diff options
Diffstat (limited to 'src/providers/ipa/ipa_access.c')
-rw-r--r-- | src/providers/ipa/ipa_access.c | 66 |
1 files changed, 33 insertions, 33 deletions
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c index 704419484..e75a70d67 100644 --- a/src/providers/ipa/ipa_access.c +++ b/src/providers/ipa/ipa_access.c @@ -152,7 +152,7 @@ static void ipa_hbac_check(struct tevent_req *req) hbac_ctx = talloc_zero(be_req, struct hbac_ctx); if (hbac_ctx == NULL) { - DEBUG(1, ("talloc failed.\n")); + DEBUG(1, "talloc failed.\n"); ret = ENOMEM; goto fail; } @@ -167,7 +167,7 @@ static void ipa_hbac_check(struct tevent_req *req) hbac_ctx->tr_ctx = ipa_access_ctx->tr_ctx; hbac_ctx->search_bases = ipa_access_ctx->hbac_search_bases; if (hbac_ctx->search_bases == NULL) { - DEBUG(1, ("No HBAC search base found.\n")); + DEBUG(1, "No HBAC search base found.\n"); ret = EINVAL; goto fail; } @@ -206,7 +206,7 @@ static int hbac_retry(struct hbac_ctx *hbac_ctx) struct be_ctx *be_ctx = be_req_get_be_ctx(hbac_ctx->be_req); offline = be_is_offline(be_ctx); - DEBUG(9, ("Connection status is [%s].\n", offline ? "offline" : "online")); + DEBUG(9, "Connection status is [%s].\n", offline ? "offline" : "online"); refresh_interval = dp_opt_get_int(hbac_ctx->ipa_options, IPA_HBAC_REFRESH); @@ -214,7 +214,7 @@ static int hbac_retry(struct hbac_ctx *hbac_ctx) now = time(NULL); if (now < access_ctx->last_update + refresh_interval) { /* Simulate offline mode and just go to the cache */ - DEBUG(6, ("Performing cached HBAC evaluation\n")); + DEBUG(6, "Performing cached HBAC evaluation\n"); offline = true; } @@ -223,14 +223,14 @@ static int hbac_retry(struct hbac_ctx *hbac_ctx) hbac_ctx->sdap_op = sdap_id_op_create(hbac_ctx, hbac_ctx->sdap_ctx->conn->conn_cache); if (hbac_ctx->sdap_op == NULL) { - DEBUG(1, ("sdap_id_op_create failed.\n")); + DEBUG(1, "sdap_id_op_create failed.\n"); return EIO; } } subreq = sdap_id_op_connect_send(hbac_ctx->sdap_op, hbac_ctx, &ret); if (!subreq) { - DEBUG(1, ("sdap_id_op_connect_send failed: %d(%s).\n", ret, strerror(ret))); + DEBUG(1, "sdap_id_op_connect_send failed: %d(%s).\n", ret, strerror(ret)); talloc_zfree(hbac_ctx->sdap_op); return ret; } @@ -367,7 +367,7 @@ static int hbac_get_host_info_step(struct hbac_ctx *hbac_ctx) hbac_ctx->access_ctx->hostgroup_map, hbac_ctx->access_ctx->host_search_bases); if (req == NULL) { - DEBUG(1, ("Could not get host info\n")); + DEBUG(1, "Could not get host info\n"); return ENOMEM; } tevent_req_set_callback(req, hbac_get_service_info_step, hbac_ctx); @@ -398,7 +398,7 @@ static void hbac_get_service_info_step(struct tevent_req *req) hbac_ctx->sdap_ctx->opts, hbac_ctx->search_bases); if (req == NULL) { - DEBUG(1,("Could not get service info\n")); + DEBUG(1,"Could not get service info\n"); goto fail; } tevent_req_set_callback(req, hbac_get_rule_info_step, hbac_ctx); @@ -432,7 +432,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) hbac_ctx->ipa_host = NULL; ipa_hostname = dp_opt_get_cstring(hbac_ctx->ipa_options, IPA_HOSTNAME); if (ipa_hostname == NULL) { - DEBUG(1, ("Missing ipa_hostname, this should never happen.\n")); + DEBUG(1, "Missing ipa_hostname, this should never happen.\n"); goto fail; } @@ -441,7 +441,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) SYSDB_FQDN, &hostname); if (ret != EOK) { - DEBUG(1, ("Could not locate IPA host\n")); + DEBUG(1, "Could not locate IPA host\n"); goto fail; } @@ -451,7 +451,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) } } if (hbac_ctx->ipa_host == NULL) { - DEBUG(1, ("Could not locate IPA host\n")); + DEBUG(1, "Could not locate IPA host\n"); goto fail; } @@ -465,7 +465,7 @@ static void hbac_get_rule_info_step(struct tevent_req *req) hbac_ctx->search_bases, hbac_ctx->ipa_host); if (req == NULL) { - DEBUG(1, ("Could not get rules\n")); + DEBUG(1, "Could not get rules\n"); goto fail; } @@ -518,7 +518,7 @@ static void hbac_sysdb_save(struct tevent_req *req) ret = sysdb_delete_recursive(domain->sysdb, base_dn, true); talloc_free(tmp_ctx); if (ret != EOK) { - DEBUG(1, ("sysdb_delete_recursive failed.