Attention is currently required from: Frank Filz.

Lior Suliman would like Frank Filz to review this change.

View Change

Fix getgrouplist return value handling for NSS and SSSD

The issue: getgrouplist() (NSS) and sss_nss_getgrouplist_timeout() (SSSD)
have different return value semantics:
- NSS: returns -1 on buffer too small, or >=0 (number of groups) on success
- SSSD: returns 0 on success, ERANGE on buffer too small, or errno on error

This caused problems because SSSD's positive errno values (ERANGE=34,
ETIMEDOUT=110) overlap with NSS's success values (number of groups).

Solution: Normalize return values in pwnam_wrappers__getgrouplist():
- NSS: Convert >=0 (success) to 0
- SSSD: Convert ERANGE (buffer too small) to -1
- Result: -1 (retry), 0 (success), >0 (error)

Update my_getgrouplist_alloc() to handle normalized values:
- ret == -1 and errno ERANGE: Buffer too small, retry with correct size
- ret == -1: Failure
- ret >= 0: Success, continue

Change-Id: I1ef2944172054e5051305049fe33192724ea7e51
Signed-off-by: Lior Suliman <liorsu@gmail.com>
---
M src/idmapper/pwnam_wrappers.c
M src/idmapper/sss_nss_idmap.c
M src/support/uid2grp.c
3 files changed, 72 insertions(+), 28 deletions(-)

git pull ssh://review.gerrithub.io:29418/ffilz/nfs-ganesha refs/changes/95/1236495/1

To view, visit change 1236495. To unsubscribe, or for help writing mail filters, visit settings.

Gerrit-MessageType: newchange
Gerrit-Project: ffilz/nfs-ganesha
Gerrit-Branch: next
Gerrit-Change-Id: I1ef2944172054e5051305049fe33192724ea7e51
Gerrit-Change-Number: 1236495
Gerrit-PatchSet: 1
Gerrit-Owner: Lior Suliman <liorsu@google.com>
Gerrit-Reviewer: Frank Filz <ffilzlnx@mindspring.com>
Gerrit-Attention: Frank Filz <ffilzlnx@mindspring.com>