summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-05-11 13:26:32 +0200
committerStephen Gallagher <sgallagh@redhat.com>2012-06-29 11:37:18 -0400
commite5b34f0166ae61468e53f369578e691ddb09cdd0 (patch)
tree325d1cab42db89a92ce8e254cd4920ce105c87a7 /src
parent5e7ddcae402bc284d43c5ebb5d215310a5658aba (diff)
downloadsssd-e5b34f0166ae61468e53f369578e691ddb09cdd0.tar.gz
sssd-e5b34f0166ae61468e53f369578e691ddb09cdd0.tar.xz
sssd-e5b34f0166ae61468e53f369578e691ddb09cdd0.zip
sudo responder: update dp interface
Diffstat (limited to 'src')
-rw-r--r--src/responder/sudo/sudosrv_dp.c95
-rw-r--r--src/responder/sudo/sudosrv_get_sudorules.c3
-rw-r--r--src/responder/sudo/sudosrv_private.h8
3 files changed, 72 insertions, 34 deletions
diff --git a/src/responder/sudo/sudosrv_dp.c b/src/responder/sudo/sudosrv_dp.c
index 4d0082ffe..2063b2911 100644
--- a/src/responder/sudo/sudosrv_dp.c
+++ b/src/responder/sudo/sudosrv_dp.c
@@ -29,6 +29,7 @@
#include "providers/data_provider.h"
#include "responder/common/responder.h"
#include "responder/sudo/sudosrv_private.h"
+#include "db/sysdb.h"
struct sss_dp_get_sudoers_info {
struct sss_domain_info *dom;
@@ -36,6 +37,8 @@ struct sss_dp_get_sudoers_info {
bool fast_reply;
enum sss_dp_sudo_type type;
const char *name;
+ size_t num_rules;
+ struct sysdb_attrs **rules;
};
static DBusMessage *
@@ -47,7 +50,9 @@ sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
struct sss_domain_info *dom,
bool fast_reply,
enum sss_dp_sudo_type type,
- const char *name)
+ const char *name,
+ size_t num_rules,
+ struct sysdb_attrs **rules)
{
struct tevent_req *req;
struct sss_dp_req_state *state;
@@ -71,8 +76,19 @@ sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
info->type = type;
info->name = name;
info->dom = dom;
+ info->num_rules = num_rules;
+ info->rules = rules;
+
+ switch (info->type) {
+ case SSS_DP_SUDO_REFRESH_RULES:
+ key = talloc_asprintf(state, "%d:%u:%s@%s", type,
+ (unsigned int)num_rules, name, dom->name);
+ break;
+ case SSS_DP_SUDO_FULL_REFRESH:
+ key = talloc_asprintf(state, "%d:%s", type, dom->name);
+ break;
+ }
- key = talloc_asprintf(state, "%d:%s@%s", type, name, dom->name);
if (!key) {
ret = ENOMEM;
goto error;
@@ -100,19 +116,22 @@ static DBusMessage *
sss_dp_get_sudoers_msg(void *pvt)
{
DBusMessage *msg;
+ DBusMessageIter iter;
dbus_bool_t dbret;
+ errno_t ret;
struct sss_dp_get_sudoers_info *info;
- uint32_t be_type = BE_REQ_SUDO_USER;
- char *filter;
+ uint32_t be_type = 0;
+ const char *rule_name = NULL;
+ int i;
info = talloc_get_type(pvt, struct sss_dp_get_sudoers_info);
switch (info->type) {
- case SSS_DP_SUDO_DEFAULTS:
- be_type = BE_REQ_SUDO_DEFAULTS;
+ case SSS_DP_SUDO_REFRESH_RULES:
+ be_type = BE_REQ_SUDO_RULES;
break;
- case SSS_DP_SUDO_USER:
- be_type = BE_REQ_SUDO_USER;
+ case SSS_DP_SUDO_FULL_REFRESH:
+ be_type = BE_REQ_SUDO_FULL;
break;
}
@@ -120,16 +139,6 @@ sss_dp_get_sudoers_msg(void *pvt)
be_type |= BE_REQ_FAST;
}
- if (info->name != NULL) {
