summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/db/sysdb.h4
-rw-r--r--src/db/sysdb_ops.c49
-rw-r--r--src/tests/sysdb-tests.c12
3 files changed, 65 insertions, 0 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 2f73873f0..4d5ef0b47 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -812,6 +812,10 @@ int sysdb_delete_netgroup(struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *name);
+int sysdb_delete_by_sid(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str);
+
errno_t sysdb_attrs_to_list(TALLOC_CTX *mem_ctx,
struct sysdb_attrs **attrs,
int attr_count,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index ca23fadbf..094c27b7f 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2841,6 +2841,55 @@ done:
return ret;
}
+int sysdb_delete_by_sid(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sid_str)
+{
+ TALLOC_CTX *tmp_ctx;
+ struct ldb_result *res;
+ int ret;
+
+ if (!sid_str) return EINVAL;
+
+ tmp_ctx = talloc_new(NULL);
+ if (!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ ret = sysdb_search_object_by_sid(tmp_ctx, sysdb, domain,
+ sid_str, NULL, &res);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("search by sid failed: %d (%s)\n",
+ ret, strerror(ret)));
+ goto done;
+ }
+
+ if (res->count > 1) {
+ DEBUG(SSSDBG_FATAL_FAILURE, ("getbysid call returned more than one " \
+ "result !?!\n"));
+ ret = EIO;
+ goto done;
+ }
+
+ if (res->count == 0) {
+ /* No existing entry. Just quit. */
+ ret = EOK;
+ goto done;
+ }
+
+ ret = sysdb_delete_entry(sysdb, res->msgs[0]->dn, false);
+ if (ret != EOK) {
+ goto done;
+ }
+
+done:
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Error: %d (%s)\n", ret, strerror(ret)));
+ }
+ talloc_free(tmp_ctx);
+ return ret;
+}
+
/* ========= Authentication against cached password ============ */
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index 74b78917f..1c28526e0 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -4499,6 +4499,18 @@ START_TEST(test_sysdb_search_sid_str)
fail_unless(ret == EOK, "sysdb_search_group_by_sid_str failed with [%d][%s].",
ret, strerror(ret));
+ /* Delete the group by SID */
+ ret = sysdb_delete_by_sid(test_ctx->sysdb, test_ctx->domain, "S-1-2-3-4");
+ fail_unless(ret == EOK, "sysdb_delete_by_sid failed with [%d][%s].",
+ ret, strerror(ret));
+
+ /* Verify it's gone */
+ ret = sysdb_search_group_by_sid_str(test_ctx, test_ctx->sysdb,
+ test_ctx->domain, "S-1-2-3-4",
+ NULL, &msg);
+ fail_unless(ret == ENOENT, "sysdb_search_group_by_sid_str failed with [%d][%s].",
+ ret, strerror(ret));
+
talloc_free(msg);
msg = NULL;