\n")); + DEBUG(1, "sysdb_delete_recursive failed.\n"); ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); return; } @@ -534,7 +534,7 @@ static void hbac_sysdb_save(struct tevent_req *req) ret = sysdb_transaction_start(domain->sysdb); if (ret != EOK) { - DEBUG(0, ("Could not start transaction\n")); + DEBUG(0, "Could not start transaction\n"); goto fail; } in_transaction = true; @@ -547,8 +547,8 @@ static void hbac_sysdb_save(struct tevent_req *req) hbac_ctx->hostgroup_count, hbac_ctx->hostgroups); if (ret != EOK) { - DEBUG(1, ("Error saving hosts: [%d][%s]\n", - ret, strerror(ret))); + DEBUG(1, "Error saving hosts: [%d][%s]\n", + ret, strerror(ret)); goto fail; } @@ -560,8 +560,8 @@ static void hbac_sysdb_save(struct tevent_req *req) hbac_ctx->servicegroup_count, hbac_ctx->servicegroups); if (ret != EOK) { - DEBUG(1, ("Error saving services: [%d][%s]\n", - ret, strerror(ret))); + DEBUG(1, "Error saving services: [%d][%s]\n", + ret, strerror(ret)); goto fail; } /* Save the rules */ @@ -571,14 +571,14 @@ static void hbac_sysdb_save(struct tevent_req *req) hbac_ctx->rules, NULL, NULL, 0, NULL); if (ret != EOK) { - DEBUG(1, ("Error saving rules: [%d][%s]\n", - ret, strerror(ret))); + DEBUG(1, "Error saving rules: [%d][%s]\n", + ret, strerror(ret)); goto fail; } ret = sysdb_transaction_commit(domain->sysdb); if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction\n")); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction\n"); goto fail; } in_transaction = false; @@ -601,7 +601,7 @@ fail: if (in_transaction) { ret = sysdb_transaction_cancel(domain->sysdb); if (ret != EOK) { - DEBUG(0, ("Could not cancel transaction\n")); + DEBUG(0, "Could not cancel transaction\n"); } } ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); @@ -620,43 +620,43 @@ void ipa_hbac_evaluate_rules(struct hbac_ctx *hbac_ctx) ret = hbac_get_cached_rules(hbac_ctx, be_ctx->domain, &hbac_ctx->rule_count, &hbac_ctx->rules); if (ret != EOK) { - DEBUG(1, ("Could not retrieve rules from the cache\n")); + DEBUG(1, "Could not retrieve rules from the cache\n"); ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); } ret = hbac_ctx_to_rules(hbac_ctx, hbac_ctx, &hbac_rules, &eval_req); if (ret == EPERM) { - DEBUG(1, ("DENY rules detected. Denying access to all users\n")); + DEBUG(1, "DENY rules detected. Denying access to all users\n"); ipa_access_reply(hbac_ctx, PAM_PERM_DENIED); return; } else if (ret != EOK) { - DEBUG(1, ("Could not construct HBAC rules\n")); + DEBUG(1, "Could not construct HBAC rules\n"); ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); return; } result = hbac_evaluate(hbac_rules, eval_req, &info); if (result == HBAC_EVAL_ALLOW) { - DEBUG(3, ("Access granted by HBAC rule [%s]\n", - info->rule_name)); + DEBUG(3, "Access granted by HBAC rule [%s]\n", + info->rule_name); hbac_free_info(info); ipa_access_reply(hbac_ctx, PAM_SUCCESS); return; } else if (result == HBAC_EVAL_ERROR) { - DEBUG(1, ("Error [%s] occurred in rule [%s]\n", + DEBUG(1, "Error [%s] occurred in rule [%s]\n", hbac_error_string(info->code), - info->rule_name)); + info->rule_name); hbac_free_info(info); ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); return; } else if (result == HBAC_EVAL_OOM) { - DEBUG(1, ("Insufficient memory\n")); + DEBUG(1, "Insufficient memory\n"); ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR); return; } - DEBUG(3, ("Access denied by HBAC rules\n")); + DEBUG(3, "Access denied by HBAC rules\n"); hbac_free_info(info); ipa_access_reply(hbac_ctx, PAM_PERM_DENIED); } @@ -702,7 +702,7 @@ errno_t hbac_get_cached_rules(TALLOC_CTX *mem_ctx, HBAC_RULES_SUBDIR, attrs, &rule_count, &msgs); if (ret != EOK && ret != ENOENT) { - DEBUG(1, ("Error looking up HBAC rules")); + DEBUG(1, "Error looking up HBAC rules"); goto done; } if (ret == ENOENT) { rule_count = 0; @@ -710,7 +710,7 @@ errno_t hbac_get_cached_rules(TALLOC_CTX *mem_ctx, ret = sysdb_msg2attrs(tmp_ctx, rule_count, msgs, &rules); if (ret != EOK) { - DEBUG(1, ("Could not convert ldb message to sysdb_attrs\n")); + DEBUG(1, "Could not convert ldb message to sysdb_attrs\n"); goto done; } |