summaryrefslogtreecommitdiffstats
path: root/src/monitor
Commit message (Collapse)AuthorAgeFilesLines
* sbus: Add type-safe DBus method handlers and finish functionsStef Walter2014-06-033-12/+38
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Type safe method handlers allow methods not to have to do tedious unwrapping and wrapping of DBus method call messages or replies. Arguments of the following DBus types are supported in type-safe method handlers. In addition arrays of these are supported. y: uint8_t b: bool (but no arrays, yet) n: int16_t q: uint16_t i: int32_t u: uint32_t x: int64_t t: uint64_t d: double s: char * (utf8 string) o: char * (object path) As an exception, arrays of booleans are not supported, but could be added later. Other more complex types could be added later if desired. If a method has other argument types, then it must be marked as having a raw handler (see below). Internally each method can have a type specific invoker function which unpacks the incoming arguments and invokes the method handler with the correct arguments. Each method also has a finish which accepts the type-safe out arguments (ie: return values) and builds the reply message. Like other request 'finish' functions, these free the request talloc context, and are to be used in place of sbus_request_finish() or friends. Raw method handlers parse their own method arguments, and prepare their own reply (ideally using sbus_request_finish() helpers). They can also do strange things like have variable arguments. To mark a DBus method as having a raw method handler use the following annotation: <annotation name="org.freedesktop.sssd.RawHandler" value="true"/> Raw methods do not have invokers or finish functions. I've left all of the internal peer to peer communication using raw method handlers. No code changes here. (cherry picked from commit dff909d473f43a6bd0f0286fa2d279c0ebe945c6)
* IFP: Re-add the InfoPipe serverJakub Hrozek2014-06-031-1/+1
| | | | | | | | | | | | | | Related: https://fedorahosted.org/sssd/ticket/2072 This commit only adds the responder and the needed plumbing. No DBus related code is in yet. (cherry picked from commit cb4d5b588e704114b7090678752d33512baa718e) Conflicts: src/conf_macros.m4 src/confdb/confdb.h
* sbus: Refactor how we export DBus interfacesStef Walter2014-06-023-23/+28
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Most importantly, stop using per connection private data. This doesn't scale when you have more than one thing exporting or exported on a connection. Remove struct sbus_interface and expand sbus_conn_add_interface() function. Remove various struct sbus_interface args to connection initialization functions and make callers use sbus_conn_add_interface() directly. The old method was optimized for exporting one interface on a connection. We'll have connections that export zero, one or more interfaces. To export an interface on a DBus server, call sbus_conn_add_interface() from within the sbus_server_conn_init_fn. To export an interface on a DBus client, call sbus_conn_add_interface() after sbus_new_connection() returns. As before struct sbus_interface represents an object exported via DBus. However it is now talloc allocated. One can set instance data on the struct sbus_interface. This instance data is passed to the various handlers and used in their implementation. However, we now have type safe interface exporting in the various high level sss_process_init() sss_monitor_init() and so on. Introspection support was not in use, and is now gone until we implement it using the metadata (future patch). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> (cherry picked from commit 07e941c1bbdc752142bbd3b838c540bc7ecd0ed7)
* sbus: Add struct sbus_request to represent a DBus invocationStef Walter2014-06-023-66/+20
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | struct sbus_request represents a request from a dbus client being handled by a dbus server implementation. The struct contains the message, connection and method (and in the future teh property) which is being requested. In the future it will contain caller information as well. sbus_request is a talloc memory context, and is a good place to attach any allocations and memory specific to the request. Each handler accepts an sbus_request. If a handler returns EOK, it is assumed that the handler will finish the request. Any of the sbus_request_*finish() methods can be used to complete the request and send back a reply. sbus_request_return_and_finish() uses the same argument varargs syntax as dbus_message_append_args(), which isn't a great syntax. Document it a bit, but don't try to redesign: The marshalling work (will follow this patch set) will remove the need to use varargs for most DBus implementation code. This patch migrates the monitor and data provider dbus code to use sbus_request, but does not try to rework the talloc context's to use it. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> (cherry picked from commit d9577dbd92555b0755881e37724019ef9c578404) Conflicts: src/sbus/sssd_dbus.h
