diff options
Diffstat (limited to 'src/providers/ldap/sdap_async_groups.c')
| -rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 97 |
1 files changed, 56 insertions, 41 deletions
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index ff8da1503..930c5ed2d 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -68,7 +68,7 @@ static int sdap_find_entry_by_origDN(TALLOC_CTX *memctx, goto done; } - DEBUG(9, "Searching cache for [%s].\n", sanitized_dn); + DEBUG(SSSDBG_TRACE_ALL, "Searching cache for [%s].\n", sanitized_dn); ret = sysdb_search_entry(tmpctx, ctx, base_dn, LDB_SCOPE_SUBTREE, filter, no_attrs, &num_msgs, &msgs); @@ -246,7 +246,7 @@ static int sdap_fill_memberships(struct sdap_options *opts, goto done; } - DEBUG(7, " member #%d (%s): [%s]\n", + DEBUG(SSSDBG_TRACE_LIBS, " member #%d (%s): [%s]\n", i, (char *)values[i].data, (char *)el->values[j].data); @@ -296,7 +296,8 @@ sdap_store_group_with_gid(struct sss_domain_info *domain, if (!posix_group) { ret = sysdb_attrs_add_uint32(group_attrs, SYSDB_GIDNUM, 0); if (ret) { - DEBUG(2, "Could not set explicit GID 0 for %s\n", name); + DEBUG(SSSDBG_OP_FAILURE, + "Could not set explicit GID 0 for %s\n", name); return ret; } } @@ -304,7 +305,7 @@ sdap_store_group_with_gid(struct sss_domain_info *domain, ret = sysdb_store_group(domain, name, gid, group_attrs, cache_timeout, now); if (ret) { - DEBUG(2, "Could not store group %s\n", name); + DEBUG(SSSDBG_OP_FAILURE, "Could not store group %s\n", name); return ret; } @@ -594,7 +595,8 @@ static int sdap_save_group(TALLOC_CTX *memctx, goto done; } - DEBUG(8, "This is%s a posix group\n", (posix_group)?"":" not"); + DEBUG(SSSDBG_TRACE_INTERNAL, + "This is%s a posix group\n", (posix_group)?"":" not"); ret = sysdb_attrs_add_bool(group_attrs, SYSDB_POSIX, posix_group); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, @@ -607,7 +609,8 @@ static int sdap_save_group(TALLOC_CTX *memctx, opts->group_map[SDAP_AT_GROUP_GID].sys_name, &gid); if (ret != EOK) { - DEBUG(1, "no gid provided for [%s] in domain [%s].\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "no gid provided for [%s] in domain [%s].\n", group_name, dom->name); ret = EINVAL; goto done; @@ -684,7 +687,7 @@ static int sdap_save_group(TALLOC_CTX *memctx, ret = sdap_save_all_names(group_name, attrs, dom, group_attrs); if (ret != EOK) { - DEBUG(1, "Failed to save group names\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to save group names\n"); goto done; } DEBUG(SSSDBG_TRACE_FUNC, "Storing info for group %s\n", group_name); @@ -872,9 +875,10 @@ static int sdap_save_groups(TALLOC_CTX *memctx, /* Do not fail completely on errors. * Just report the failure to save and go on */ if (ret) { - DEBUG(2, "Failed to store group %d. Ignoring.\n", i); + DEBUG(SSSDBG_OP_FAILURE, + "Failed to store group %d. Ignoring.\n", i); } else { - DEBUG(9, "Group %d processed!\n", i); + DEBUG(SSSDBG_TRACE_ALL, "Group %d processed!\n", i); if (twopass && !populate_members) { saved_groups[nsaved_groups] = groups[i]; nsaved_groups++; @@ -905,9 +909,10 @@ static int sdap_save_groups(TALLOC_CTX *memctx, /* Do not fail completely on errors. * Just report the failure to save and go on */ if (ret) { - DEBUG(2, "Failed to store group %d members.\n", i); + DEBUG(SSSDBG_OP_FAILURE, + "Failed to store group %d members.\n", i); } else { - DEBUG(9, "Group %d members processed!\n", i); + DEBUG(SSSDBG_TRACE_ALL, "Group %d members processed!\n", i); } } } @@ -1050,7 +1055,7 @@ struct tevent_req *sdap_process_group_send(TALLOC_CTX *memctx, /* Group without members */ if (el->num_values == 0) { - DEBUG(2, "No Members. Done!\n"); + DEBUG(SSSDBG_OP_FAILURE, "No Members. Done!