summaryrefslogtreecommitdiffstats
path: root/src
diff options
context:
space:
mode:
Diffstat (limited to 'src')
-rw-r--r--src/db/sysdb.h1
-rw-r--r--src/db/sysdb_ops.c3
-rw-r--r--src/providers/ipa/ipa_hbac_common.c1
-rw-r--r--src/providers/ipa/ipa_hbac_private.h1
-rw-r--r--src/providers/ipa/ipa_hbac_users.c4
-rw-r--r--src/providers/ldap/ldap_id_cleanup.c2
-rw-r--r--src/providers/ldap/sdap_async_groups.c16
-rw-r--r--src/providers/ldap/sdap_reinit.c23
-rw-r--r--src/tools/sss_cache.c3
9 files changed, 35 insertions, 19 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 96f329271..e180b6827 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -755,6 +755,7 @@ int sysdb_asq_search(TALLOC_CTX *mem_ctx,
int sysdb_search_users(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 6b5a1c40d..4a0ed57b2 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2346,6 +2346,7 @@ fail:
int sysdb_search_users(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
@@ -2362,7 +2363,7 @@ int sysdb_search_users(TALLOC_CTX *mem_ctx,
}
basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_USER_BASE, sysdb->domain->name);
+ SYSDB_TMPL_USER_BASE, domain->name);
if (!basedn) {
DEBUG(2, ("Failed to build base dn\n"));
ret = ENOMEM;
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index a4a411ca3..5cc96c4bb 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -314,6 +314,7 @@ hbac_attrs_to_rule(TALLOC_CTX *mem_ctx,
/* Get the users */
ret = hbac_user_attrs_to_rule(new_rule,
hbac_ctx_sysdb(hbac_ctx),
+ hbac_ctx->be_req->domain,
new_rule->name,
hbac_ctx->rules[idx],
&new_rule->users);
diff --git a/src/providers/ipa/ipa_hbac_private.h b/src/providers/ipa/ipa_hbac_private.h
index 4f2991609..b0a3dd633 100644
--- a/src/providers/ipa/ipa_hbac_private.h
+++ b/src/providers/ipa/ipa_hbac_private.h
@@ -147,6 +147,7 @@ get_ipa_servicegroupname(TALLOC_CTX *mem_ctx,
errno_t
hbac_user_attrs_to_rule(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *rule_name,
struct sysdb_attrs *rule_attrs,
struct hbac_rule_element **users);
diff --git a/src/providers/ipa/ipa_hbac_users.c b/src/providers/ipa/ipa_hbac_users.c
index e25de6ad0..7b59c321b 100644
--- a/src/providers/ipa/ipa_hbac_users.c
+++ b/src/providers/ipa/ipa_hbac_users.c
@@ -149,6 +149,7 @@ done:
errno_t
hbac_user_attrs_to_rule(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *rule_name,
struct sysdb_attrs *rule_attrs,
struct hbac_rule_element **users)
@@ -231,7 +232,8 @@ hbac_user_attrs_to_rule(TALLOC_CTX *mem_ctx,
}
/* First check if this is a user */
- ret = sysdb_search_users(tmp_ctx, sysdb, filter, attrs, &count, &msgs);
+ ret = sysdb_search_users(tmp_ctx, sysdb, domain,
+ filter, attrs, &count, &msgs);
if (ret != EOK && ret != ENOENT) goto done;
if (ret == EOK && count == 0) {
ret = ENOENT;
diff --git a/src/providers/ldap/ldap_id_cleanup.c b/src/providers/ldap/ldap_id_cleanup.c
index 9c2faabb2..6e138b31b 100644
--- a/src/providers/ldap/ldap_id_cleanup.c
+++ b/src/providers/ldap/ldap_id_cleanup.c
@@ -290,7 +290,7 @@ static int cleanup_users(TALLOC_CTX *memctx, struct sdap_id_ctx *ctx)
goto done;
}
- ret = sysdb_search_users(tmpctx, sysdb,
+ ret = sysdb_search_users(tmpctx, sysdb, ctx->be->domain,
subfilter, attrs, &count, &msgs);
if (ret) {
if (ret == ENOENT) {
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index 4fdacae66..fde83ee81 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -94,6 +94,7 @@ done:
static errno_t
sdap_get_members_with_primary_gid(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
gid_t gid, char ***_localdn, size_t *_ndn)
{
static const char *search_attrs[] = { SYSDB_NAME, NULL };
@@ -113,7 +114,7 @@ sdap_get_members_with_primary_gid(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
return ENOMEM;
}
- ret = sysdb_search_users(mem_ctx, sysdb, filter,
+ ret = sysdb_search_users(mem_ctx, sysdb, domain, filter,
search_attrs, &count, &msgs);
talloc_free(filter);
if (ret == ENOENT) {
@@ -148,7 +149,8 @@ sdap_get_members_with_primary_gid(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
static errno_t
sdap_dn_by_primary_gid(TALLOC_CTX *mem_ctx, struct sysdb_attrs *ldap_attrs,
- struct sysdb_ctx *sysdb, struct sdap_options *opts,
+ struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
+ struct sdap_options *opts,
char ***_dn_list, size_t *_count)
{
gid_t gid;
@@ -166,7 +168,7 @@ sdap_dn_by_primary_gid(TALLOC_CTX *mem_ctx, struct sysdb_attrs *ldap_attrs,
return ret;
}
- ret = sdap_get_members_with_primary_gid(mem_ctx, sysdb, gid,
+ ret = sdap_get_members_with_primary_gid(mem_ctx, sysdb, domain, gid,
_dn_list, _count);
if (ret) return ret;