* sbus: Use constants to make dbus callsStef Walter2014-06-023-28/+11
| | | | | | | | | | | | This allows us to remove duplicated information, and have the compiler check that when an method name is changed or removed the callers are updated. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> (cherry picked from commit b668c77874c6fed325471bdcf5954979a0d734e2)
* sbus: Generate constants from interface definitionsStef Walter2014-06-021-0/+22
| | | | | | | | | | | | | | | This is not strictly necessary, but avoids duplicating data in mulitple places, and makes the interface definitions benefit dbus callers (a little). After applying this commit you may need to 'make clean' as the codegen has changed. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> (cherry picked from commit c2cc119de8eac712c040b3993f41c967ff2278de)
* sbus: Rework sbus to use interface metadata and vtablesStef Walter2014-06-025-7/+196
| | | | | | | | | | | | | | | | | | | | | Previous commits added support for interface metadata and handler vtables. This commit ports sbus_dbus_connection to use them. Port the internal uses of dbus to use the new scheme in a very minimal way. Further cleanup is possible here. This commit provides basic definitions of the internal dbus interfaces. The interfaces aren't fully defined, as the handlers will continue to unpack manually, and often overload DBus methods with different arguments (which is rather unorthodox, but not the end of the world). Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com> (cherry picked from commit 769347ad4d35d43488eb98f980143495b0db415d)
* MONITOR: Fix start up with empty standard inputLukas Slebodnik2014-05-121-0/+3
| | | | | | | | | | | | | The monitor process does not read data from standard input in. We can close file descriptor from stdin. [sssd] [server_stdin_handler] (0x0020): sssd: EOF on stdin - terminating Resolves: https://fedorahosted.org/sssd/ticket/2312 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> (cherry picked from commit 07a324c196c469d7bc47e9cb03bad919c3783ed0)
* Update DEBUG* invocations to use new levelsNikolai Kondrashov2014-05-023-95/+133
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Use a script (identical to commit 83bf46f4066e3d5e838a32357c201de9bd6ecdfd) to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done
* Make DEBUG macro invocations variadicNikolai Kondrashov2014-05-023-238/+238
| | | | | | | | | | | | | | | | | | | | | | | | | Use a script to update DEBUG macro invocations to use it as a variadic macro, supplying format string and its arguments directly, instead of wrapping them in parens. This script was used to update the code (identical to commit a3c8390d19593b1e5277d95bfb4ab206d4785150): grep -rwl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e \ 'use strict; use File::Slurp; my $text=read_file(\*STDIN); $text=~s#(\bDEBUG\s*\([^(]+)\((.*?)\)\s*\)\s*;#$1$2);#gs; print $text;' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> Reviewed-by: Simo Sorce <simo@redhat.com>
* MONITOR: Incorrect permissions on sssd.confPavel Reichl2014-02-111-1/+7
| | | | | | | | | | | Print user friendly warning when permissions on sssd.conf are incorrect and provide hint. Resolves: https://fedorahosted.org/sssd/ticket/2208 Reviewed-by: Stephen Gallagher <sgallagh@redhat.com> (cherry picked from commit b3cc9b98966fa2d90172348c334b3b70c5261ab3)
* monitor: Specific error message for missing sssd.confPavel Reichl2013-11-271-1/+7
| | | | | | | | Specific error message is logged for missing sssd.conf file. New sssd specific error value is introduced for this case. Resolves: https://fedorahosted.org/sssd/ticket/2156
* Convert IN_MULTICAST parameter to host orderJakub Hrozek2013-09-241-1/+1
| | | | | | | https://fedorahosted.org/sssd/ticket/2087 IN_MULTICAST accepts address in the host order, but network order was supplied.
* Fix formating of variables with type: uid_tLukas Slebodnik2013-09-112-3/+5
|
* AUTOTOOLS: More robust detection of inotify.Lukas Slebodnik2013-09-091-4/+4
| | | | | | | | | We checked only header file "sys/inotify" for detection whether inotify works. Some platforms do not have built in inotify, but contain library, which provides inotify-compatible interface. This patch adds more robust detection of inotify in configuration time and appends linker flags to Makefile if inotify is provided by library.
* MONITOR: Move function declaration out of conditional buildLukas Slebodnik2013-08-281-5/+6
| | | | | | | Function monitor_config_file_fallback was defined inside of conditional block "#ifdef HAVE_SYS_INOTIFY_H", but it was also used out of this block. This patch move declaration of function before start of conditional build section.
