isa/sudo
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

When adding gids to the LDAP filter, only add the primary gid once.

Browse Source 
This is consistent with the space computation/allocation.
From Eric Lakin
This commit is contained in:
Todd C. Miller
2012-02-24 15:17:48 -05:00
parent 5a941fb41c
commit 4f9da8fdaa
1 changed files with 2 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
plugins/sudoers/ldap.c
View File

@@ -1166,6 +1166,8 @@ sudo_ldap_build_pass1(struct passwd *pw)
(void) strlcat(buf, ")", sz); (void) strlcat(buf, ")", sz);
} }
for (i = 0; i < grlist->ngids; i++) { for (i = 0; i < grlist->ngids; i++) {
if (pw->pw_gid == grlist->gids[i])
continue;
(void) snprintf(gidbuf, sizeof(gidbuf), "%u", (void) snprintf(gidbuf, sizeof(gidbuf), "%u",
(unsigned int)grlist->gids[i]); (unsigned int)grlist->gids[i]);
(void) strlcat(buf, "(sudoUser=%#", sz); (void) strlcat(buf, "(sudoUser=%#", sz);