diff options
author | Ondrej Kos <okos@redhat.com> | 2013-08-21 15:17:00 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-09-10 14:01:24 +0200 |
commit | abc398cba9d11d3da047636992ec14c2d4535161 (patch) | |
tree | 32ce79553243a5842551afd14d6598f08d51b8cd /src/db | |
parent | 7d8255cf8f10627248bdf554952d13eee1b3317d (diff) | |
download | sssd-abc398cba9d11d3da047636992ec14c2d4535161.tar.gz sssd-abc398cba9d11d3da047636992ec14c2d4535161.tar.xz sssd-abc398cba9d11d3da047636992ec14c2d4535161.zip |
DB: Add user/group lookup by SID
Diffstat (limited to 'src/db')
-rw-r--r-- | src/db/sysdb.h | 20 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 86 |
2 files changed, 102 insertions, 4 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index c352f8983..b95946647 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -144,10 +144,12 @@ #define SYSDB_PWNAM_FILTER "(&("SYSDB_UC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))" #define SYSDB_PWUID_FILTER "(&("SYSDB_UC")("SYSDB_UIDNUM"=%lu))" +#define SYSDB_PWSID_FILTER "(&("SYSDB_UC")("SYSDB_SID_STR"=%s))" #define SYSDB_PWENT_FILTER "("SYSDB_UC")" #define SYSDB_GRNAM_FILTER "(&("SYSDB_GC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))" #define SYSDB_GRGID_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=%lu))" +#define SYSDB_GRSID_FILTER "(&("SYSDB_GC")("SYSDB_SID_STR"=%s))" #define SYSDB_GRENT_FILTER "("SYSDB_GC")" #define SYSDB_GRNAM_MPG_FILTER "(&("SYSDB_MPGC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))" #define SYSDB_GRGID_MPG_FILTER "(&("SYSDB_MPGC")("SYSDB_GIDNUM"=%lu))" @@ -506,7 +508,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx, size_t *msgs_count, struct ldb_message ***msgs); -/* Search User (by uid or name) */ +/* Search User (by uid, sid or name) */ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, struct sss_domain_info *domain, @@ -521,7 +523,14 @@ int sysdb_search_user_by_uid(TALLOC_CTX *mem_ctx, const char **attrs, struct ldb_message **msg); -/* Search Group (by gid or name) */ +int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *sid_str, + const char **attrs, + struct ldb_message **msg); + +/* Search Group (by gid, sid or name) */ int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, struct sss_domain_info *domain, @@ -536,6 +545,13 @@ int sysdb_search_group_by_gid(TALLOC_CTX *mem_ctx, const char **attrs, struct ldb_message **msg); +int sysdb_search_group_by_sid_str(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *sid_str, + const char **attrs, + struct ldb_message **msg); + /* Search Netgroup (by name) */ int sysdb_search_netgroup_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 75d86b585..a07302260 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -233,8 +233,64 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx, return EOK; } +/* =Search-Entry-by-SID-string============================================ */ -/* =Search-User-by-[UID/NAME]============================================= */ +int sysdb_search_entry_by_sid_str(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *search_base, + const char *filter_str, + const char *sid_str, + const char **attrs, + struct ldb_message **msg) +{ + TALLOC_CTX *tmp_ctx; + const char *def_attrs[] = { SYSDB_NAME, SYSDB_SID_STR, NULL }; + struct ldb_message **msgs = NULL; + struct ldb_dn *basedn; + size_t msgs_count = 0; + char *filter; + int ret; + + tmp_ctx = talloc_new(NULL); + if (!tmp_ctx) { + return ENOMEM; + } + + basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, + search_base, domain->name); + if (!basedn) { + ret = ENOMEM; + goto done; + } + + filter = talloc_asprintf(tmp_ctx, filter_str, sid_str); + if (!filter) { + ret = ENOMEM; + goto done; + } + + ret = sysdb_search_entry(tmp_ctx, sysdb, basedn, LDB_SCOPE_SUBTREE, filter, + attrs?attrs:def_attrs, &msgs_count, &msgs); + if (ret) { + goto done; + } + + *msg = talloc_steal(mem_ctx, msgs[0]); + +done: + if (ret == ENOENT) { + DEBUG(SSSDBG_TRACE_FUNC, ("No such entry\n")); + } + else if (ret) { + DEBUG(SSSDBG_OP_FAILURE, ("Error: %d (%s)\n", ret, strerror(ret))); + } + + talloc_zfree(tmp_ctx); + return ret; +} + +/* =Search-User-by-[UID/SID/NAME]============================================= */ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, @@ -352,8 +408,21 @@ done: return ret; } +int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *sid_str, + const char **attrs, + struct ldb_message **msg) +{ + + return sysdb_search_entry_by_sid_str(mem_ctx, sysdb, domain, + SYSDB_TMPL_USER_BASE, + SYSDB_PWSID_FILTER, + sid_str, attrs, msg); +} -/* =Search-Group-by-[GID/NAME]============================================ */ +/* =Search-Group-by-[GID/SID/NAME]============================================ */ int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, @@ -456,6 +525,19 @@ done: return ret; } +int sysdb_search_group_by_sid_str(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *sid_str, + const char **attrs, + struct ldb_message **msg) +{ + + return sysdb_search_entry_by_sid_str(mem_ctx, sysdb, domain, + SYSDB_TMPL_GROUP_BASE, + SYSDB_GRSID_FILTER, + sid_str, attrs, msg); +} /* =Search-Group-by-Name============================================ */ |