summaryrefslogtreecommitdiffstats
path: root/src/providers
diff options
context:
space:
mode:
Diffstat (limited to 'src/providers')
-rw-r--r--src/providers/data_provider_be.c2
-rw-r--r--src/providers/ipa/ipa_autofs.c62
-rw-r--r--src/providers/ipa/ipa_common.c116
-rw-r--r--src/providers/ipa/ipa_common.h14
-rw-r--r--src/providers/ipa/ipa_init.c26
-rw-r--r--src/providers/ldap/ldap_common.h3
6 files changed, 195 insertions, 28 deletions
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index a48ba107e..992ab3103 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -1893,7 +1893,7 @@ int be_process_init(TALLOC_CTX *mem_ctx,
be_domain));
} else {
DEBUG(SSSDBG_TRACE_ALL, ("Session backend target successfully loaded "
- "from provider [%s].\n", ctx->bet_info[BET_SUDO].mod_name));
+ "from provider [%s].\n", ctx->bet_info[BET_SESSION].mod_name));
}
ret = load_backend_module(ctx, BET_HOSTID,
diff --git a/src/providers/ipa/ipa_autofs.c b/src/providers/ipa/ipa_autofs.c
new file mode 100644
index 000000000..f4262590f
--- /dev/null
+++ b/src/providers/ipa/ipa_autofs.c
@@ -0,0 +1,62 @@
+/*
+ SSSD
+
+ IPA Provider Initialization functions
+
+ Authors:
+ Simo Sorce <ssorce@redhat.com>
+
+ Copyright (C) 2009 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "util/child_common.h"
+#include "providers/ipa/ipa_common.h"
+#include "providers/krb5/krb5_auth.h"
+#include "providers/ipa/ipa_id.h"
+#include "providers/ipa/ipa_auth.h"
+#include "providers/ipa/ipa_access.h"
+#include "providers/ipa/ipa_dyndns.h"
+#include "providers/ipa/ipa_session.h"
+
+struct bet_ops ipa_autofs_ops = {
+ .handler = sdap_autofs_handler,
+ .finalize = NULL,
+ .check_online = sdap_check_online
+};
+
+int ipa_autofs_init(struct be_ctx *be_ctx,
+ struct ipa_id_ctx *id_ctx,
+ struct bet_ops **ops,
+ void **pvt_data)
+{
+ int ret;
+
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Initializing autofs LDAP back end\n"));
+
+ *ops = &ipa_autofs_ops;
+ *pvt_data = id_ctx->sdap_id_ctx;
+
+ DEBUG(0, ("sleeping\n"));
+
+ ret = ipa_get_autofs_options(id_ctx->ipa_options, be_ctx->cdb,
+ be_ctx->conf_path, &id_ctx->sdap_id_ctx->opts);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Cannot get IPA autofs options\n"));
+ return ret;
+ }
+
+ return ret;
+}
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
index 3620c35de..4fd448362 100644
--- a/src/providers/ipa/ipa_common.c
+++ b/src/providers/ipa/ipa_common.c
@@ -31,6 +31,7 @@
#include "providers/ldap/sdap_async_private.h"
#include "util/sss_krb5.h"
#include "db/sysdb_services.h"
+#include "db/sysdb_autofs.h"
struct dp_option ipa_basic_opts[] = {
{ "ipa_domain", DP_OPT_STRING, NULL_STRING, NULL_STRING },
@@ -44,7 +45,8 @@ struct dp_option ipa_basic_opts[] = {
{ "krb5_realm", DP_OPT_STRING, NULL_STRING, NULL_STRING},
{ "ipa_hbac_refresh", DP_OPT_NUMBER, { .number = 5 }, NULL_NUMBER },
{ "ipa_hbac_treat_deny_as", DP_OPT_STRING, { "DENY_ALL" }, NULL_STRING },
- { "ipa_hbac_support_srchost", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE }
+ { "ipa_hbac_support_srchost", DP_OPT_BOOL, BOOL_FALSE, BOOL_FALSE },
+ { "ipa_automount_location", DP_OPT_STRING, { "default" }, NULL_STRING }