@@ -660,7 +662,7 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx,
* are reported with tokenGroups, too
*/
if (opts->schema_type == SDAP_SCHEMA_AD) {
- ret = sdap_dn_by_primary_gid(memctx, attrs, ctx, opts,
+ ret = sdap_dn_by_primary_gid(memctx, attrs, ctx, dom, opts,
&userdns, &nuserdns);
if (ret != EOK) {
goto fail;
@@ -1201,7 +1203,7 @@ sdap_process_missing_member_2307(struct sdap_process_group_state *state,
goto done;
}
- ret = sysdb_search_users(tmp_ctx, state->sysdb, filter,
+ ret = sysdb_search_users(tmp_ctx, state->sysdb, state->dom, filter,
attrs, &count, &msgs);
if (ret == EOK && count > 0) {
/* Entry exists but the group references it with an alias. */
@@ -2147,7 +2149,7 @@ static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx,
ret = ENOMEM;
goto done;
}
- ret = sysdb_search_users(tmp_ctx, sysdb, filter,
+ ret = sysdb_search_users(tmp_ctx, sysdb, domain, filter,
search_attrs, &count, &msgs);
talloc_zfree(filter);
talloc_zfree(clean_orig_dn);
@@ -2981,7 +2983,7 @@ sdap_nested_group_check_cache(TALLOC_CTX *mem_ctx,
}
/* Try users first */
- ret = sysdb_search_users(tmp_ctx, sysdb, filter, attrs, &count, &msgs);
+ ret = sysdb_search_users(tmp_ctx, sysdb, dom, filter, attrs, &count, &msgs);
if (ret != EOK && ret != ENOENT) {
ret = EIO;
goto fail;
diff --git a/src/providers/ldap/sdap_reinit.c b/src/providers/ldap/sdap_reinit.c
index 4c75f6c36..cc836ae53 100644
--- a/src/providers/ldap/sdap_reinit.c
+++ b/src/providers/ldap/sdap_reinit.c
@@ -29,12 +29,15 @@
#include "db/sysdb_services.h"
struct sdap_reinit_cleanup_state {
+ struct sss_domain_info *domain;
struct sysdb_ctx *sysdb;
};
-static errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb);
+static errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain);
static void sdap_reinit_cleanup_done(struct tevent_req *subreq);
-static errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb);
+static errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain);
struct tevent_req* sdap_reinit_cleanup_send(TALLOC_CTX *mem_ctx,
struct be_ctx *be_ctx,
@@ -61,6 +64,7 @@ struct tevent_req* sdap_reinit_cleanup_send(TALLOC_CTX *mem_ctx,
}
state->sysdb = be_ctx->domain->sysdb;
+ state->domain = be_ctx->domain;
if (!be_ctx->domain->enumerate) {
/* enumeration is disabled, this whole process is meaningless */
@@ -68,7 +72,7 @@ struct tevent_req* sdap_reinit_cleanup_send(TALLOC_CTX *mem_ctx,
goto immediately;
}
- ret = sdap_reinit_clear_usn(state->sysdb);
+ ret = sdap_reinit_clear_usn(state->sysdb, state->domain);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to clear USN attributes [%d]: %s\n",
ret, strerror(ret)));
@@ -115,7 +119,8 @@ static void sdap_delete_msgs_usn(struct sysdb_ctx *sysdb,
}
}
-static errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb)
+static errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain)
{
TALLOC_CTX *tmp_ctx = NULL;
bool in_transaction = false;
@@ -138,7 +143,8 @@ static errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb)
in_transaction = true;
/* reset users' usn */
- ret = sysdb_search_users(tmp_ctx, sysdb, "", attrs, &msgs_num, &msgs);
+ ret = sysdb_search_users(tmp_ctx, sysdb, domain,
+ "", attrs, &msgs_num, &msgs);
if (ret != EOK) {
goto done;
}
@@ -211,7 +217,7 @@ static void sdap_reinit_cleanup_done(struct tevent_req *subreq)
/* This error is non-fatal, so continue */
}
- ret = sdap_reinit_delete_records(state->sysdb);
+ ret = sdap_reinit_delete_records(state->sysdb, state->domain);
if (ret != EOK) {
goto fail;
}
@@ -239,7 +245,8 @@ static void sdap_delete_msgs_dn(struct sysdb_ctx *sysdb,
}
}
-static errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb)
+static errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain)
{
TALLOC_CTX *tmp_ctx = NULL;
bool in_transaction = false;
@@ -262,7 +269,7 @@ static errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb)
in_transaction = true;
/* purge untouched users */
- ret = sysdb_search_users(tmp_ctx, sysdb, "(!("SYSDB_USN"=*))",
+ ret = sysdb_search_users(tmp_ctx, sysdb, domain, "(!("SYSDB_USN"=*))",
attrs, &msgs_num, &msgs);
if (ret != EOK) {
goto done;
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index 9c08b9a2a..0c6112cca 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -292,7 +292,8 @@ static bool invalidate_entries(TALLOC_CTX *ctx,
switch (entry_type) {
case TYPE_USER:
type_string = "user";
- ret = sysdb_search_users(ctx, sysdb, filter, attrs, &msg_count, &msgs);
+ ret = sysdb_search_users(ctx, sysdb, dinfo,
+ filter, attrs, &msg_count, &msgs);
break;
case TYPE_GROUP:
type_string = "group";