diff options
author | Jakub Hrozek <jhrozek@redhat.com> | 2015-03-29 16:31:19 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2015-04-09 08:35:23 +0200 |
commit | 0528fdec17d0031996e919fcd852459e86592c35 (patch) | |
tree | 1b2e9e3a9406629fb4006acaf51a44d9bad8e4bd /src/responder/common | |
parent | 0d19785f9ffd9c66df5b30d208ec7b0216a9555b (diff) | |
download | sssd-0528fdec17d0031996e919fcd852459e86592c35.tar.gz sssd-0528fdec17d0031996e919fcd852459e86592c35.tar.xz sssd-0528fdec17d0031996e919fcd852459e86592c35.zip |
responders: reset ncache after domains are discovered during startup
After responders start, they add a lookup operation that discovers the
subdomains so that qualifying users works. After this operation is
finishes, we need to reset negcache to allow users to be added into the
newly discovered domains.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Diffstat (limited to 'src/responder/common')
-rw-r--r-- | src/responder/common/responder.h | 4 | ||||
-rw-r--r-- | src/responder/common/responder_get_domains.c | 42 |
2 files changed, 38 insertions, 8 deletions
diff --git a/src/responder/common/responder.h b/src/responder/common/responder.h index 02a215ced..9c7a73809 100644 --- a/src/responder/common/responder.h +++ b/src/responder/common/responder.h @@ -34,6 +34,7 @@ #include <dhash.h> #include "sbus/sssd_dbus.h" +#include "responder/common/negcache.h" #include "sss_client/sss_cli.h" extern hash_table_t *dp_requests; @@ -314,7 +315,8 @@ errno_t sss_dp_get_domains_recv(struct tevent_req *req); errno_t schedule_get_domains_task(TALLOC_CTX *mem_ctx, struct tevent_context *ev, - struct resp_ctx *rctx); + struct resp_ctx *rctx, + struct sss_nc_ctx *optional_ncache); errno_t csv_string_to_uid_array(TALLOC_CTX *mem_ctx, const char *csv_string, bool allow_sss_loop, diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c index 1dbb9ea81..8fbab082a 100644 --- a/src/responder/common/responder_get_domains.c +++ b/src/responder/common/responder_get_domains.c @@ -363,16 +363,33 @@ static errno_t check_last_request(struct resp_ctx *rctx, const char *hint) return EOK; } +struct get_domains_state { + struct resp_ctx *rctx; + struct sss_nc_ctx *optional_ncache; +}; + static void get_domains_at_startup_done(struct tevent_req *req) { int ret; + struct get_domains_state *state; + + state = tevent_req_callback_data(req, struct get_domains_state); ret = sss_dp_get_domains_recv(req); talloc_free(req); if (ret != EOK) { - DEBUG(SSSDBG_OP_FAILURE, "sss_dp_get_domains request failed.\n"); + DEBUG(SSSDBG_MINOR_FAILURE, "sss_dp_get_domains request failed.\n"); } + if (state->optional_ncache != NULL) { + ret = sss_ncache_reset_repopulate_permanent(state->rctx, + state->optional_ncache); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, "sss_dp_get_domains request failed.\n"); + } + } + + talloc_free(state); return; } @@ -381,33 +398,44 @@ static void get_domains_at_startup(struct tevent_context *ev, void *pvt) { struct tevent_req *req; - struct resp_ctx *rctx; + struct get_domains_state *state; - rctx = talloc_get_type(pvt, struct resp_ctx); + state = talloc_get_type(pvt, struct get_domains_state); - req = sss_dp_get_domains_send(rctx, rctx, true, NULL); + req = sss_dp_get_domains_send(state, state->rctx, true, NULL); if (req == NULL) { DEBUG(SSSDBG_OP_FAILURE, "sss_dp_get_domains_send failed.\n"); + talloc_free(state); return; } - tevent_req_set_callback(req, get_domains_at_startup_done, NULL); + tevent_req_set_callback(req, get_domains_at_startup_done, state); return; } errno_t schedule_get_domains_task(TALLOC_CTX *mem_ctx, struct tevent_context *ev, - struct resp_ctx *rctx) + struct resp_ctx *rctx, + struct sss_nc_ctx *optional_ncache) { struct tevent_immediate *imm; + struct get_domains_state *state; + + state = talloc(mem_ctx, struct get_domains_state); + if (state == NULL) { + return ENOMEM; + } + state->rctx = rctx; + state->optional_ncache = optional_ncache; imm = tevent_create_immediate(mem_ctx); if (imm == NULL) { DEBUG(SSSDBG_OP_FAILURE, "tevent_create_immediate failed.\n"); + talloc_free(state); return ENOMEM; } - tevent_schedule_immediate(imm, ev, get_domains_at_startup, rctx); + tevent_schedule_immediate(imm, ev, get_domains_at_startup, state); return EOK; } |