};
struct dp_option ipa_def_ldap_opts[] = {
@@ -225,6 +227,17 @@ struct sdap_attr_map ipa_service_map[] = {
{ "ldap_service_entry_usn", NULL, SYSDB_USN, NULL }
};
+struct sdap_attr_map ipa_autofs_mobject_map[] = {
+ { "ldap_autofs_map_object_class", "automountMap", SYSDB_AUTOFS_MAP_OC, NULL },
+ { "ldap_autofs_map_name", "automountMapName", SYSDB_AUTOFS_MAP_NAME, NULL }
+};
+
+struct sdap_attr_map ipa_autofs_entry_map[] = {
+ { "ldap_autofs_entry_object_class", "automount", SYSDB_AUTOFS_ENTRY_OC, NULL },
+ { "ldap_autofs_entry_key", "automountKey", SYSDB_AUTOFS_ENTRY_KEY, NULL },
+ { "ldap_autofs_entry_value", "automountInformation", SYSDB_AUTOFS_ENTRY_VALUE, NULL },
+};
+
int ipa_get_options(TALLOC_CTX *memctx,
struct confdb_ctx *cdb,
const char *conf_path,
@@ -497,30 +510,6 @@ int ipa_get_id_options(struct ipa_options *ipa_opts,
if (ret != EOK) goto done;
if (NULL == dp_opt_get_string(ipa_opts->id->basic,
- SDAP_AUTOFS_SEARCH_BASE)) {
- value = talloc_asprintf(tmpctx, "cn=default,cn=automount,%s", basedn);
- if (!value) {
- ret = ENOMEM;
- goto done;
- }
-
- ret = dp_opt_set_string(ipa_opts->id->basic,
- SDAP_AUTOFS_SEARCH_BASE,
- value);
- if (ret != EOK) {
- goto done;
- }
-
- DEBUG(SSSDBG_TRACE_LIBS, ("Option %s set to %s\n",
- ipa_opts->id->basic[SDAP_AUTOFS_SEARCH_BASE].opt_name,
- dp_opt_get_string(ipa_opts->id->basic,
- SDAP_AUTOFS_SEARCH_BASE)));
- }
- ret = sdap_parse_search_base(ipa_opts->id, ipa_opts->id->basic,
- SDAP_AUTOFS_SEARCH_BASE,
- &ipa_opts->id->autofs_search_bases);
-
- if (NULL == dp_opt_get_string(ipa_opts->id->basic,
SDAP_SUDO_SEARCH_BASE)) {
#if 0
ret = dp_opt_set_string(ipa_opts->id->basic, SDAP_SUDO_SEARCH_BASE,
@@ -1024,3 +1013,80 @@ done:
return ret;
}
+int ipa_get_autofs_options(struct ipa_options *ipa_opts,
+ struct confdb_ctx *cdb,
+ const char *conf_path,
+ struct sdap_options **_opts)
+{
+ TALLOC_CTX *tmp_ctx;
+ char *basedn;
+ char *autofs_base;
+ errno_t ret;
+
+ tmp_ctx = talloc_new(NULL);
+ if (!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ ret = domain_to_basedn(tmp_ctx,
+ dp_opt_get_string(ipa_opts->basic, IPA_KRB5_REALM),
+ &basedn);
+ if (ret != EOK) {
+ goto done;
+ }
+
+ if (NULL == dp_opt_get_string(ipa_opts->id->basic,
+ SDAP_AUTOFS_SEARCH_BASE)) {
+
+ autofs_base = talloc_asprintf(tmp_ctx, "cn=%s,cn=automount,%s",
+ dp_opt_get_string(ipa_opts->basic,
+ IPA_AUTOMOUNT_LOCATION),
+ basedn);
+ if (!autofs_base) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = dp_opt_set_string(ipa_opts->id->basic,
+ SDAP_AUTOFS_SEARCH_BASE,
+ autofs_base);
+ if (ret != EOK) {
+ goto done;
+ }
+
+ DEBUG(SSSDBG_TRACE_LIBS, ("Option %s set to %s\n",
+ ipa_opts->id->basic[SDAP_AUTOFS_SEARCH_BASE].opt_name,
+ dp_opt_get_string(ipa_opts->id->basic,
+ SDAP_AUTOFS_SEARCH_BASE)));
+ }
+
+ ret = sdap_parse_search_base(ipa_opts->id, ipa_opts->id->basic,
+ SDAP_AUTOFS_SEARCH_BASE,
+ &ipa_opts->id->autofs_search_bases);
+
+ ret = sdap_get_map(ipa_opts->id, cdb, conf_path,
+ ipa_autofs_mobject_map,
+ SDAP_OPTS_AUTOFS_MAP,
+ &ipa_opts->id->autofs_mobject_map);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("Could not get autofs map object attribute map\n"));
