From 46c28ba3044c2121c2c0af4493ac655dcb41e0e6 Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Wed, 12 Feb 2014 10:12:59 -0500 Subject: Update DEBUG* invocations to use new levels Use a script (identical to commit 83bf46f4066e3d5e838a32357c201de9bd6ecdfd) to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done --- src/db/sysdb_ops.c | 174 +++++++++++++++++++++++++++++------------------------ 1 file changed, 96 insertions(+), 78 deletions(-) (limited to 'src/db/sysdb_ops.c') diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index f2f4e62b3..da52cf806 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -132,7 +132,7 @@ int sysdb_delete_entry(struct sysdb_ctx *sysdb, } /* fall through */ default: - DEBUG(1, "LDB Error: %s(%d)\nError Message: [%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "LDB Error: %s(%d)\nError Message: [%s]\n", ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)); return sysdb_error_to_errno(ret); } @@ -170,7 +170,8 @@ int sysdb_delete_recursive(struct sysdb_ctx *sysdb, ret = EOK; } if (ret) { - DEBUG(6, "Search error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, + "Search error: %d (%s)\n", ret, strerror(ret)); } goto done; } @@ -181,7 +182,7 @@ int sysdb_delete_recursive(struct sysdb_ctx *sysdb, sizeof(struct ldb_message *), compare_ldb_dn_comp_num); for (i = 0; i < msgs_count; i++) { - DEBUG(9 ,"Trying to delete [%s].\n", + DEBUG(SSSDBG_TRACE_ALL ,"Trying to delete [%s].\n", ldb_dn_get_linearized(msgs[i]->dn)); ret = sysdb_delete_entry(sysdb, msgs[i]->dn, false); @@ -793,7 +794,8 @@ int sysdb_get_new_id(struct sysdb_ctx *sysdb, case EOK: new_id = get_attr_as_uint32(msgs[0], SYSDB_NEXTID); if (new_id == (uint32_t)(-1)) { - DEBUG(1, "Invalid Next ID in domain %s\n", domain->name); + DEBUG(SSSDBG_CRIT_FAILURE, + "Invalid Next ID in domain %s\n", domain->name); ret = ERANGE; goto done; } @@ -803,7 +805,8 @@ int sysdb_get_new_id(struct sysdb_ctx *sysdb, } if ((domain->id_max != 0) && (new_id > domain->id_max)) { - DEBUG(0, "Failed to allocate new id, out of range (%u/%u)\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to allocate new id, out of range (%u/%u)\n", new_id, domain->id_max); ret = ERANGE; goto done; @@ -838,7 +841,7 @@ int sysdb_get_new_id(struct sysdb_ctx *sysdb, SYSDB_GIDNUM, new_id); } if (!filter) { - DEBUG(6, "Error: Out of memory\n"); + DEBUG(SSSDBG_TRACE_FUNC, "Error: Out of memory\n"); ret = ENOMEM; goto done; } @@ -863,7 +866,8 @@ int sysdb_get_new_id(struct sysdb_ctx *sysdb, /* check again we are not falling out of range */ if ((domain->id_max != 0) && (new_id > domain->id_max)) { - DEBUG(0, "Failed to allocate new id, out of range (%u/%u)\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to allocate new id, out of range (%u/%u)\n", new_id, domain->id_max); ret = ERANGE; goto done; @@ -883,7 +887,7 @@ int sysdb_get_new_id(struct sysdb_ctx *sysdb, /* finally store the new next id */ msg = ldb_msg_new(tmp_ctx); if (!msg) { - DEBUG(6, "Error: Out of memory\n"); + DEBUG(SSSDBG_TRACE_FUNC, "Error: Out of memory\n"); ret = ENOMEM; goto done; } @@ -908,7 +912,7 @@ done: ldb_transaction_cancel(sysdb->ldb); } if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -989,7 +993,7 @@ int sysdb_add_basic_user(struct sysdb_ctx *sysdb, done: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -1199,7 +1203,8 @@ int sysdb_add_user(struct sysdb_ctx *sysdb, if (domain->mpg) { if (gid != 0) { - DEBUG(0, "Cannot add user with arbitrary GID in MPG domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Cannot add user with arbitrary GID in MPG domain!