* Use brackets around macros.Lukas Slebodnik2013-08-221-4/+4
| | | | warnings reported by cppcheck.
* NSS: Clear cached netgroups if a request comes in from the sss_cacheLukas Slebodnik2013-08-081-0/+1
| | | | | | | In order for sss_cache to work correctly, we must also signal the nss responder to invalidate the hash table requests. https://fedorahosted.org/sssd/ticket/1759
* Revert "Implicitly activate the PAC responder for AD provider"Sumit Bose2013-06-261-2/+1
| | | | This reverts commit 7527ec8ab2b79ec576ace2da9e2c158b849adfa6.
* Implicitly activate the PAC responder for AD providerSumit Bose2013-06-061-1/+2
|
* Check NSCD configuration fileOndrej Kos2013-05-211-6/+26
| | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1785 nscd.conf file is now checked for the presence of caching settings for databases controlled by SSSD. Syslog warning is now written only if NSCD is running with interfering configuration or if configuration file couldn't be loaded. New configure option added to support non-standard locations --with-nscd-conf=PATH (defaultly set to /etc/nscd.conf) This is just a workaround until the following bugzilla is resolved: https://bugzilla.redhat.com/show_bug.cgi?id=963908
* DB: Switch to new libini_config APIOndrej Kos2013-04-261-2/+0
| | | | | | | https://fedorahosted.org/sssd/ticket/1786 Since we need to support the old interface as well, the configure scritp is modified and correct ini interface is chosen.
* Confusing error messages for invalid sssd.confAriel Barria2013-04-121-9/+11
| | | | | | | https://fedorahosted.org/sssd/ticket/1625 Amending errors messages and add other error codes to be more specific and avoid confusion.
* Improve syslog message when configuration cannot be loadedAriel Barria2013-04-021-1/+3
| | | | | | https://fedorahosted.org/sssd/ticket/1414 Error code was added and strerror(errno) to show cause in sss_log
* Provide libnl3 supportOndrej Kos2013-03-271-50/+100
| | | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/812 Update the monitor code to be using the new libnl3 API. Changed configure option --with-libnl By default, it tries to build with libnl3, if not found, then with libnl1, if this isn't found either, build proceeds without libnl, just with warning. Specifing --with-libnl=<libnl3|libnl1|no> checks for the specific given version, if not found, configure ends with error.
* Remove the alt_db_path parameter of sysdb_initMichal Zidek2013-03-051-1/+1
| | | | | | This parameter was never used. https://fedorahosted.org/sssd/ticket/1765
* Add function get_next_domain()Simo Sorce2013-02-101-5/+5
| | | | | | | Use this function instead of explicitly calling domain->next This function allows to get the next primary domain or to descend into the subdomains and replaces also get_next_dom_or_subdom()
* Refactor sysdb initializationSimo Sorce2013-01-151-2/+1
| | | | | | | | | | | | Change the way sysdbs are initialized. Make callers responsible for providing the list of domains. Remove the returned array of sysdb contexts, it was used only by sss_cache and not really necessary there either as that tool can easily iterate the domains. Make sysdb ctx children of their respective domains. Neither sysdb context nor domains are ever freed until a program is done so there shouldn't be any memory hierarchy issue. As plus we simplify the code by removing a destructor and a setter function.
* AUTOFS: Clear enum cache if a request comes in from the sss_cacheJakub Hrozek2012-12-182-0/+9
| | | | | In order for sss_cache to work correctly, we must also signal the autofs responder to invalidate the hash table requests.