+ return ret;
+ }
+
+ ret = sdap_get_map(ipa_opts->id, cdb, conf_path,
+ ipa_autofs_entry_map,
+ SDAP_OPTS_AUTOFS_ENTRY,
+ &ipa_opts->id->autofs_entry_map);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ ("Could not get autofs entry object attribute map\n"));
+ return ret;
+ }
+
+ *_opts = ipa_opts->id;
+ ret = EOK;
+done:
+ talloc_free(tmp_ctx);
+ return ret;
+}
diff --git a/src/providers/ipa/ipa_common.h b/src/providers/ipa/ipa_common.h
index 2d0e0e1d4..84c726c85 100644
--- a/src/providers/ipa/ipa_common.h
+++ b/src/providers/ipa/ipa_common.h
@@ -39,6 +39,9 @@ struct ipa_service {
#define IPA_OPTS_SVC_TEST 5
+#define IPA_OPTS_AUTOMNTMAP_TEST 2
+#define IPA_OPTS_AUTOMNTENTRY_TEST 3
+
/* the following define is used to keep track of the options in the krb5
* module, so that if they change and ipa is not updated correspondingly
* this will trigger a runtime abort error */
@@ -57,6 +60,7 @@ enum ipa_basic_opt {
IPA_HBAC_REFRESH,
IPA_HBAC_DENY_METHOD,
IPA_HBAC_SUPPORT_SRCHOST,
+ IPA_AUTOMOUNT_LOCATION,
IPA_OPTS_BASIC /* opts counter */
};
@@ -148,6 +152,16 @@ int ipa_get_auth_options(struct ipa_options *ipa_opts,
const char *conf_path,
struct dp_option **_opts);
+int ipa_get_autofs_options(struct ipa_options *ipa_opts,
+ struct confdb_ctx *cdb,
+ const char *conf_path,
+ struct sdap_options **_opts);
+
+int ipa_autofs_init(struct be_ctx *be_ctx,
+ struct ipa_id_ctx *id_ctx,
+ struct bet_ops **ops,
+ void **pvt_data);
+
int ipa_service_init(TALLOC_CTX *memctx, struct be_ctx *ctx,
const char *servers,
struct ipa_options *options,
diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c
index 1165048b2..20745c11f 100644
--- a/src/providers/ipa/ipa_init.c
+++ b/src/providers/ipa/ipa_init.c
@@ -180,8 +180,6 @@ int sssm_ipa_id_init(struct be_ctx *bectx,
}
}
-
-
ret = setup_tls_config(sdap_ctx->opts->basic);
if (ret != EOK) {
DEBUG(1, ("setup_tls_config failed [%d][%s].\n",
@@ -484,3 +482,27 @@ done:
return ret;
}
#endif
+
+int sssm_ipa_autofs_init(struct be_ctx *bectx,
+ struct bet_ops **ops,
+ void **pvt_data)
+{
+#ifdef BUILD_AUTOFS
+ struct ipa_id_ctx *id_ctx;
+ int ret;
+
+ DEBUG(SSSDBG_TRACE_INTERNAL, ("Initializing IPA autofs handler\n"));
+
+ ret = sssm_ipa_id_init(bectx, ops, (void **) &id_ctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("sssm_ipa_id_init failed.\n"));
+ return ret;
+ }
+
+ return ipa_autofs_init(bectx, id_ctx, ops, pvt_data);
+#else
+ DEBUG(SSSDBG_MINOR_FAILURE, ("Autofs init handler called but SSSD is "
+ "built without autofs support, ignoring\n"));
+ return EOK;
+#endif
+}
diff --git a/src/providers/ldap/ldap_common.h b/src/providers/ldap/ldap_common.h
index c377bcb67..c91257634 100644
--- a/src/providers/ldap/ldap_common.h
+++ b/src/providers/ldap/ldap_common.h
@@ -89,6 +89,9 @@ void sdap_pam_chpass_handler(struct be_req *breq);
/* access */
void sdap_pam_access_handler(struct be_req *breq);
+/* autofs */
+void sdap_autofs_handler(struct be_req *breq);
+
void sdap_handler_done(struct be_req *req, int dp_err,
int error, const char *errstr);
generated by cgit (git 2.34.1) at 2024-05-02 06:01:14 +0000