\n"); return EINVAL; } gid = uid; @@ -1324,7 +1329,7 @@ done: ret = ldb_transaction_commit(sysdb->ldb); ret = sysdb_error_to_errno(ret); } else { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); ldb_transaction_cancel(sysdb->ldb); } talloc_zfree(tmp_ctx); @@ -1377,7 +1382,7 @@ int sysdb_add_basic_group(struct sysdb_ctx *sysdb, done: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -1491,7 +1496,7 @@ done: ret = ldb_transaction_commit(sysdb->ldb); ret = sysdb_error_to_errno(ret); } else { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); ldb_transaction_cancel(sysdb->ldb); } talloc_zfree(tmp_ctx); @@ -1554,7 +1559,7 @@ int sysdb_add_incomplete_group(struct sysdb_ctx *sysdb, done: if (ret != EOK) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -1598,7 +1603,7 @@ int sysdb_mod_group_member(struct sysdb_ctx *sysdb, fail: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(msg); return ret; @@ -1647,7 +1652,7 @@ int sysdb_add_basic_netgroup(struct sysdb_ctx *sysdb, done: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(msg); return ret; @@ -1722,7 +1727,7 @@ done: } if (ret != EOK) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); ldb_transaction_cancel(sysdb->ldb); } talloc_zfree(tmp_ctx); @@ -1871,7 +1876,8 @@ int sysdb_store_user(struct sysdb_ctx *sysdb, SYSDB_MEMBER_USER, remove_attrs); if (ret != EOK) { - DEBUG(4, "Could not remove missing attributes\n"); + DEBUG(SSSDBG_CONF_SETTINGS, + "Could not remove missing attributes\n"); } } @@ -1893,7 +1899,7 @@ fail: } if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -1995,7 +2001,7 @@ int sysdb_store_group(struct sysdb_ctx *sysdb, done: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -2098,13 +2104,13 @@ int sysdb_cache_password(struct sysdb_ctx *sysdb, ret = s3crypt_gen_salt(tmp_ctx, &salt); if (ret) { - DEBUG(4, "Failed to generate random salt.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Failed to generate random salt.\n"); goto fail; } ret = s3crypt_sha512(tmp_ctx, password, salt, &hash); if (ret) { - DEBUG(4, "Failed to create password hash.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Failed to create password hash.\n"); goto fail; } @@ -2135,7 +2141,7 @@ int sysdb_cache_password(struct sysdb_ctx *sysdb, fail: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_zfree(tmp_ctx); return ret; @@ -2161,11 +2167,11 @@ int sysdb_search_custom(TALLOC_CTX *mem_ctx, basedn = sysdb_custom_subtree_dn(sysdb, mem_ctx, domain, subtree_name); if (basedn == NULL) { - DEBUG(1, "sysdb_custom_subtree_dn failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_custom_subtree_dn failed.\n"); return ENOMEM; } if (!ldb_dn_validate(basedn)) { - DEBUG(1, "Failed to create DN.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create DN.\n"); return EINVAL; } @@ -2202,12 +2208,12 @@ int sysdb_search_custom_by_name(TALLOC_CTX *mem_ctx, basedn = sysdb_custom_dn(sysdb, tmp_ctx, domain, object_name, subtree_name); if (basedn == NULL) { - DEBUG(1, "sysdb_custom_dn failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_custom_dn failed.\n"); ret = ENOMEM; goto done; } if (!ldb_dn_validate(basedn)) { - DEBUG(1, "Failed to create DN.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create DN.\n"); ret = EINVAL; goto done; } @@ -2219,7 +2225,7 @@ int sysdb_search_custom_by_name(TALLOC_CTX *mem_ctx, } if (count > 1) { - DEBUG(1, "More than one result found.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "More than one result found.\n"); ret = EFAULT; goto done; } @@ -2286,7 +2292,7 @@ int sysdb_store_custom(struct sysdb_ctx *sysdb, msg->dn = sysdb_custom_dn(sysdb, tmp_ctx, domain, object_name, subtree_name); if (!msg->dn) { - DEBUG(1, "sysdb_custom_dn failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_custom_dn failed.\n"); ret = ENOMEM; goto done; } @@ -2318,14 +2324,14 @@ int sysdb_store_custom(struct sysdb_ctx *sysdb, ret = ldb_modify(sysdb->ldb, msg); } if (ret != LDB_SUCCESS) { - DEBUG(1, "Failed to store custom entry: %s(%d)[%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to store custom entry: %s(%d)[%s]\n", ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)); ret = sysdb_error_to_errno(ret); } done: if (ret) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); ldb_transaction_cancel(sysdb->ldb); } else { ret = ldb_transaction_commit(sysdb->ldb); @@ -2358,7 +2364,7 @@ int sysdb_delete_custom(struct sysdb_ctx *sysdb, dn = sysdb_custom_dn(sysdb, tmp_ctx, domain, object_name, subtree_name); if (dn == NULL) { - DEBUG(1, "sysdb_custom_dn failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_custom_dn failed.