* RESPONDERS: Create a common file with service names and versionsJakub Hrozek2012-12-181-1/+1
| | | | | | | The monitor sends calls different sbus methods to different responders. Instead of including headers of the particular responders directly in monitor, which breaks layering a little, create a common header file that will be included from src/responder/common/
* do not crash when id_provider is not setPavel Březina2012-12-041-0/+6
| | | | https://fedorahosted.org/sssd/ticket/1686
* Monitor quit when not exists no process no stopsAriel O. Barria2012-11-281-1/+3
| | | | https://fedorahosted.org/sssd/ticket/1669
* debug: print fatal and critical errors if debug level is unresolvedMichal Zidek2012-11-261-6/+0
| | | | | | | If global variable debug_level has value SSSDBG_UNRESOLVED, we should print at least fatal and critical errors. https://fedorahosted.org/sssd/ticket/1345
* Restart services with a delay in case they are restarted too oftenJakub Hrozek2012-11-191-14/+59
| | | | | | | | | | | | In case a service is restarted while the DP is not ready yet, it gets restarted again immediatelly, which means the DP might still not be ready. The allowed number of restarts is then depleted quickly. This patch changes the restart mechanism such that the first restart happens immediatelly, the second is scheduled after 2 second, then 4 etc.. https://fedorahosted.org/sssd/ticket/1528
* Display more information on DB version mismatchOndrej Kos2012-11-191-0/+1
| | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1589 Added check for determining, whether database version is higher or lower than expected. To distinguish it from other errors it uses following retun values (further used for appropriate error message): EMEDIUMTYPE for lower version than expected EUCLEAN for higher version than expected When SSSD or one of it's tools fails on DB version mismatch, new error message is showed suggesting how to proceed.
* Always start PAC responder if IPA ID provider is configuredSumit Bose2012-11-141-0/+72
| | | | | | | | Since the PAC responder is used during the authentication of users from trusted realms it is started automatically if the IPA ID provider is configured for a domain to simplify the configuration. Fixes https://fedorahosted.org/sssd/ticket/1613
* Monitor: Better debugging for ping timeoutsStephen Gallagher2012-11-081-0/+8
|
* create pid file immediately after fork againPavel Březina2012-11-061-25/+4
| | | | | | | | | | | | Related to https://fedorahosted.org/sssd/ticket/1357 We realized that sysv and systemd does not use pid file existence as a notification of finished initialization. Therefore, we create the pid file in server_setup() again. We are removing check_file() from monitor main(), it is handled by server_setup() during pid file creation. This check was previously included in e7dd2a5102ba6cfd28be6eccdd62768e9758d9f4.
* exit original process after sssd is initializedPavel Březina2012-11-061-0/+26
| | | | | | | | | | | | | | | https://fedorahosted.org/sssd/ticket/1357 Neither systemd or our init script use pid file as a notification that sssd is finished initializing. They will continue starting up next service right after the original (not daemonized) sssd process is terminated. If any of the responders fail to start, we will never terminate the original process via signal and "service sssd start" will hang. Thus we take this as an error and terminate the daemon with a non-zero value. This will also terminate the original process and init script or systemd will print failure.
* make monitor_quit() usable outside signal handlerPavel Březina2012-11-061-14/+26
|
* Monitor: read the correct SIGKILL timeout for providers, tooJakub Hrozek2012-11-011-33/+41
| | | | https://fedorahosted.org/sssd/ticket/1602
* Include talloc log in our debug facilityMichal Zidek2012-10-291-1/+1
| | | | https://fedorahosted.org/sssd/ticket/1495
* do not create pid file twicePavel Březina2012-10-051-1/+6
| | | | | | | | | | If a provider is terminated and the monitor tries to restart it, it goes again through mark_service_as_started() which will try to create pid file again because number of running services didn't change. Because the pid file cannot be created twice, it will not return EOK and the whole SSSD is terminated.
* Check for existing pidfile before starting the providersJakub Hrozek2012-10-041-17/+15
| | | | | | | | | After we switched to writing pidfile after the responders started, we forgot that starting a second SSSD instance would first overwrite the pipes and sockets and only then the SSSD would find out there already is a pidfile. This patch checks for existing pidfile before proceeding with startup.
* Change the log level of two DEBUG messages in check_domain_rangesJakub Hrozek2012-10-041-4/+5
| | | | https://fedorahosted.org/sssd/ticket/1562
* monitor: create pid file after all responders are startedPavel Březina2012-10-021-4/+36
| | | | https://fedorahosted.org/sssd/ticket/1357
* Fix few coding style issuesPavel Březina2012-10-021-3/+6
|
* sss_cache tool invalidates records in memory cache.Michal Zidek2012-09-242-1/+12
|
* Missing resolv.conf should be non-fatalAriel Barria2012-09-201-17/+43
| | | | https://fedorahosted.org/sssd/ticket/1371
* Remove obsolete commentSimo Sorce2012-09-121-5/+0
| | | | Made obsolete by commit e2d17ea806d273784b621583dd0490c2f69f237d