diff options
author | Stephen Gallagher <sgallagh@redhat.com> | 2011-10-05 14:18:25 -0400 |
---|---|---|
committer | Stephen Gallagher <sgallagh@redhat.com> | 2011-10-14 09:10:35 -0400 |
commit | d7cecebe2bda44184cdc18ee1cfce1c00be491e1 (patch) | |
tree | 8ca0d10d6ffbe70b2c33ffaea54d9ed369decc67 /src/providers/ipa/ipa_hbac_private.h | |
parent | 0addab780f8cd2af010b64d6160219edf7ab6f6b (diff) | |
download | sssd-d7cecebe2bda44184cdc18ee1cfce1c00be491e1.tar.gz sssd-d7cecebe2bda44184cdc18ee1cfce1c00be491e1.tar.xz sssd-d7cecebe2bda44184cdc18ee1cfce1c00be491e1.zip |
Improve performance of HBAC with large numbers of hosts
HBAC: Do not save member/memberOf links
We can just trust the values from the FreeIPA server
HBAC: Use originalMember for identifying servicegroups
HBAC: Use originalMember for identifying hostgroups
Diffstat (limited to 'src/providers/ipa/ipa_hbac_private.h')
-rw-r--r-- | src/providers/ipa/ipa_hbac_private.h | 10 |
1 files changed, 10 insertions, 0 deletions
diff --git a/src/providers/ipa/ipa_hbac_private.h b/src/providers/ipa/ipa_hbac_private.h index 7289a0422..32b5d70ce 100644 --- a/src/providers/ipa/ipa_hbac_private.h +++ b/src/providers/ipa/ipa_hbac_private.h @@ -131,6 +131,11 @@ hbac_shost_attrs_to_rule(TALLOC_CTX *mem_ctx, const char *rule_name, struct sysdb_attrs *rule_attrs, struct hbac_rule_element **source_hosts); +errno_t +get_ipa_hostgroupname(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + const char *host_dn, + char **hostgroupname); /* From ipa_hbac_services.c */ struct tevent_req * @@ -157,6 +162,11 @@ hbac_service_attrs_to_rule(TALLOC_CTX *mem_ctx, const char *rule_name, struct sysdb_attrs *rule_attrs, struct hbac_rule_element **services); +errno_t +get_ipa_servicegroupname(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + const char *service_dn, + char **servicename); /* From ipa_hbac_rules.c */ struct tevent_req * |