diff options
| author | Sumit Bose <sbose@redhat.com> | 2013-06-10 11:55:16 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-28 18:57:23 +0200 |
| commit | 95a08a0c02281b28bd1914e0727b40ae25b4e16a (patch) | |
| tree | 11b185a2f3aedb7b601782203a11b3c113f8c5b8 /src/lib/idmap/sss_idmap.h | |
| parent | b618590bcde5b05f149ba10072b3197670a38185 (diff) | |
| download | sssd-95a08a0c02281b28bd1914e0727b40ae25b4e16a.tar.gz sssd-95a08a0c02281b28bd1914e0727b40ae25b4e16a.tar.xz sssd-95a08a0c02281b28bd1914e0727b40ae25b4e16a.zip | |
idmap: allow first RID to be set
Currently libss_idmap implicitly assumes that the RID 0 is always mapped
to the first ID of the given range. This is not the case anymore when
multiple ranges are used e.g. for trusted domains in FreeIPA.
A new call sss_idmap_add_domain_ex() was added which can take the first
RID as an argument. This new call will get more options with other
patches hence I didn't change the library version with this patch.
Fixes https://fedorahosted.org/sssd/ticket/1938
Diffstat (limited to 'src/lib/idmap/sss_idmap.h')
| -rw-r--r-- | src/lib/idmap/sss_idmap.h | 30 |
1 files changed, 29 insertions, 1 deletions
diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h index 9710501bd..3beeca114 100644 --- a/src/lib/idmap/sss_idmap.h +++ b/src/lib/idmap/sss_idmap.h @@ -74,7 +74,10 @@ enum idmap_error_code { IDMAP_BUILTIN_SID, /** No more free slices */ - IDMAP_OUT_OF_SLICES + IDMAP_OUT_OF_SLICES, + + /** New domain collides with existing one */ + IDMAP_COLLISION }; /** @@ -237,6 +240,7 @@ enum idmap_error_code sss_idmap_calculate_range(struct sss_idmap_ctx *ctx, * context * - #IDMAP_SID_INVALID: Invalid SID provided * - #IDMAP_NO_DOMAIN: No domain domain name given + * - #IDMAP_COLLISION: New domain collides with existing one */ enum idmap_error_code sss_idmap_add_domain(struct sss_idmap_ctx *ctx, const char *domain_name, @@ -244,6 +248,30 @@ enum idmap_error_code sss_idmap_add_domain(struct sss_idmap_ctx *ctx, struct sss_idmap_range *range); /** + * @brief Add a domain with the first mappable RID to the idmap context + * + * @param[in] ctx Idmap context + * @param[in] domain_name Zero-terminated string with the domain name + * @param[in] domain_sid Zero-terminated string representation of the domain + * SID (S-1-15-.....) + * @param[in] range TBD Some information about the id ranges of this + * domain + * @param[in] rid The RID that should be mapped to the first ID of the + * given range. + * + * @return + * - #IDMAP_OUT_OF_MEMORY: Insufficient memory to store the data in the idmap + * context + * - #IDMAP_SID_INVALID: Invalid SID provided + * - #IDMAP_NO_DOMAIN: No domain domain name given + * - #IDMAP_COLLISION: New domain collides with existing one + */ +enum idmap_error_code sss_idmap_add_domain_ex(struct sss_idmap_ctx *ctx, + const char *domain_name, + const char *domain_sid, + struct sss_idmap_range *range, + uint32_t rid); +/** * @brief Translate SID to a unix UID or GID * * @param[in] ctx Idmap context |