| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
| |
sysdb_attrs_add_val_safe() works like sysdb_attrs_add_val() but checks
if the attribute value to add already exists. In this case the value
list is not changed. This is useful if values are added from different
sources at different times to avoid LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS
errors from ldb_modify() later on.
sysdb_attrs_add_string_safe() does the same for string arguments
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
The sysdb.c should be reserved for utility and setup functions. Search
functions belong to sysdb_search.c Keeping functions in specialized
modules helps to maintain nice dependencies and in overall makes unit
testing easier.
Moreover, the function was not unit tested, which needed fixing.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| | |
|
| |
|
|
|
|
|
| |
There is a test for NULL after calling talloc_strndup
and variable version was used a few times in strcmp before debug message.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2056
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use a script to update DEBUG* macro invocations, which use literal
numbers for levels, to use bitmask macros instead:
grep -rl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e 'use strict;
use File::Slurp;
my @map=qw"
SSSDBG_FATAL_FAILURE
SSSDBG_CRIT_FAILURE
SSSDBG_OP_FAILURE
SSSDBG_MINOR_FAILURE
SSSDBG_CONF_SETTINGS
SSSDBG_FUNC_DATA
SSSDBG_TRACE_FUNC
SSSDBG_TRACE_LIBS
SSSDBG_TRACE_INTERNAL
SSSDBG_TRACE_ALL
";
my $text=read_file(\*STDIN);
my $repl;
$text=~s/
^
(
.*
\b
(DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM)
\s*
\(\s*
)(
[0-9]
)(
\s*,
)
(
\s*
)
(
.*
)
$
/
$repl = $1.$map[$3].$4.$5.$6,
length($repl) <= 80
? $repl
: $1.$map[$3].$4."\n".(" " x length($1)).$6
/xmge;
print $text;
' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use a script to update DEBUG macro invocations to use it as a variadic
macro, supplying format string and its arguments directly, instead of
wrapping them in parens.
This script was used to update the code:
grep -rwl --include '*.[hc]' DEBUG . |
while read f; do
mv "$f"{,.orig}
perl -e \
'use strict;
use File::Slurp;
my $text=read_file(\*STDIN);
$text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs;
print $text;' < "$f.orig" > "$f"
rm "$f.orig"
done
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
|
| |
We use '_' as prefix for output parameters. In function
sysdb_get_rdn we wrongly used this prefix for input
parameter, which caused some confusion when reading
the code.
|
| | |
|
| | |
|
| |
|
|
|
|
| |
This parameter was never used.
https://fedorahosted.org/sssd/ticket/1765
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1818
I have here a LDAP user entry which has this attribute
loginAllowedTimeMap::
AAAAAAAAAP///38AAP///38AAP///38AAP///38AAP///38AAAAAAAAA
In the function sysdb_attrs_add_string(), called from
sdap_attrs_add_ldap_attr(), strlen() is called on this blob, which is
the wrong thing to do. The result of strlen is then used to populate
the .v_length member of a struct ldb_val - and this will set it to
zero in this case. (There is also the problem that there may not be
a '\0' at all in the blob.)
Subsequently, .v_length being 0 makes ldb_modify(), called from
sysdb_set_entry_attr(), return LDB_ERR_INVALID_ATTRIBUTE_SYNTAX. End
result is that users do not get stored in the sysdb, and programs like
`id` or `getent ...` show incomplete information.
The bug was encountered with sssd-1.8.5. sssd-1.5.11 seemed to behave
fine, but that may not mean that is the absolute lower boundary of
introduction of the problem.
|
| |
|
|
| |
Finally remove this upside-down dependency.
|
| |
|
|
|
| |
A sysdb contains now multiple domains, but the mpg property is a
property of a specific domain not of the underlying database.
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
|
| |
Also allows us to remove sysdb_subdom_get<pw/gr>nam() wrappers and restore
fqnames proper value in subdomains, by testing for a parent domain being
present or not.
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| | |
|
| |
|
|
|
| |
We are deprecating sysdb->domain so kill the function that gives access to
this member as we should stop relying on it being available (or correct).
|
| |
|
|
|
| |
Bring it out of sysdb, which will slowly remove internal dependencies on
domains and instead will always require them to be passed by callers.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Change the way sysdbs are initialized. Make callers responsible for providing
the list of domains.
Remove the returned array of sysdb contexts, it was used only by sss_cache
and not really necessary there either as that tool can easily iterate the
domains.
Make sysdb ctx children of their respective domains.
Neither sysdb context nor domains are ever freed until a program is done so
there shouldn't be any memory hierarchy issue. As plus we simplify the code by
removing a destructor and a setter function.
|
| |
|
|
|
|
|
|
| |
Currently only the LDB error code indicating that an entry already
exists is translated to EEXIST. To make debugging easier and return a
better indication of the reason for an error in the logs this patch
translates the LDB error code for an already existing attribute or value
to EEXIST as well.
|
| |
|
|
| |
https://fedorahosted.org/sssd/ticket/1674
|
| |
|
|
|
|
|
| |
In subdomains we have to use fully qualified usernames.
Unfortunately we have no other good option than simply removing
caches for users of subdomains.
This is because the memberof plugin does not support the rename operation.
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1589
Added check for determining, whether database version is higher or
lower than expected. To distinguish it from other errors it uses
following retun values (further used for appropriate error message):
EMEDIUMTYPE for lower version than expected
EUCLEAN for higher version than expected
When SSSD or one of it's tools fails on DB version mismatch, new error
message is showed suggesting how to proceed.
|
| |
|
|
|
| |
Add a help function which returns the ldb_dn object for the base dn of
the cache.
|
| | |
|
| |
|
|
|
| |
The domain can be read from the sysdb object. Removing the domain string
makes the API more self-contained.
|
| | |
|
| | |
|
| |
|
|
| |
Also rename it to sysdb_attrs_get_el_ext()
|
| | |
|
| | |
|
| |
|
|
|
| |
This function copies all values from one sysdb_attrs structure to
another
|
| |
|
|
|
|
|
|
|
|
|
|
| |
It is remotely possible to have sysdb in an inconsistent state that
might need upgrade. Consider scenario when user asks for group
information. Some fake users are added as a part of this operation.
Before users can be fully resolved and stored properly, SSSD is shut
down and upgrade is performed.
In this case we need to go over all fake user records (uidNumber=0) and
replace each of them with ghost record in all group objects that are stated in
its memberof attribute.
|
| |
|
|
|
| |
In addition to testing the number of elements, also check the return
value of sysdb_attrs_get_el.
|
| | |
|
| | |
|
