diff options
| author | Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com> | 2020-01-17 11:48:40 +0530 |
|---|---|---|
| committer | Tom Joseph <tomjoseph@in.ibm.com> | 2020-01-23 09:58:43 +0000 |
| commit | 489a4ed9dc200db52e4e4cf5600b0367a29155f8 (patch) | |
| tree | 8d8dbafc3354ac5727dc2980344ec7280815bdec /user_channel/user_mgmt.cpp | |
| parent | 0be80bdde8668f7990960bcdddaf3f1360eeadbb (diff) | |
| download | phosphor-host-ipmid-489a4ed9dc200db52e4e4cf5600b0367a29155f8.tar.gz phosphor-host-ipmid-489a4ed9dc200db52e4e4cf5600b0367a29155f8.zip | |
[Fix]: Check ipmi groups list before creating user
When phosphor-user-manager is started later than ipmid,
then ipmid misses to get the AvailableGroups list from
phosphor-user-manager. Further creation of user through ipmi
will end up creating user which doesn't belong to any group
at all. This fixes, by making sure, ipmi creates user only
if ipmi group is in available groups lists, and will do
re-query if it is empty.
Tested:
1. Verified the user creation behaviour with having dependency to
phosphor-user-manager and without.
2. Manually tested the following.
a. Stopped phosphor-user-manager & all ipmi
b. Started phosphor-host-ipmid
c. started phosphor-user-manager
d. using ipmitool user set name created user and verified that it
belongs to proper group as expected.
Change-Id: I5810babda0e70eb7b6bca577af2031da90dbb068
Signed-off-by: Richard Marian Thomaiyar <richard.marian.thomaiyar@linux.intel.com>
Diffstat (limited to 'user_channel/user_mgmt.cpp')
| -rw-r--r-- | user_channel/user_mgmt.cpp | 24 |
1 files changed, 24 insertions, 0 deletions
diff --git a/user_channel/user_mgmt.cpp b/user_channel/user_mgmt.cpp index a8d2219..add7ee2 100644 --- a/user_channel/user_mgmt.cpp +++ b/user_channel/user_mgmt.cpp @@ -945,6 +945,26 @@ ipmi_ret_t UserAccess::getUserName(const uint8_t userId, std::string& userName) return IPMI_CC_OK; } +bool UserAccess::isIpmiInAvailableGroupList() +{ + if (std::find(availableGroups.begin(), availableGroups.end(), + ipmiGrpName) != availableGroups.end()) + { + return true; + } + if (availableGroups.empty()) + { + // available groups shouldn't be empty, re-query + getSystemPrivAndGroups(); + if (std::find(availableGroups.begin(), availableGroups.end(), + ipmiGrpName) != availableGroups.end()) + { + return true; + } + } + return false; +} + ipmi_ret_t UserAccess::setUserName(const uint8_t userId, const char* userNameInChar) { @@ -990,6 +1010,10 @@ ipmi_ret_t UserAccess::setUserName(const uint8_t userId, { try { + if (!isIpmiInAvailableGroupList()) + { + return IPMI_CC_UNSPECIFIED_ERROR; + } // Create new user auto method = bus.new_method_call( getUserServiceName().c_str(), userMgrObjBasePath, |