- filter = talloc_asprintf(info, "name=%s", info->name);
- } else {
- filter = talloc_strdup(info, "");
- }
- if (!filter) {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory?!\n"));
- return NULL;
- }
-
msg = dbus_message_new_method_call(NULL,
DP_PATH,
DP_INTERFACE,
@@ -141,21 +150,47 @@ sss_dp_get_sudoers_msg(void *pvt)
/* create the message */
DEBUG(SSSDBG_TRACE_FUNC,
- ("Creating SUDOers request for [%s][%u][%s]\n",
- info->dom->name, be_type, filter));
-
- dbret = dbus_message_append_args(msg,
- DBUS_TYPE_UINT32, &be_type,
- DBUS_TYPE_STRING, &filter,
- DBUS_TYPE_INVALID);
- talloc_free(filter);
- if (!dbret) {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build message\n"));
- dbus_message_unref(msg);
- return NULL;
+ ("Creating SUDOers request for [%s][%u][%s][%u]\n",
+ info->dom->name, be_type, info->name, (unsigned int)info->num_rules));
+
+ dbus_message_iter_init_append(msg, &iter);
+
+ /* BE TYPE */
+ dbret = dbus_message_iter_append_basic(&iter, DBUS_TYPE_UINT32, &be_type);
+ if (dbret == FALSE) {
+ goto fail;
+ }
+
+ /* BE TYPE SPECIFIC */
+ if (be_type & BE_REQ_SUDO_RULES) {
+ dbret = dbus_message_iter_append_basic(&iter, DBUS_TYPE_UINT32,
+ &info->num_rules);
+ if (dbret == FALSE) {
+ goto fail;
+ }
+
+ for (i = 0; i < info->num_rules; i++) {
+ ret = sysdb_attrs_get_string(info->rules[i], SYSDB_NAME, &rule_name);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Could not get rule name [%d]: %s\n",
+ ret, strerror(ret)));
+ goto fail;
+ }
+
+ dbret = dbus_message_iter_append_basic(&iter, DBUS_TYPE_STRING,
+ &rule_name);
+ if (dbret == FALSE) {
+ goto fail;
+ }
+ }
}
return msg;
+
+fail:
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to build message\n"));
+ dbus_message_unref(msg);
+ return NULL;
}
errno_t
diff --git a/src/responder/sudo/sudosrv_get_sudorules.c b/src/responder/sudo/sudosrv_get_sudorules.c
index 9f670b9b4..6b8ee3692 100644
--- a/src/responder/sudo/sudosrv_get_sudorules.c
+++ b/src/responder/sudo/sudosrv_get_sudorules.c
@@ -330,7 +330,8 @@ errno_t sudosrv_get_rules(struct sudo_cmd_ctx *cmd_ctx)
cmd_ctx->cli_ctx->rctx,
cmd_ctx->domain, false,
cmd_ctx->type,
- cmd_ctx->orig_username);
+ cmd_ctx->orig_username,
+ 0, NULL);
if (dpreq == NULL) {
DEBUG(SSSDBG_CRIT_FAILURE,
("Cannot issue DP request.\n"));
diff --git a/src/responder/sudo/sudosrv_private.h b/src/responder/sudo/sudosrv_private.h
index e23a0d0d2..d2d92c144 100644
--- a/src/responder/sudo/sudosrv_private.h
+++ b/src/responder/sudo/sudosrv_private.h
@@ -33,8 +33,8 @@
#define SSS_SUDO_SBUS_SERVICE_NAME "sudo"
enum sss_dp_sudo_type {
- SSS_DP_SUDO_DEFAULTS,
- SSS_DP_SUDO_USER
+ SSS_DP_SUDO_REFRESH_RULES,
+ SSS_DP_SUDO_FULL_REFRESH
};
enum sss_sudo_type {
@@ -110,7 +110,9 @@ sss_dp_get_sudoers_send(TALLOC_CTX *mem_ctx,
struct sss_domain_info *dom,
bool fast_reply,
enum sss_dp_sudo_type type,
- const char *name);
+ const char *name,
+ size_t num_rules,
+ struct sysdb_attrs **rules);
errno_t
sss_dp_get_sudoers_recv(TALLOC_CTX *mem_ctx,