When building up a query don't list groups in the aux group vector

author Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)

committer Todd C. Miller <Todd.Miller@courtesan.com>

Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)
author Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)
committer Todd C. Miller <Todd.Miller@courtesan.com>
Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)
diff --git a/ldap.c b/ldap.c

index 530ff92c532b2274a7e39ac21cc18b589420e290..f36bd7850cb0ee3a05d190f61be0d2e79cd3785e 100644 (file)
--- a/ldap.c
+++ b/ldap.c
@@ -578,6 +578,8 @@ sudo_ldap_build_pass1(pw)
      if ((grp = sudo_getgrgid(pw->pw_gid)) != NULL)
         sz += 12 + strlen(grp->gr_name);        /* primary group */
      for (i = 0; i < user_ngroups; i++) {
+       if (user_groups[i] == pw->pw_gid)
+           continue;
         if ((grp = sudo_getgrgid(user_groups[i])) != NULL)
             sz += 12 + strlen(grp->gr_name);    /* supplementary group */
      }
@@ -597,6 +599,8 @@ sudo_ldap_build_pass1(pw)
  
      /* Append supplementary groups */
      for (i = 0; i < user_ngroups; i++) {
+       if (user_groups[i] == pw->pw_gid)
+           continue;
         if ((grp = sudo_getgrgid(user_groups[i])) != NULL) {
             (void) strlcat(buf, "(sudoUser=%", sz);
             (void) strlcat(buf, grp->gr_name, sz);
author	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)
committer	Todd C. Miller <Todd.Miller@courtesan.com>
	Tue, 1 Jan 2008 21:25:23 +0000 (21:25 +0000)