diff options
Diffstat (limited to 'src')
-rw-r--r-- | src/db/sysdb.h | 3 | ||||
-rw-r--r-- | src/db/sysdb_search.c | 24 | ||||
-rw-r--r-- | src/db/sysdb_views.c | 41 | ||||
-rw-r--r-- | src/responder/nss/nsssrv_cmd.c | 2 |
4 files changed, 44 insertions, 26 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index ebb1bbeda..f582f6a51 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -487,7 +487,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, struct ldb_message *obj, - struct ldb_message *override_obj); + struct ldb_message *override_obj, + const char **req_attrs); errno_t sysdb_add_group_member_overrides(struct sss_domain_info *domain, struct ldb_message *obj); diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c index dacbd239d..677257405 100644 --- a/src/db/sysdb_search.c +++ b/src/db/sysdb_search.c @@ -124,7 +124,8 @@ errno_t sysdb_getpwnam_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj->msgs[0], + NULL); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -229,7 +230,8 @@ errno_t sysdb_getpwuid_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj->msgs[0]); + override_obj == NULL ? NULL : override_obj->msgs[0], + NULL); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -314,7 +316,8 @@ int sysdb_enumpwent_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { for (c = 0; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); /* enumeration assumes that the cache is up-to-date, hence we do not * need to handle ENOENT separately. */ if (ret != EOK) { @@ -426,7 +429,8 @@ int sysdb_getgrnam_with_views(TALLOC_CTX *mem_ctx, } ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -578,7 +582,8 @@ int sysdb_getgrgid_with_views(TALLOC_CTX *mem_ctx, } ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); goto done; @@ -734,7 +739,8 @@ int sysdb_enumgrent_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { for (c = 0; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); /* enumeration assumes that the cache is up-to-date, hence we do not * need to handle ENOENT separately. */ if (ret != EOK) { @@ -956,7 +962,8 @@ int sysdb_initgroups_with_views(TALLOC_CTX *mem_ctx, if (DOM_HAS_VIEWS(domain)) { /* Skip user entry because it already has override values added */ for (c = 1; c < res->count; c++) { - ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL); + ret = sysdb_add_overrides_to_object(domain, res->msgs[c], NULL, + NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); @@ -1083,7 +1090,8 @@ int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx, * the original object. */ if (DOM_HAS_VIEWS(domain) && orig_obj->count == 1) { ret = sysdb_add_overrides_to_object(domain, orig_obj->msgs[0], - override_obj == NULL ? NULL : override_obj ->msgs[0]); + override_obj == NULL ? NULL : override_obj ->msgs[0], + attrs); if (ret != EOK && ret != ENOENT) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); return ret; diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c index a42aa96ed..f2cf37023 100644 --- a/src/db/sysdb_views.c +++ b/src/db/sysdb_views.c @@ -948,6 +948,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, * @param[in] domain Domain struct, needed to access the cache * @oaram[in] obj The original object * @param[in] override_obj The object with the override data, may be NULL + * @param[in] req_attrs List of attributes to be requested, if not set a + * default list dependig on the object type will be used * * @return EOK - Override data was added successfully * @return ENOMEM - There was insufficient memory to complete the operation @@ -958,7 +960,8 @@ errno_t sysdb_search_group_override_by_gid(TALLOC_CTX *mem_ctx, */ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, struct ldb_message *obj, - struct ldb_message *override_obj) + struct ldb_message *override_obj, + const char **req_attrs) { int ret; const char *override_dn_str; @@ -983,7 +986,8 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, {NULL, NULL} }; size_t c; - const char *tmp_str; + size_t d; + struct ldb_message_element *tmp_el; tmp_ctx = talloc_new(NULL); if (tmp_ctx == NULL) { @@ -1016,12 +1020,15 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, goto done; } - uid = ldb_msg_find_attr_as_uint64(obj, SYSDB_UIDNUM, 0); - if (uid == 0) { - /* No UID hence group object */ - attrs = group_attrs; - } else { - attrs = user_attrs; + attrs = req_attrs; + if (attrs == NULL) { + uid = ldb_msg_find_attr_as_uint64(obj, SYSDB_UIDNUM, 0); + if (uid == 0) { + /* No UID hence group object */ + attrs = group_attrs; + } else { + attrs = user_attrs; + } } ret = ldb_search(domain->sysdb->ldb, tmp_ctx, &res, override_dn, @@ -1050,14 +1057,16 @@ errno_t sysdb_add_overrides_to_object(struct sss_domain_info *domain, } for (c = 0; attr_map[c].attr != NULL; c++) { - tmp_str = ldb_msg_find_attr_as_string(override, attr_map[c].attr, NULL); - if (tmp_str != NULL) { - talloc_steal(obj, tmp_str); - ret = ldb_msg_add_string(obj, attr_map[c].new_attr, tmp_str); - if (ret != LDB_SUCCESS) { - DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_string failed.\n"); - ret = sysdb_error_to_errno(ret); - goto done; + tmp_el = ldb_msg_find_element(override, attr_map[c].attr); + if (tmp_el != NULL) { + for (d = 0; d < tmp_el->num_values; d++) { + ret = ldb_msg_add_steal_value(obj, attr_map[c].new_attr, + &tmp_el->values[d]); + if (ret != LDB_SUCCESS) { + DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_value failed.\n"); + ret = sysdb_error_to_errno(ret); + goto done; + } } } } diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index b100aae08..ff7b6a334 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -4064,7 +4064,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) if (ret == EOK && DOM_HAS_VIEWS(dom)) { for (c = 0; c < dctx->res->count; c++) { ret = sysdb_add_overrides_to_object(dom, dctx->res->msgs[c], - NULL); + NULL, NULL); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, "sysdb_add_overrides_to_object failed.\n"); |