Skip to content

Lookup groups using group->gr_mem even if getgrouplist() failed #5613

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
manu0401 wants to merge 1 commit into from
Closed

Lookup groups using group->gr_mem even if getgrouplist() failed #5613

manu0401 wants to merge 1 commit into from

Conversation

@manu0401
Copy link

@manu0401 manu0401 commented Jul 16, 2019

getgrouplist() iterate on each group, searching if the user
is included, while group->gr_mem iterated on user list for
the target group. In some case the former method can miss
the result while the later will succeed. This is the case
for OpenLDAP dyngroup, where the group members are automatically
generated on group search. Searching by group member gives no
result, while searching the member of a given groups is fine.

@manu0401
Lookup groups using group->gr_mem even if getgrouplist() failed
d8fc30f 
getgrouplist() iterate on each group, searching if the user
is included, while group->gr_mem iterated on user list for
the target group. In some case the former method can miss
the result while the later will succeed. This is the case
for OpenLDAP dyngroup, where the group members are automatically
generated on group search. Searching by group member gives no
result, while searching the member of a given groups is fine.
@michaelrsweet
Copy link
Collaborator

michaelrsweet commented Jul 16, 2019

Will consider this, although I am definitely not super happy about the inconsistency...

@michaelrsweet michaelrsweet added this to the CUPS 2.2.x Updates milestone Jul 16, 2019
@michaelrsweet michaelrsweet self-assigned this Jul 16, 2019
michaelrsweet added a commit that referenced this pull request Jul 16, 2019
@michaelrsweet
Always check the group membership list (Issue #5613)
3c27d2a
michaelrsweet added a commit that referenced this pull request Jul 16, 2019
@michaelrsweet
Always check the group membership list (Issue #5613)
666d076
@michaelrsweet
Copy link
Collaborator

michaelrsweet commented Jul 16, 2019

I reworked this change to move the membership list check up front, followed by the getgrouplist check. We already have the list of usernames that are members, so this made more sense than checking after the (semi-expensive) getgrouplist check.

[master 3c27d2a] Always check the group membership list (Issue #5613)

[branch-2.2 666d076] Always check the group membership list (Issue #5613)

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

@michaelrsweet michaelrsweet

Labels

priority-medium

Projects

None yet

Milestone

CUPS 2.2.x Updates

Development

Successfully merging this pull request may close these issues.

2 participants

@manu0401 @michaelrsweet