admin to use.
4) slapi_be_exist was failing because the database does not notify the mapping
tree code that the backend is started during startup. This works fine under
normal conditions because most all of the code in mapping_tree.c will lookup
the backend if the mtn_be pointer in the mapping tree node is NULL. However,
slapi_be_exist and slapi_be_select do not do this. The proper solution is to
call slapi_mtn_be_started() at database startup time. This is the same thing
that happens when a backend is added at runtime.
Platforms tested: FC6
Flag Day: no
Doc impact: no
PAM passthrough startup Tests PASS : 100% (13/13) PAM passthrough run Tests PASS : 100% (9/9) PAM passthrough cleanup Tests PASS : 100% (5/5) hence marking Verified -sanity only. |