diff options
author | Michal Zidek <mzidek@redhat.com> | 2015-01-30 15:48:04 +0100 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-11 10:30:09 +0100 |
commit | 804df4040eb142f82a44c019c7a55b5ce524583c (patch) | |
tree | 33676f11721eee458537071e4379fad9728ba74e | |
parent | 6ccda8691123bb27f5f2a88a0c80174af3e0fd0a (diff) | |
download | sssd-804df4040eb142f82a44c019c7a55b5ce524583c.tar.gz sssd-804df4040eb142f82a44c019c7a55b5ce524583c.tar.xz sssd-804df4040eb142f82a44c019c7a55b5ce524583c.zip |
Use FQDN if default domain was set
https://fedorahosted.org/sssd/ticket/2569
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
-rw-r--r-- | src/confdb/confdb.c | 37 | ||||
-rw-r--r-- | src/util/util_errors.c | 1 | ||||
-rw-r--r-- | src/util/util_errors.h | 1 |
3 files changed, 35 insertions, 4 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index dd93410cf..5aee1ee06 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -772,6 +772,8 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, const char *tmp; int ret, val; uint32_t entry_cache_timeout; + char *default_domain; + bool fqnames_default = false; tmp_ctx = talloc_new(mem_ctx); if (!tmp_ctx) return ENOMEM; @@ -907,11 +909,38 @@ static int confdb_get_domain_internal(struct confdb_ctx *cdb, DEBUG(SSSDBG_TRACE_FUNC, "No enumeration for [%s]!\n", domain->name); } + ret = confdb_get_string(cdb, tmp_ctx, CONFDB_MONITOR_CONF_ENTRY, + CONFDB_MONITOR_DEFAULT_DOMAIN, NULL, + &default_domain); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + "Cannnot get the default domain [%d]: %s\n", + ret, strerror(ret)); + goto done; + } + /* Determine if user/group names will be Fully Qualified * in NSS interfaces */ - ret = get_entry_as_bool(res->msgs[0], &domain->fqnames, CONFDB_DOMAIN_FQ, 0); - if(ret != EOK) { - DEBUG(SSSDBG_FATAL_FAILURE, "Invalid value for %s\n", CONFDB_DOMAIN_FQ); + if (default_domain != NULL) { + DEBUG(SSSDBG_CONF_SETTINGS, + "Default domain suffix set. Changing default for " + "use_fully_qualified_names to True.\n"); + fqnames_default = true; + } + + ret = get_entry_as_bool(res->msgs[0], &domain->fqnames, + CONFDB_DOMAIN_FQ, fqnames_default); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, "Invalid value for %s\n", + CONFDB_DOMAIN_FQ); + goto done; + } + + if (default_domain != NULL && domain->fqnames == false) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Invalid configuration detected (default_domain_suffix is used " + "while use_fully_qualified_names was set to false).\n"); + ret = ERR_INVALID_CONFIG; goto done; } @@ -1282,7 +1311,7 @@ int confdb_get_domains(struct confdb_ctx *cdb, if (ret) { DEBUG(SSSDBG_FATAL_FAILURE, "Error (%d [%s]) retrieving domain [%s], skipping!\n", - ret, strerror(ret), domlist[i]); + ret, sss_strerror(ret), domlist[i]); continue; } diff --git a/src/util/util_errors.c b/src/util/util_errors.c index bfae5cd18..27d9ecc4d 100644 --- a/src/util/util_errors.c +++ b/src/util/util_errors.c @@ -66,6 +66,7 @@ struct err_string error_to_str[] = { { "Error setting SELinux user context" }, /* ERR_SELINUX_CONTEXT */ { "Username format not allowed by re_expression" }, /* ERR_REGEX_NOMATCH */ { "Time specification not supported" }, /* ERR_TIMESPEC_NOT_SUPPORTED */ + { "Invalid SSSD configuration detected." }, /* ERR_INVALID_CONFIG */ }; diff --git a/src/util/util_errors.h b/src/util/util_errors.h index 069d4b78a..de0ed3558 100644 --- a/src/util/util_errors.h +++ b/src/util/util_errors.h @@ -91,6 +91,7 @@ enum sssd_errors { ERR_SELINUX_CONTEXT, ERR_REGEX_NOMATCH, ERR_TIMESPEC_NOT_SUPPORTED, + ERR_INVALID_CONFIG, ERR_LAST /* ALWAYS LAST */ }; |