\n"); ret = EOK; goto done; } @@ -1100,7 +1105,8 @@ struct tevent_req *sdap_process_group_send(TALLOC_CTX *memctx, break; default: - DEBUG(1, "Unknown schema type %d\n", opts->schema_type); + DEBUG(SSSDBG_CRIT_FAILURE, + "Unknown schema type %d\n", opts->schema_type); ret = EINVAL; break; } @@ -1109,7 +1115,7 @@ done: /* We managed to process all the entries */ /* EBUSY means we need to wait for entries in LDAP */ if (ret == EOK) { - DEBUG(7, "All group members processed\n"); + DEBUG(SSSDBG_TRACE_LIBS, "All group members processed\n"); tevent_req_done(req); tevent_req_post(req, ev); } @@ -1138,7 +1144,7 @@ sdap_process_missing_member_2307bis(struct tevent_req *req, * connection. */ if (grp_state->check_count > GROUPMEMBER_REQ_PARALLEL) { - DEBUG(7, " queueing search for: %s\n", user_dn); + DEBUG(SSSDBG_TRACE_LIBS, " queueing search for: %s\n", user_dn); if (!grp_state->queued_members) { DEBUG(SSSDBG_TRACE_LIBS, "Allocating queue for %zu members\n", @@ -1199,7 +1205,7 @@ sdap_process_group_members_2307bis(struct tevent_req *req, * User already cached in sysdb. Remember the sysdb DN for later * use by sdap_save_groups() */ - DEBUG(7, "sysdbdn: %s\n", strdn); + DEBUG(SSSDBG_TRACE_LIBS, "sysdbdn: %s\n", strdn); state->sysdb_dns->values[state->sysdb_dns->num_values].data = (uint8_t*) strdn; state->sysdb_dns->values[state->sysdb_dns->num_values].length = @@ -1214,18 +1220,21 @@ sdap_process_group_members_2307bis(struct tevent_req *req, * Also, we don't want to be holding the sysdb * transaction while we're performing LDAP lookups. */ - DEBUG(7, "Searching LDAP for missing user entry\n"); + DEBUG(SSSDBG_TRACE_LIBS, + "Searching LDAP for missing user entry\n"); ret = sdap_process_missing_member_2307bis(req, member_dn, memberel->num_values); if (ret != EOK) { - DEBUG(1, "Error processing missing member #%d (%s):\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Error processing missing member #%d (%s):\n", i, member_dn); return ret; } } } else { - DEBUG(1, "Error checking cache for member #%d (%s):\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Error checking cache for member #%d (%s):\n", i, (char *)memberel->values[i].data); return ret; } @@ -1298,7 +1307,8 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state, /* Entry exists but the group references it with an alias. */ if (count != 1) { - DEBUG(1, "More than one entry with this alias?\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "More than one entry with this alias?\n"); ret = EIO; goto done; } @@ -1360,7 +1370,8 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state, * User already cached in sysdb. Remember the sysdb DN for later * use by sdap_save_groups() */ - DEBUG(7, "Member already cached in sysdb: %s\n", member_name); + DEBUG(SSSDBG_TRACE_LIBS, + "Member already cached in sysdb: %s\n", member_name); userdn = sysdb_user_strdn(state->sysdb_dns, state->dom->name, member_name); if (userdn == NULL) { @@ -1369,22 +1380,25 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state, ret = sdap_add_group_member_2307(state->sysdb_dns, userdn); if (ret != EOK) { - DEBUG(1, "Could not add member %s into sysdb\n", member_name); + DEBUG(SSSDBG_CRIT_FAILURE, + "Could not add member %s into sysdb\n", member_name); goto done; } } else if (ret == ENOENT) { /* The user is not in sysdb, need to add it */ - DEBUG(7, "member #%d (%s): not found in sysdb\n", + DEBUG(SSSDBG_TRACE_LIBS, "member #%d (%s): not found in sysdb\n", i, member_name); ret = sdap_process_missing_member_2307(state, member_name); if (ret != EOK) { - DEBUG(1, "Error processing missing member #%d (%s):\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Error processing missing member #%d (%s):\n", i, member_name); goto done; } } else { - DEBUG(1, "Error checking cache for member #%d (%s):\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Error checking cache for member #%d (%s):\n", i, (char *) memberel->values[i].data); goto done; } @@ -1434,7 +1448,7 @@ static void sdap_process_group_members(struct tevent_req *subreq) ret = EINVAL; } if (ret) { - DEBUG(2, "Failed to get the member's name\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to get the member's name\n"); goto next; } @@ -1500,7 +1514,7 @@ next: } el->values = talloc_steal(state->group, state->ghost_dns->values); el->num_values = state->ghost_dns->num_values; - DEBUG(9, "Processed Group - Done\n"); + DEBUG(SSSDBG_TRACE_ALL, "Processed Group - Done\n"); tevent_req_done(req); } } @@ -1597,7 +1611,7 @@ struct tevent_req *sdap_get_groups_send(TALLOC_CTX *memctx, subdom_id_ctx = talloc_get_type(sdom->pvt, struct ad_id_ctx); state->op = sdap_id_op_create(state, subdom_id_ctx->ldap_ctx->conn_cache); if (!state->op) { - DEBUG(2, "sdap_id_op_create failed\n"); + DEBUG(SSSDBG_OP_FAILURE, "sdap_id_op_create failed\n"); ret = ENOMEM; goto done; } @@ -1820,7 +1834,7 @@ static void sdap_get_groups_process(struct tevent_req *subreq) ret = sysdb_transaction_start(state->sysdb); if (ret != EOK) { - DEBUG(0, "Failed to start transaction\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to start transaction\n"); tevent_req_error(req, ret); return; } @@ -1828,13 +1842,13 @@ static void sdap_get_groups_process(struct tevent_req *subreq) if (state->enumeration && state->opts->schema_type != SDAP_SCHEMA_RFC2307 && dp_opt_get_int(state->opts->basic, SDAP_NESTING_LEVEL) != 0) { - DEBUG(9, "Saving groups without members first " + DEBUG(SSSDBG_TRACE_ALL, "Saving groups without members first " "to allow unrolling of nested groups.\n"); ret = sdap_save_groups(state, state->sysdb, state->dom, state->opts, state->groups, state->count, false, NULL, true, NULL); if (ret) { - DEBUG(2, "Failed to store groups.\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to store groups.\n"); tevent_req_error(req, ret); return; } @@ -1869,7 +1883,7 @@ static void sdap_get_groups_done(struct tevent_req *subreq) if (ret) { sysret = sysdb_transaction_cancel(state->sysdb); if (sysret != EOK) { - DEBUG(0, "Could not cancel sysdb transaction\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Could not cancel sysdb transaction\n"); } tevent_req_error(req, ret); return; @@ -1880,7 +1894,7 @@ static void sdap_get_groups_done(struct tevent_req *subreq) if (state->check_count == 0) { - DEBUG(9, "All groups processed\n"); + DEBUG(SSSDBG_TRACE_ALL, "All groups processed\n"); /* If ignore_group_members is set for the domain, don't update * group memberships in the cache. @@ -1894,14 +1908,14 @@ static void sdap_get_groups_done(struct tevent_req *subreq) !state->enumeration, &state->higher_usn); if (ret) { - DEBUG(2, "Failed to store groups.\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to store groups.\n"); tevent_req_error(req, ret); return; } DEBUG(SSSDBG_TRACE_ALL, "Saving %zu Groups - Done\n", state->count); sysret = sysdb_transaction_commit(state->sysdb); if (sysret != EOK) { - DEBUG(0, "Couldn't commit transaction\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Couldn't commit transaction\n"); tevent_req_error(req, sysret); } else { tevent_req_done(req); @@ -2068,7 +2082,7 @@ static void sdap_nested_done(struct tevent_req *subreq) &group_count, &groups); talloc_zfree(subreq); if (ret != EOK) { - DEBUG(1, "Nested group processing failed: [%d][%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Nested group processing failed: [%d][%s]\n", ret, strerror(ret)); goto fail; } @@ -2078,7 +2092,7 @@ static void sdap_nested_done(struct tevent_req *subreq) */ ret = sysdb_transaction_start(state->sysdb); if (ret != EOK) { - DEBUG(1, "Failed to start transaction\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n"); goto fail; } in_transaction = true; @@ -2099,7 +2113,7 @@ static void sdap_nested_done(struct tevent_req *subreq) ret = sysdb_transaction_commit(state->sysdb); if (ret != EOK) { - DEBUG(1, "Failed to commit transaction\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction\n"); goto fail; } in_transaction = false; @@ -2112,7 +2126,7 @@ fail: if (in_transaction) { tret = sysdb_transaction_cancel(state->sysdb); if (tret != EOK) { - DEBUG(1, "Failed to cancel transaction\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to cancel transaction\n"); } } tevent_req_error(req, ret); @@ -2217,13 +2231,14 @@ static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, talloc_zfree(filter); talloc_zfree(clean_orig_dn); if (ret != EOK && ret != ENOENT) { - DEBUG(1, "Error checking cache for user entry\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Error checking cache for user entry\n"); goto done; } else if (ret == EOK) { /* The entry is cached but expired. Update the username * if needed. */ if (count != 1) { - DEBUG(1, "More than one entry with this origDN? Skipping\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "More than one entry with this origDN? Skipping\n"); continue; } |