\n"); ret = ENOMEM; goto done; } @@ -2372,7 +2378,7 @@ int sysdb_delete_custom(struct sysdb_ctx *sysdb, break; default: - DEBUG(1, "LDB Error: %s(%d)\nError Message: [%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "LDB Error: %s(%d)\nError Message: [%s]\n", ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)); ret = sysdb_error_to_errno(ret); break; @@ -2501,14 +2507,14 @@ int sysdb_search_users(TALLOC_CTX *mem_ctx, basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_TMPL_USER_BASE, domain->name); if (!basedn) { - DEBUG(2, "Failed to build base dn\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n"); ret = ENOMEM; goto fail; } filter = talloc_asprintf(tmp_ctx, "(&(%s)%s)", SYSDB_UC, sub_filter); if (!filter) { - DEBUG(2, "Failed to build filter\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build filter\n"); ret = ENOMEM; goto fail; } @@ -2574,7 +2580,8 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb, c_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL); c_uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0); if (c_name == NULL || c_uid == 0) { - DEBUG(2, "Attribute is missing but this should never happen!\n"); + DEBUG(SSSDBG_OP_FAILURE, + "Attribute is missing but this should never happen!\n"); ret = EFAULT; goto fail; } @@ -2637,7 +2644,7 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb, return EOK; fail: - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); talloc_zfree(tmp_ctx); return ret; } @@ -2666,14 +2673,14 @@ int sysdb_search_groups(TALLOC_CTX *mem_ctx, basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_TMPL_GROUP_BASE, domain->name); if (!basedn) { - DEBUG(2, "Failed to build base dn\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n"); ret = ENOMEM; goto fail; } filter = talloc_asprintf(tmp_ctx, "(&(%s)%s)", SYSDB_GC, sub_filter); if (!filter) { - DEBUG(2, "Failed to build filter\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build filter\n"); ret = ENOMEM; goto fail; } @@ -2736,7 +2743,8 @@ int sysdb_delete_group(struct sysdb_ctx *sysdb, c_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL); c_gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GIDNUM, 0); if (c_name == NULL || c_gid == 0) { - DEBUG(2, "Attribute is missing but this should never happen!\n"); + DEBUG(SSSDBG_OP_FAILURE, + "Attribute is missing but this should never happen!\n"); ret = EFAULT; goto fail; } @@ -2756,7 +2764,7 @@ int sysdb_delete_group(struct sysdb_ctx *sysdb, return EOK; fail: - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); talloc_zfree(tmp_ctx); return ret; } @@ -2784,19 +2792,19 @@ int sysdb_search_netgroups(TALLOC_CTX *mem_ctx, basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_TMPL_NETGROUP_BASE, domain->name); if (!basedn) { - DEBUG(2, "Failed to build base dn\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n"); ret = ENOMEM; goto fail; } filter = talloc_asprintf(tmp_ctx, "(&(%s)%s)", SYSDB_NC, sub_filter); if (!filter) { - DEBUG(2, "Failed to build filter\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to build filter\n"); ret = ENOMEM; goto fail; } - DEBUG(6, "Search netgroups with filter: %s\n", filter); + DEBUG(SSSDBG_TRACE_FUNC, "Search netgroups with filter: %s\n", filter); ret = sysdb_search_entry(mem_ctx, sysdb, basedn, LDB_SCOPE_SUBTREE, filter, attrs, @@ -2838,11 +2846,13 @@ int sysdb_delete_netgroup(struct sysdb_ctx *sysdb, ret = sysdb_search_netgroup_by_name(tmp_ctx, sysdb, domain, name, NULL, &msg); if (ret != EOK && ret != ENOENT) { - DEBUG(6, "sysdb_search_netgroup_by_name failed: %d (%s)\n", + DEBUG(SSSDBG_TRACE_FUNC, + "sysdb_search_netgroup_by_name failed: %d (%s)\n", ret, strerror(ret)); goto done; } else if (ret == ENOENT) { - DEBUG(6, "Netgroup does not exist, nothing to delete\n"); + DEBUG(SSSDBG_TRACE_FUNC, + "Netgroup does not exist, nothing to delete\n"); ret = EOK; goto done; } @@ -2854,7 +2864,7 @@ int sysdb_delete_netgroup(struct sysdb_ctx *sysdb, done: if (ret != EOK) { - DEBUG(6, "Error: %d (%s)\n", ret, strerror(ret)); + DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret)); } talloc_free(tmp_ctx); return ret; @@ -2939,7 +2949,8 @@ errno_t check_failed_login_attempts(struct confdb_ctx *cdb, CONFDB_DEFAULT_PAM_FAILED_LOGIN_ATTEMPTS, &allowed_failed_login_attempts); if (ret != EOK) { - DEBUG(1, "Failed to read the number of allowed failed login " + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to read the number of allowed failed login " "attempts.