diff options
| author | Stephen Gallagher <sgallagh@redhat.com> | 2010-06-16 15:33:57 -0400 |
|---|---|---|
| committer | Stephen Gallagher <sgallagh@redhat.com> | 2010-06-17 15:40:13 -0400 |
| commit | a56cdc811fec8d2c0e69fce3970a1032d1e3d2a8 (patch) | |
| tree | ac06e8944c9bed459b6ec2198c8eb4d4a18e22d0 /src/responder/nss | |
| parent | ae5716d87c7b126ab01b0d4fcacd4f519585e5fb (diff) | |
| download | sssd-a56cdc811fec8d2c0e69fce3970a1032d1e3d2a8.tar.gz sssd-a56cdc811fec8d2c0e69fce3970a1032d1e3d2a8.tar.xz sssd-a56cdc811fec8d2c0e69fce3970a1032d1e3d2a8.zip | |
Move setup of filter_users and filter_groups to negcache.c
Creates a new function - sss_ncache_prepopulate() - that can be
shared with other responders, such as PAM.
Diffstat (limited to 'src/responder/nss')
| -rw-r--r-- | src/responder/nss/nsssrv.c | 192 |
1 files changed, 5 insertions, 187 deletions
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c index 24753674a..f14d698f2 100644 --- a/src/responder/nss/nsssrv.c +++ b/src/responder/nss/nsssrv.c @@ -67,12 +67,7 @@ static int nss_get_config(struct nss_ctx *nctx, struct confdb_ctx *cdb) { TALLOC_CTX *tmpctx; - struct sss_domain_info *dom; - const char *conf_path; - char *domain, *name; - char **filter_list = NULL; - int ret, i; - bool filter_set; + int ret; tmpctx = talloc_new(nctx); if (!tmpctx) return ENOMEM; @@ -92,7 +87,6 @@ static int nss_get_config(struct nss_ctx *nctx, &nctx->filter_users_in_groups); if (ret != EOK) goto done; - ret = confdb_get_int(cdb, nctx, CONFDB_NSS_CONF_ENTRY, CONFDB_NSS_ENTRY_CACHE_NOWAIT_PERCENTAGE, 0, &nctx->cache_refresh_percent); @@ -104,186 +98,10 @@ static int nss_get_config(struct nss_ctx *nctx, nctx->cache_refresh_percent = 0; } - filter_set = false; - for (dom = rctx->domains; dom; dom = dom->next) { - conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); - if (!conf_path) { - ret = ENOMEM; - goto done; - } - - talloc_zfree(filter_list); - ret = confdb_get_string_as_list(cdb, tmpctx, conf_path, - CONFDB_NSS_FILTER_USERS, &filter_list); - if (ret == ENOENT) continue; - if (ret != EOK) goto done; - filter_set = true; - - for (i = 0; (filter_list && filter_list[i]); i++) { - ret = sss_parse_name(tmpctx, nctx->rctx->names, - filter_list[i], &domain, &name); - if (ret != EOK) { - DEBUG(1, ("Invalid name in filterUsers list: [%s] (%d)\n", - filter_list[i], ret)); - continue; - } - - if (domain && strcmp(domain, dom->name)) { - DEBUG(1, ("Mismatch betwen domain name (%s) and name " - "set in FQN (%s), skipping user %s\n", - dom->name, domain, name)); - continue; - } - - ret = sss_ncache_set_user(nctx->ncache, true, dom->name, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent user filter for [%s]" - " (%d [%s])\n", filter_list[i], - ret, strerror(ret))); - continue; - } - } - } - - ret = confdb_get_string_as_list(cdb, tmpctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_FILTER_USERS, &filter_list); - if (ret == ENOENT) { - if (!filter_set) { - filter_list = talloc_array(tmpctx, char *, 2); - if (!filter_list) { - ret = ENOMEM; - goto done; - } - filter_list[0] = talloc_strdup(tmpctx, "root"); - if (!filter_list[0]) { - ret = ENOMEM; - goto done; - } - filter_list[1] = NULL; - } - ret = EOK; - } - else if (ret != EOK) goto done; - - for (i = 0; (filter_list && filter_list[i]); i++) { - ret = sss_parse_name(tmpctx, nctx->rctx->names, - filter_list[i], &domain, &name); - if (ret != EOK) { - DEBUG(1, ("Invalid name in filterUsers list: [%s] (%d)\n", - filter_list[i], ret)); - continue; - } - if (domain) { - ret = sss_ncache_set_user(nctx->ncache, true, domain, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent user filter for [%s]" - " (%d [%s])\n", filter_list[i], - ret, strerror(ret))); - continue; - } - } else { - for (dom = rctx->domains; dom; dom = dom->next) { - ret = sss_ncache_set_user(nctx->ncache, true, dom->name, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent user filter for" - " [%s:%s] (%d [%s])\n", - dom->name, filter_list[i], - ret, strerror(ret))); - continue; - } - } - } - } - - filter_set = false; - for (dom = rctx->domains; dom; dom = dom->next) { - conf_path = talloc_asprintf(tmpctx, CONFDB_DOMAIN_PATH_TMPL, dom->name); - if (!conf_path) { - ret = ENOMEM; - goto done; - } - - talloc_zfree(filter_list); - ret = confdb_get_string_as_list(cdb, tmpctx, conf_path, - CONFDB_NSS_FILTER_GROUPS, &filter_list); - if (ret == ENOENT) continue; - if (ret != EOK) goto done; - filter_set = true; - - for (i = 0; (filter_list && filter_list[i]); i++) { - ret = sss_parse_name(tmpctx, nctx->rctx->names, - filter_list[i], &domain, &name); - if (ret != EOK) { - DEBUG(1, ("Invalid name in filterGroups list: [%s] (%d)\n", - filter_list[i], ret)); - continue; - } - - if (domain && strcmp(domain, dom->name)) { - DEBUG(1, ("Mismatch betwen domain name (%s) and name " - "set in FQN (%s), skipping group %s\n", - dom->name, domain, name)); - continue; - } - - ret = sss_ncache_set_group(nctx->ncache, true, dom->name, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent group filter for [%s]" - " (%d [%s])\n", filter_list[i], - ret, strerror(ret))); - continue; - } - } - } - - ret = confdb_get_string_as_list(cdb, tmpctx, CONFDB_NSS_CONF_ENTRY, - CONFDB_NSS_FILTER_GROUPS, &filter_list); - if (ret == ENOENT) { - if (!filter_set) { - filter_list = talloc_array(tmpctx, char *, 2); - if (!filter_list) { - ret = ENOMEM; - goto done; - } - filter_list[0] = talloc_strdup(tmpctx, "root"); - if (!filter_list[0]) { - ret = ENOMEM; - goto done; - } - filter_list[1] = NULL; - } - ret = EOK; - } - else if (ret != EOK) goto done; - - for (i = 0; (filter_list && filter_list[i]); i++) { - ret = sss_parse_name(tmpctx, nctx->rctx->names, - filter_list[i], &domain, &name); - if (ret != EOK) { - DEBUG(1, ("Invalid name in filterGroups list: [%s] (%d)\n", - filter_list[i], ret)); - continue; - } - if (domain) { - ret = sss_ncache_set_group(nctx->ncache, true, domain, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent group filter for" - " [%s] (%d [%s])\n", filter_list[i], - ret, strerror(ret))); - continue; - } - } else { - for (dom = rctx->domains; dom; dom = dom->next) { - ret = sss_ncache_set_group(nctx->ncache, true, dom->name, name); - if (ret != EOK) { - DEBUG(1, ("Failed to store permanent group filter for" - " [%s:%s] (%d [%s])\n", - dom->name, filter_list[i], - ret, strerror(ret))); - continue; - } - } - } + ret = sss_ncache_prepopulate(nctx->ncache, cdb, nctx->rctx->names, + nctx->rctx->domains); + if (ret != EOK) { + goto done; } ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY, |