[Freeipa-devel] [PATCH] 798 Fix indirect member calculation
Rob Crittenden
rcritten at redhat.com
Tue Jun 14 13:46:55 UTC 2011
Endi Sukma Dewata wrote:
> On 6/13/2011 10:28 PM, Rob Crittenden wrote:
>> Endi Sukma Dewata wrote:
>>> NACK. If there's a circular membership the code will run into an
>>> infinite loop. Here's a test scenario:
>>>
>>> Group 1 has 2 members: group 2 and group 3.
>>> Group 2 is a member of group 3.
>>> Group 3 is a member of group 2.
>>> Run ipa group-show on group 1, the command doesn't return until it's
>>> killed.
>
>> I think the solution will be to deny creating circular groups.
>
> It might be possible to avoid infinite loop this way:
>
> for member in checkmembers:
>
> (result, truncated) = self.find_entries(...)
>
> for m in result[0][1].get('member', []):
>
> # make sure the member is only added once
> if m in checkmembers:
> continue
>
> checkmembers.append(m)
>
I came to the same conclusion but I did:
if m not in checkmembers:
checkmembers.append(m)
Updated patch attached
rob
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-rcrit-798-3-indirect.patch
Type: text/x-diff
Size: 18488 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20110614/0a5d17b2/attachment.bin>
More information about the Freeipa-devel
mailing list