\n"); ret = ERR_INTERNAL; goto done; @@ -2949,11 +2960,12 @@ errno_t check_failed_login_attempts(struct confdb_ctx *cdb, CONFDB_DEFAULT_PAM_FAILED_LOGIN_DELAY, &failed_login_delay); if (ret != EOK) { - DEBUG(1, "Failed to read the failed login delay.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to read the failed login delay.\n"); ret = ERR_INTERNAL; goto done; } - DEBUG(9, "Failed login attempts [%d], allowed failed login attempts [%d], " + DEBUG(SSSDBG_TRACE_ALL, + "Failed login attempts [%d], allowed failed login attempts [%d], " "failed login delay [%d].\n", *failed_login_attempts, allowed_failed_login_attempts, failed_login_delay); @@ -2962,17 +2974,18 @@ errno_t check_failed_login_attempts(struct confdb_ctx *cdb, if (failed_login_delay) { end = last_failed_login + (failed_login_delay * 60); if (end < time(NULL)) { - DEBUG(7, "failed_login_delay has passed, " + DEBUG(SSSDBG_TRACE_LIBS, "failed_login_delay has passed, " "resetting failed_login_attempts.\n"); *failed_login_attempts = 0; } else { - DEBUG(7, "login delayed until %lld.\n", (long long) end); + DEBUG(SSSDBG_TRACE_LIBS, + "login delayed until %lld.\n", (long long) end); *delayed_until = end; ret = ERR_AUTH_DENIED; goto done; } } else { - DEBUG(4, "Too many failed logins.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Too many failed logins.\n"); ret = ERR_AUTH_DENIED; goto done; } @@ -3013,22 +3026,22 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, int ret; if (name == NULL || *name == '\0') { - DEBUG(1, "Missing user name.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing user name.\n"); return EINVAL; } if (cdb == NULL) { - DEBUG(1, "Missing config db context.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing config db context.\n"); return EINVAL; } if (sysdb == NULL) { - DEBUG(1, "Missing sysdb db context.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing sysdb db context.\n"); return EINVAL; } if (!domain->cache_credentials) { - DEBUG(3, "Cached credentials not available.\n"); + DEBUG(SSSDBG_MINOR_FAILURE, "Cached credentials not available.\n"); return EINVAL; } @@ -3047,7 +3060,8 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, name, attrs, &ldb_msg); if (ret != EOK) { - DEBUG(1, "sysdb_search_user_by_name failed [%d][%s].\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "sysdb_search_user_by_name failed [%d][%s].\n", ret, strerror(ret)); if (ret == ENOENT) ret = ERR_ACCOUNT_UNKNOWN; goto done; @@ -3061,16 +3075,17 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = confdb_get_int(cdb, CONFDB_PAM_CONF_ENTRY, CONFDB_PAM_CRED_TIMEOUT, 0, &cred_expiration); if (ret != EOK) { - DEBUG(1, "Failed to read expiration time of offline credentials.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to read expiration time of offline credentials.\n"); goto done; } - DEBUG(9, "Offline credentials expiration is [%d] days.\n", + DEBUG(SSSDBG_TRACE_ALL, "Offline credentials expiration is [%d] days.\n", cred_expiration); if (cred_expiration) { expire_date = lastLogin + (cred_expiration * 86400); if (expire_date < time(NULL)) { - DEBUG(4, "Cached user entry is too old.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Cached user entry is too old.\n"); expire_date = 0; ret = ERR_CACHED_CREDS_EXPIRED; goto done; @@ -3082,7 +3097,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = check_failed_login_attempts(cdb, ldb_msg, &failed_login_attempts, &delayed_until); if (ret != EOK) { - DEBUG(1, "Failed to check login attempts\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to check login attempts\n"); goto done; } @@ -3090,28 +3105,28 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, userhash = ldb_msg_find_attr_as_string(ldb_msg, SYSDB_CACHEDPWD, NULL); if (userhash == NULL || *userhash == '\0') { - DEBUG(4, "Cached credentials not available.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Cached credentials not available.