diff options
author | Sumit Bose <sbose@redhat.com> | 2013-04-19 17:44:06 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-05-02 19:33:56 +0200 |
commit | 1e72a17f6527d47968032fc928f489dad10705ea (patch) | |
tree | 119fae33a671731eb6b5aed0bf64f39f55d553ce /src/db/sysdb_ops.c | |
parent | 498dcbdfdfffa1aee65d53e83c7eafd5e3b084a5 (diff) | |
download | sssd-1e72a17f6527d47968032fc928f489dad10705ea.tar.gz sssd-1e72a17f6527d47968032fc928f489dad10705ea.tar.xz sssd-1e72a17f6527d47968032fc928f489dad10705ea.zip |
sysdb: add sysdb_search_object_by_sid()
The patch add a new sysdb to find objects based on their SID. Currently
only the basic attributes needed to map SIDs to POSIX IDs and names are
requested, but this list can be extended for future use cases.
Diffstat (limited to 'src/db/sysdb_ops.c')
-rw-r--r-- | src/db/sysdb_ops.c | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 45a7265c9..710a23b09 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -3174,3 +3174,57 @@ done: talloc_free(msg); return ret; } + +errno_t sysdb_search_object_by_sid(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *sid_str, + const char **attrs, + struct ldb_result **msg) +{ + TALLOC_CTX *tmp_ctx; + const char *def_attrs[] = { SYSDB_NAME, SYSDB_UIDNUM, SYSDB_GIDNUM, + SYSDB_OBJECTCLASS, NULL }; + struct ldb_dn *basedn; + int ret; + struct ldb_result *res = NULL; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_DOM_BASE, domain->name); + if (basedn == NULL) { + DEBUG(SSSDBG_OP_FAILURE, ("ldb_dn_new_fmt failed.\n")); + ret = ENOMEM; + goto done; + } + + ret = ldb_search(sysdb->ldb, tmp_ctx, &res, + basedn, LDB_SCOPE_SUBTREE, attrs?attrs:def_attrs, + SYSDB_SID_FILTER, sid_str); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("ldb_search failed.\n")); + goto done; + } + + if (res->count > 1) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Search for SID [%s] returned more than " \ + "one object.\n", sid_str)); + ret = EINVAL; + goto done; + } + + *msg = talloc_steal(mem_ctx, res); + +done: + if (ret == ENOENT) { + DEBUG(SSSDBG_TRACE_FUNC, ("No such entry.\n")); + } else if (ret) { + DEBUG(SSSDBG_TRACE_FUNC, ("Error: %d (%s)\n", ret, strerror(ret))); + } + + talloc_zfree(tmp_ctx); + return ret; +} |