sysdb interface for adding fake users

author: Jakub Hrozek <jhrozek@redhat.com> 2010-09-29 22:15:39 +0200
committer: Stephen Gallagher <sgallagh@redhat.com> 2010-10-15 09:03:07 -0400
commit: c1d525a90f06a9414d0788857b271b80625a5858 (patch)
tree: 82144584d74a7939e801a3fefdf9432c1afd10ad
parent: 3dd54ad87fd6a2bc8f646cd93be0329647e96f0e (diff)
download: sssd-c1d525a90f06a9414d0788857b271b80625a5858.tar.gz
sssd-c1d525a90f06a9414d0788857b271b80625a5858.tar.xz
sssd-c1d525a90f06a9414d0788857b271b80625a5858.zip
4 files changed, 70 insertions, 4 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 7db1a6ea4..a1baa20d9 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -465,6 +465,10 @@ int sysdb_add_user(TALLOC_CTX *mem_ctx,
                    struct sysdb_attrs *attrs,
                    int cache_timeout);
 
+int sysdb_add_fake_user(struct sysdb_ctx *ctx,
+                        struct sss_domain_info *domain,
+                        const char *name);
+
 /* Add group (only basic attrs and w/o checks) */
 int sysdb_add_basic_group(TALLOC_CTX *mem_ctx,
                           struct sysdb_ctx *ctx,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index f8e1fbd52..7ae22f7d1 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -916,6 +916,67 @@ done:
     return ret;
 }
 
+int sysdb_add_fake_user(struct sysdb_ctx *ctx,
+                        struct sss_domain_info *domain,
+                        const char *name)
+{
+    TALLOC_CTX *tmpctx;
+    struct ldb_message *msg;
+    time_t now;
+    int ret;
+
+    tmpctx = talloc_new(NULL);
+    if (!tmpctx) {
+        return ENOMEM;
+    }
+
+    msg = ldb_msg_new(tmpctx);
+    if (!msg) {
+        ERROR_OUT(ret, ENOMEM, done);
+    }
+
+    /* user dn */
+    msg->dn = sysdb_user_dn(ctx, msg, domain->name, name);
+    if (!msg->dn) {
+        ERROR_OUT(ret, ENOMEM, done);
+    }
+
+    ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_OBJECTCLASS, SYSDB_USER_CLASS);
+    if (ret) goto done;
+
+    ret = add_string(msg, LDB_FLAG_MOD_ADD, SYSDB_NAME, name);
+    if (ret) goto done;
+
+    now = time(NULL);
+
+    ret = add_ulong(msg, LDB_FLAG_MOD_ADD, SYSDB_CREATE_TIME,
+                    (unsigned long) now);
+    if (ret) goto done;
+
+    /* set last login so that the fake entry does not get cleaned up
+     * immediately */
+    ret = add_ulong(msg, LDB_FLAG_MOD_ADD, SYSDB_LAST_LOGIN,
+                    (unsigned long) now);
+    if (ret) return ret;
+
+    ret = add_ulong(msg, LDB_FLAG_MOD_ADD, SYSDB_LAST_UPDATE,
+                    (unsigned long) now);
+    if (ret) goto done;
+
+    ret = add_ulong(msg, LDB_FLAG_MOD_ADD, SYSDB_CACHE_EXPIRE,
+                    (unsigned long) now-1);
+    if (ret) goto done;
+
+    ret = ldb_add(ctx->ldb, msg);
+    ret = sysdb_error_to_errno(ret);
+
+done:
+    if (ret != EOK) {
+        DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret)));
+    }
+    talloc_zfree(tmpctx);
+    return ret;
+}
 
 /* =Add-Basic-Group-NO-CHECKS============================================= */
 
diff --git a/src/providers/ldap/ldap_id_cleanup.c b/src/providers/ldap/ldap_id_cleanup.c
index 60bc171cb..6357708a1 100644
--- a/src/providers/ldap/ldap_id_cleanup.c
+++ b/src/providers/ldap/ldap_id_cleanup.c
@@ -306,7 +306,8 @@ static int cleanup_users(TALLOC_CTX *memctx, struct sdap_id_ctx *ctx)
             ret = cleanup_users_logged_in(uid_table, msgs[i]);
             if (ret == EOK) {
                 /* If the user is logged in, proceed to the next one */
-                DEBUG(5, ("User %s is still logged in, keeping data\n", name));
+                DEBUG(5, ("User %s is still logged in or a dummy entry, "
+                          "keeping data\n", name));
                 continue;
             } else if (ret != ENOENT) {
                 goto done;
@@ -337,9 +338,9 @@ static int cleanup_users_logged_in(hash_table_t *table,
     uid = ldb_msg_find_attr_as_uint64(msg,
                                       SYSDB_UIDNUM, 0);
     if (!uid) {
-        DEBUG(2, ("Entry %s has no UID Attribute ?!?\n",
+        DEBUG(2, ("Entry %s has no UID Attribute, fake user perhaps?\n",
                   ldb_dn_get_linearized(msg->dn)));
-        return EFAULT;
+        return ENOENT;
     }
 
     key.type = HASH_KEY_ULONG;
diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c
index c82f891e1..e6437a621 100644
--- a/src/responder/nss/nsssrv_cmd.c
+++ b/src/responder/nss/nsssrv_cmd.c
@@ -209,7 +209,7 @@ static int fill_pwent(struct sss_packet *packet,
         gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GIDNUM, 0);
 
         if (!name || !uid || !gid) {
-            DEBUG(1, ("Incomplete user object for %s[%llu]! Skipping\n",
+            DEBUG(2, ("Incomplete or fake user object for %s[%llu]! Skipping\n",
                       name?name:"<NULL>", (unsigned long long int)uid));
             continue;
         }
author	Jakub Hrozek <jhrozek@redhat.com>	2010-09-29 22:15:39 +0200
committer	Stephen Gallagher <sgallagh@redhat.com>	2010-10-15 09:03:07 -0400
commit	c1d525a90f06a9414d0788857b271b80625a5858 (patch)
tree	82144584d74a7939e801a3fefdf9432c1afd10ad
parent	3dd54ad87fd6a2bc8f646cd93be0329647e96f0e (diff)
download	sssd-c1d525a90f06a9414d0788857b271b80625a5858.tar.gz sssd-c1d525a90f06a9414d0788857b271b80625a5858.tar.xz sssd-c1d525a90f06a9414d0788857b271b80625a5858.zip