\n"); ret = ERR_NO_CACHED_CREDS; goto done; } ret = s3crypt_sha512(tmp_ctx, password, userhash, &comphash); if (ret) { - DEBUG(4, "Failed to create password hash.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Failed to create password hash.\n"); ret = ERR_INTERNAL; goto done; } update_attrs = sysdb_new_attrs(tmp_ctx); if (update_attrs == NULL) { - DEBUG(1, "sysdb_new_attrs failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_new_attrs failed.\n"); ret = ENOMEM; goto done; } if (strcmp(userhash, comphash) == 0) { /* TODO: probable good point for audit logging */ - DEBUG(4, "Hashes do match!\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Hashes do match!\n"); authentication_successful = true; if (just_check) { @@ -3122,7 +3137,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = sysdb_attrs_add_time_t(update_attrs, SYSDB_LAST_LOGIN, time(NULL)); if (ret != EOK) { - DEBUG(3, "sysdb_attrs_add_time_t failed, " + DEBUG(SSSDBG_MINOR_FAILURE, "sysdb_attrs_add_time_t failed, " "but authentication is successful.\n"); ret = EOK; goto done; @@ -3131,7 +3146,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = sysdb_attrs_add_uint32(update_attrs, SYSDB_FAILED_LOGIN_ATTEMPTS, 0U); if (ret != EOK) { - DEBUG(3, "sysdb_attrs_add_uint32 failed, " + DEBUG(SSSDBG_MINOR_FAILURE, "sysdb_attrs_add_uint32 failed, " "but authentication is successful.\n"); ret = EOK; goto done; @@ -3139,14 +3154,14 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, } else { - DEBUG(4, "Authentication failed.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Authentication failed.\n"); authentication_successful = false; ret = sysdb_attrs_add_time_t(update_attrs, SYSDB_LAST_FAILED_LOGIN, time(NULL)); if (ret != EOK) { - DEBUG(3, "sysdb_attrs_add_time_t failed\n."); + DEBUG(SSSDBG_MINOR_FAILURE, "sysdb_attrs_add_time_t failed\n."); goto done; } @@ -3154,7 +3169,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, SYSDB_FAILED_LOGIN_ATTEMPTS, ++failed_login_attempts); if (ret != EOK) { - DEBUG(3, "sysdb_attrs_add_uint32 failed.\n"); + DEBUG(SSSDBG_MINOR_FAILURE, "sysdb_attrs_add_uint32 failed.\n"); goto done; } } @@ -3162,7 +3177,8 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, ret = sysdb_set_user_attr(sysdb, domain, name, update_attrs, LDB_FLAG_MOD_REPLACE); if (ret) { - DEBUG(1, "Failed to update Login attempt information!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to update Login attempt information!\n"); } done: @@ -3178,7 +3194,7 @@ done: ret = ldb_transaction_commit(sysdb->ldb); ret = sysdb_error_to_errno(ret); if (ret) { - DEBUG(2, "Failed to commit transaction!\n"); + DEBUG(SSSDBG_OP_FAILURE, "Failed to commit transaction!\n"); } } if (authentication_successful) { @@ -3212,7 +3228,7 @@ static errno_t sysdb_update_members_ex(struct sysdb_ctx *sysdb, ret = sysdb_transaction_start(sysdb); if (ret != EOK) { - DEBUG(0, "Failed to start update transaction\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to start update transaction\n"); goto done; } @@ -3224,7 +3240,8 @@ static errno_t sysdb_update_members_ex(struct sysdb_ctx *sysdb, ret = sysdb_add_group_member(sysdb, domain, add_groups[i], member, type, is_dn); if (ret != EOK) { - DEBUG(1, "Could not add member [%s] to group [%s]. " + DEBUG(SSSDBG_CRIT_FAILURE, + "Could not add member [%s] to group [%s]. " "Skipping.\n", member, add_groups[i]); /* Continue on, we should try to finish the rest */ } @@ -3237,7 +3254,8 @@ static errno_t sysdb_update_members_ex(struct sysdb_ctx *sysdb, ret = sysdb_remove_group_member(sysdb, domain, del_groups[i], member, type, is_dn); if (ret != EOK) { - DEBUG(1, "Could not remove member [%s] from group [%s]. " + DEBUG(SSSDBG_CRIT_FAILURE, + "Could not remove member [%s] from group [%s]. " "Skipping\n", member, del_groups[i]); /* Continue on, we should try to finish the rest */ } @@ -3336,7 +3354,7 @@ errno_t sysdb_remove_attrs(struct sysdb_ctx *sysdb, if (strcasecmp(remove_attrs[i], SYSDB_MEMBEROF) == 0) { continue; } - DEBUG(8, "Removing attribute [%s] from [%s]\n", + DEBUG(SSSDBG_TRACE_INTERNAL, "Removing attribute [%s] from [%s]\n", remove_attrs[i], name); lret = ldb_msg_add_empty(msg, remove_attrs[i], LDB_FLAG_MOD_DELETE, NULL); -- cgit