[Freeipa-devel] [PATCH] Don't segfault on adding user outside domains
Stephen Gallagher
sgallagh at redhat.com
Tue May 26 11:44:08 UTC 2009
On 05/25/2009 08:35 AM, Jakub Hrozek wrote:
> Found this when working on tools testsuite..
>
> If the user enters UID outside any domain ranges, we invoke the legacy
> tools. But that was broken since the code read on domain->xxx even in
> this case, when domain == NULL. Fix attached.
>
> Jakub
>
>
> ------------------------------------------------------------------------
>
> _______________________________________________
> Freeipa-devel mailing list
> Freeipa-devel at redhat.com
> https://www.redhat.com/mailman/listinfo/freeipa-devel
Nack.
The only way to enter the useradd_legacy() function is for the domain to
be NULL. There will never be a case where the USERADD_UID_MIN/MAX will
be used. I think we need to rethink how to generate that portion of the
parameter, because we want to ensure that the legacy useradd doesn't
step on the toes of one of our domains.
Perhaps try creating local users where the USERADD_UID_MAX is the value
of the lowest supported domain, except where this is impossible (we have
a domain handling UID 1), in which case we set the USERADD_UID_MIN to
the highest max domain range. If this is also impossible (such as having
a domain with no maximum), then exit out and instruct the user to
specify the uid and gid manually because no automatic value could be
determined.
--
Stephen Gallagher
RHCE 804006346421761
Looking to carve out IT costs?
www.redhat.com/carveoutcosts/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3258 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20090526/b40bc193/attachment.p7s>
More information about the Freeipa-devel
mailing list