diff options
| author | Pavel Reichl <preichl@redhat.com> | 2015-08-28 08:06:18 -0400 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-09-01 11:26:26 +0200 |
| commit | bfa5e3869bb68213f08169efe55c45cb625e8fd0 (patch) | |
| tree | 404147c8c6084e14bb3ed301c286da775ed9c75b | |
| parent | 9118a539a5d59f669f551114f880fe91d6bb8741 (diff) | |
| download | sssd-bfa5e3869bb68213f08169efe55c45cb625e8fd0.tar.gz sssd-bfa5e3869bb68213f08169efe55c45cb625e8fd0.tar.xz sssd-bfa5e3869bb68213f08169efe55c45cb625e8fd0.zip | |
AD: send less logs to syslog
Create new callback that handles logging messages in cyrus sasl library.
Resolves:
https://fedorahosted.org/sssd/ticket/2561
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
| -rw-r--r-- | src/providers/ad/ad_init.c | 42 |
1 files changed, 42 insertions, 0 deletions
diff --git a/src/providers/ad/ad_init.c b/src/providers/ad/ad_init.c index 3d12f382c..5f30b6ea8 100644 --- a/src/providers/ad/ad_init.c +++ b/src/providers/ad/ad_init.c @@ -91,8 +91,50 @@ static int ad_sasl_getopt(void *context, const char *plugin_name, typedef int (*sss_sasl_gen_cb_fn)(void); +static int map_sasl2sssd_log_level(int sasl_level) +{ + int sssd_level; + + switch(sasl_level) { + case SASL_LOG_ERR: /* log unusual errors (default) */ + sssd_level = SSSDBG_CRIT_FAILURE; + break; + case SASL_LOG_FAIL: /* log all authentication failures */ + sssd_level = SSSDBG_OP_FAILURE; + break; + case SASL_LOG_WARN: /* log non-fatal warnings */ + sssd_level = SSSDBG_MINOR_FAILURE; + break; + case SASL_LOG_NOTE: /* more verbose than LOG_WARN */ + case SASL_LOG_DEBUG: /* more verbose than LOG_NOTE */ + case SASL_LOG_TRACE: /* traces of internal protocols */ + case SASL_LOG_PASS: /* traces of internal protocols, including */ + sssd_level = SSSDBG_TRACE_ALL; + break; + default: + sssd_level = SSSDBG_TRACE_ALL; + break; + } + + return sssd_level; +} + +int ad_sasl_log(void *context, int level, const char *message) +{ + int sssd_level; + + if (level == SASL_LOG_ERR || level == SASL_LOG_FAIL) { + sss_log(SSS_LOG_ERR, "%s\n", message); + } + + sssd_level = map_sasl2sssd_log_level(level); + DEBUG(sssd_level, "SASL: %s\n", message); + return SASL_OK; +} + static const sasl_callback_t ad_sasl_callbacks[] = { { SASL_CB_GETOPT, (sss_sasl_gen_cb_fn)ad_sasl_getopt, NULL }, + { SASL_CB_LOG, (sss_sasl_gen_cb_fn)ad_sasl_log, NULL }, { SASL_CB_LIST_END, NULL, NULL } }; /* This is quite a hack, we *try* to fool openldap libraries by initializing |