File improved-handling-of-ldap-group-id.patch of Package salt.10036
From f9c162e760b12c1df63bc1e315b9e92db923499c Mon Sep 17 00:00:00 2001
From: Raine Curtis <rcurtis@suse.com>
Date: Mon, 9 Jul 2018 09:55:30 -0600
Subject: [PATCH] Improved handling of LDAP group id
gid is casted to int, which should be the case. Otherwise an error
is returned.
---
salt/states/group.py | 11 +++++++++--
1 file changed, 9 insertions(+), 2 deletions(-)
diff --git a/salt/states/group.py b/salt/states/group.py
index 6a720757e8..acf775134c 100644
--- a/salt/states/group.py
+++ b/salt/states/group.py
@@ -72,9 +72,16 @@ def _changes(name,
delusers = [salt.utils.win_functions.get_sam_name(user).lower() for user in delusers]
change = {}
+ ret = {}
if gid:
- if lgrp['gid'] != gid:
- change['gid'] = gid
+ try:
+ gid = int(gid)
+ if lgrp['gid'] != gid:
+ change['gid'] = gid
+ except (TypeError, ValueError):
+ ret['result'] = False
+ ret['comment'] = 'Invalid gid'
+ return ret
if members:
# -- if new member list if different than the current
--
2.19.1