summaryrefslogtreecommitdiffstats
path: root/src/db
diff options
context:
space:
mode:
authorOndrej Kos <okos@redhat.com>2013-08-21 15:17:00 +0200
committerJakub Hrozek <jhrozek@redhat.com>2013-09-10 14:01:24 +0200
commitabc398cba9d11d3da047636992ec14c2d4535161 (patch)
tree32ce79553243a5842551afd14d6598f08d51b8cd /src/db
parent7d8255cf8f10627248bdf554952d13eee1b3317d (diff)
downloadsssd-abc398cba9d11d3da047636992ec14c2d4535161.tar.gz
sssd-abc398cba9d11d3da047636992ec14c2d4535161.tar.xz
sssd-abc398cba9d11d3da047636992ec14c2d4535161.zip
DB: Add user/group lookup by SID
Diffstat (limited to 'src/db')
-rw-r--r--src/db/sysdb.h20
-rw-r--r--src/db/sysdb_ops.c86
2 files changed, 102 insertions, 4 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index c352f8983..b95946647 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -144,10 +144,12 @@
#define SYSDB_PWNAM_FILTER "(&("SYSDB_UC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_PWUID_FILTER "(&("SYSDB_UC")("SYSDB_UIDNUM"=%lu))"
+#define SYSDB_PWSID_FILTER "(&("SYSDB_UC")("SYSDB_SID_STR"=%s))"
#define SYSDB_PWENT_FILTER "("SYSDB_UC")"
#define SYSDB_GRNAM_FILTER "(&("SYSDB_GC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_GRGID_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=%lu))"
+#define SYSDB_GRSID_FILTER "(&("SYSDB_GC")("SYSDB_SID_STR"=%s))"
#define SYSDB_GRENT_FILTER "("SYSDB_GC")"
#define SYSDB_GRNAM_MPG_FILTER "(&("SYSDB_MPGC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
#define SYSDB_GRGID_MPG_FILTER "(&("SYSDB_MPGC")("SYSDB_GIDNUM"=%lu))"
@@ -506,7 +508,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx,
size_t *msgs_count,
struct ldb_message ***msgs);
-/* Search User (by uid or name) */
+/* Search User (by uid, sid or name) */
int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
@@ -521,7 +523,14 @@ int sysdb_search_user_by_uid(TALLOC_CTX *mem_ctx,
const char **attrs,
struct ldb_message **msg);
-/* Search Group (by gid or name) */
+int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg);
+
+/* Search Group (by gid, sid or name) */
int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
@@ -536,6 +545,13 @@ int sysdb_search_group_by_gid(TALLOC_CTX *mem_ctx,
const char **attrs,
struct ldb_message **msg);
+int sysdb_search_group_by_sid_str(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg);
+
/* Search Netgroup (by name) */
int sysdb_search_netgroup_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 75d86b585..a07302260 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -233,8 +233,64 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx,
return EOK;
}
+/* =Search-Entry-by-SID-string============================================ */
-/* =Search-User-by-[UID/NAME]============================================= */
+int sysdb_search_entry_by_sid_str(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *search_base,
+ const char *filter_str,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg)
+{
+ TALLOC_CTX *tmp_ctx;
+ const char *def_attrs[] = { SYSDB_NAME, SYSDB_SID_STR, NULL };
+ struct ldb_message **msgs = NULL;
+ struct ldb_dn *basedn;
+ size_t msgs_count = 0;
+ char *filter;
+ int ret;
+
+ tmp_ctx = talloc_new(NULL);
+ if (!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
+ search_base, domain->name);
+ if (!basedn) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ filter = talloc_asprintf(tmp_ctx, filter_str, sid_str);
+ if (!filter) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = sysdb_search_entry(tmp_ctx, sysdb, basedn, LDB_SCOPE_SUBTREE, filter,
+ attrs?attrs:def_attrs, &msgs_count, &msgs);
+ if (ret) {
+ goto done;
+ }
+
+ *msg = talloc_steal(mem_ctx, msgs[0]);
+
+done:
+ if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_FUNC, ("No such entry\n"));
+ }
+ else if (ret) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Error: %d (%s)\n", ret, strerror(ret)));
+ }
+
+ talloc_zfree(tmp_ctx);
+ return ret;
+}
+
+/* =Search-User-by-[UID/SID/NAME]============================================= */
int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
@@ -352,8 +408,21 @@ done:
return ret;
}
+int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg)
+{
+
+ return sysdb_search_entry_by_sid_str(mem_ctx, sysdb, domain,
+ SYSDB_TMPL_USER_BASE,
+ SYSDB_PWSID_FILTER,
+ sid_str, attrs, msg);
+}
-/* =Search-Group-by-[GID/NAME]============================================ */
+/* =Search-Group-by-[GID/SID/NAME]============================================ */
int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
@@ -456,6 +525,19 @@ done:
return ret;
}
+int sysdb_search_group_by_sid_str(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str,
+ const char **attrs,
+ struct ldb_message **msg)
+{
+
+ return sysdb_search_entry_by_sid_str(mem_ctx, sysdb, domain,
+ SYSDB_TMPL_GROUP_BASE,
+ SYSDB_GRSID_FILTER,
+ sid_str, attrs, msg);
+}
/* =Search-Group-by-Name============================================ */