From 83bf46f4066e3d5e838a32357c201de9bd6ecdfd Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Wed, 12 Feb 2014 10:12:59 -0500 Subject: Update DEBUG* invocations to use new levels Use a script to update DEBUG* macro invocations, which use literal numbers for levels, to use bitmask macros instead: grep -rl --include '*.[hc]' DEBUG . | while read f; do mv "$f"{,.orig} perl -e 'use strict; use File::Slurp; my @map=qw" SSSDBG_FATAL_FAILURE SSSDBG_CRIT_FAILURE SSSDBG_OP_FAILURE SSSDBG_MINOR_FAILURE SSSDBG_CONF_SETTINGS SSSDBG_FUNC_DATA SSSDBG_TRACE_FUNC SSSDBG_TRACE_LIBS SSSDBG_TRACE_INTERNAL SSSDBG_TRACE_ALL "; my $text=read_file(\*STDIN); my $repl; $text=~s/ ^ ( .* \b (DEBUG|DEBUG_PAM_DATA|DEBUG_GR_MEM) \s* \(\s* )( [0-9] )( \s*, ) ( \s* ) ( .* ) $ / $repl = $1.$map[$3].$4.$5.$6, length($repl) <= 80 ? $repl : $1.$map[$3].$4."\n".(" " x length($1)).$6 /xmge; print $text; ' < "$f.orig" > "$f" rm "$f.orig" done Reviewed-by: Jakub Hrozek Reviewed-by: Stephen Gallagher Reviewed-by: Simo Sorce --- src/responder/common/negcache.c | 42 ++++--- src/responder/common/responder_cmd.c | 3 +- src/responder/common/responder_common.c | 80 ++++++++----- src/responder/common/responder_dp.c | 11 +- src/responder/nss/nsssrv.c | 28 +++-- src/responder/nss/nsssrv_cmd.c | 204 ++++++++++++++++++++------------ src/responder/nss/nsssrv_netgroup.c | 94 +++++++++------ src/responder/nss/nsssrv_private.h | 4 +- src/responder/nss/nsssrv_services.c | 2 +- src/responder/pam/pam_LOCAL_domain.c | 37 +++--- src/responder/pam/pamsrv.c | 13 +- src/responder/pam/pamsrv_cmd.c | 105 +++++++++------- src/responder/pam/pamsrv_dp.c | 20 ++-- 13 files changed, 391 insertions(+), 252 deletions(-) (limited to 'src/responder') diff --git a/src/responder/common/negcache.c b/src/responder/common/negcache.c index eaf9373ad..88dd18fa5 100644 --- a/src/responder/common/negcache.c +++ b/src/responder/common/negcache.c @@ -82,7 +82,7 @@ static int sss_ncache_check_str(struct sss_nc_ctx *ctx, char *str, int ttl) char *ep; int ret; - DEBUG(8, "Checking negative cache for [%s]\n", str); + DEBUG(SSSDBG_TRACE_INTERNAL, "Checking negative cache for [%s]\n", str); data.dptr = NULL; @@ -157,12 +157,12 @@ static int sss_ncache_set_str(struct sss_nc_ctx *ctx, ret = string_to_tdb_data(timest, &data); if (ret != EOK) goto done; - DEBUG(6, "Adding [%s] to negative cache%s\n", + DEBUG(SSSDBG_TRACE_FUNC, "Adding [%s] to negative cache%s\n", str, permanent?" permanently":""); ret = tdb_store(ctx->tdb, key, data, TDB_REPLACE); if (ret != 0) { - DEBUG(1, "Negative cache failed to set entry: [%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Negative cache failed to set entry: [%s]\n", tdb_errorstr(ctx->tdb)); ret = EFAULT; } @@ -631,13 +631,15 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, filter_list[i], &domainname, &name); if (ret != EOK) { - DEBUG(1, "Invalid name in filterUsers list: [%s] (%d)\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Invalid name in filterUsers list: [%s] (%d)\n", filter_list[i], ret); continue; } if (domainname && strcmp(domainname, dom->name)) { - DEBUG(1, "Mismatch between domain name (%s) and name " + DEBUG(SSSDBG_CRIT_FAILURE, + "Mismatch between domain name (%s) and name " "set in FQN (%s), skipping user %s\n", dom->name, domainname, name); continue; @@ -645,7 +647,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent user filter for [%s]" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent user filter for [%s]" " (%d [%s])\n", filter_list[i], ret, strerror(ret)); continue; @@ -677,7 +680,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, rctx->default_domain, filter_list[i], &domainname, &name); if (ret != EOK) { - DEBUG(1, "Invalid name in filterUsers list: [%s] (%d)\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Invalid name in filterUsers list: [%s] (%d)\n", filter_list[i], ret); continue; } @@ -691,7 +695,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent user filter for [%s]" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent user filter for [%s]" " (%d [%s])\n", filter_list[i], ret, strerror(ret)); continue; @@ -700,7 +705,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { ret = sss_ncache_set_user(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent user filter for" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent user filter for" " [%s:%s] (%d [%s])\n", dom->name, filter_list[i], ret, strerror(ret)); @@ -729,13 +735,15 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, ret = sss_parse_name(tmpctx, dom->names, filter_list[i], &domainname, &name); if (ret != EOK) { - DEBUG(1, "Invalid name in filterGroups list: [%s] (%d)\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Invalid name in filterGroups list: [%s] (%d)\n", filter_list[i], ret); continue; } if (domainname && strcmp(domainname, dom->name)) { - DEBUG(1, "Mismatch betwen domain name (%s) and name " + DEBUG(SSSDBG_CRIT_FAILURE, + "Mismatch betwen domain name (%s) and name " "set in FQN (%s), skipping group %s\n", dom->name, domainname, name); continue; @@ -743,7 +751,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent group filter for [%s]" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent group filter for [%s]" " (%d [%s])\n", filter_list[i], ret, strerror(ret)); continue; @@ -775,7 +784,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, rctx->default_domain, filter_list[i], &domainname, &name); if (ret != EOK) { - DEBUG(1, "Invalid name in filterGroups list: [%s] (%d)\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Invalid name in filterGroups list: [%s] (%d)\n", filter_list[i], ret); continue; } @@ -789,7 +799,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent group filter for" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent group filter for" " [%s] (%d [%s])\n", filter_list[i], ret, strerror(ret)); continue; @@ -798,7 +809,8 @@ errno_t sss_ncache_prepopulate(struct sss_nc_ctx *ncache, for (dom = domain_list; dom; dom = get_next_domain(dom, false)) { ret = sss_ncache_set_group(ncache, true, dom, name); if (ret != EOK) { - DEBUG(1, "Failed to store permanent group filter for" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to store permanent group filter for" " [%s:%s] (%d [%s])\n", dom->name, filter_list[i], ret, strerror(ret)); diff --git a/src/responder/common/responder_cmd.c b/src/responder/common/responder_cmd.c index 1297ab8ce..1ac86fddf 100644 --- a/src/responder/common/responder_cmd.c +++ b/src/responder/common/responder_cmd.c @@ -117,7 +117,8 @@ int sss_cmd_get_version(struct cli_ctx *cctx) sss_packet_get_body(cctx->creq->in, &req_body, &req_blen); if (req_blen == sizeof(uint32_t)) { memcpy(&client_version, req_body, sizeof(uint32_t)); - DEBUG(5, "Received client version [%d].\n", client_version); + DEBUG(SSSDBG_FUNC_DATA, + "Received client version [%d].\n", client_version); i=0; while(cli_protocol_version[i].version>0) { diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c index 5e6d94d32..298994a96 100644 --- a/src/responder/common/responder_common.c +++ b/src/responder/common/responder_common.c @@ -59,7 +59,7 @@ static errno_t set_nonblocking(int fd) ferr = fcntl(fd, F_SETFL, v | O_NONBLOCK); if (ferr < 0) { error = errno; - DEBUG(0, "Unable to set fd non-blocking: [%d][%s]\n", + DEBUG(SSSDBG_FATAL_FAILURE, "Unable to set fd non-blocking: [%d][%s]\n", error, strerror(error)); return error; } @@ -80,7 +80,8 @@ static errno_t set_close_on_exec(int fd) ferr = fcntl(fd, F_SETFD, v | FD_CLOEXEC); if (ferr < 0) { error = errno; - DEBUG(0, "Unable to set fd close-on-exec: [%d][%s]\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to set fd close-on-exec: [%d][%s]\n", error, strerror(error)); return error; } @@ -119,11 +120,13 @@ static errno_t get_client_cred(struct cli_ctx *cctx) &client_cred_len); if (ret != EOK) { ret = errno; - DEBUG(1, "getsock failed [%d][%s].\n", ret, strerror(ret)); + DEBUG(SSSDBG_CRIT_FAILURE, + "getsock failed [%d][%s].\n", ret, strerror(ret)); return ret; } if (client_cred_len != sizeof(struct ucred)) { - DEBUG(1, "getsockopt returned unexpected message size.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "getsockopt returned unexpected message size.\n"); return ENOMSG; } @@ -131,7 +134,7 @@ static errno_t get_client_cred(struct cli_ctx *cctx) cctx->client_egid = client_cred.gid; cctx->client_pid = client_cred.pid; - DEBUG(9, "Client creds: euid[%d] egid[%d] pid[%d].\n", + DEBUG(SSSDBG_TRACE_ALL, "Client creds: euid[%d] egid[%d] pid[%d].\n", cctx->client_euid, cctx->client_egid, cctx->client_pid); #endif @@ -250,7 +253,7 @@ static void client_send(struct cli_ctx *cctx) return; } if (ret != EOK) { - DEBUG(0, "Failed to send data, aborting client!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to send data, aborting client!\n"); talloc_free(cctx); return; } @@ -278,7 +281,8 @@ static void client_recv(struct cli_ctx *cctx) if (!cctx->creq) { cctx->creq = talloc_zero(cctx, struct cli_request); if (!cctx->creq) { - DEBUG(0, "Failed to alloc request, aborting client!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to alloc request, aborting client!\n"); talloc_free(cctx); return; } @@ -288,7 +292,8 @@ static void client_recv(struct cli_ctx *cctx) ret = sss_packet_new(cctx->creq, SSS_PACKET_MAX_RECV_SIZE, 0, &cctx->creq->in); if (ret != EOK) { - DEBUG(0, "Failed to alloc request, aborting client!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to alloc request, aborting client!\n"); talloc_free(cctx); return; } @@ -302,7 +307,8 @@ static void client_recv(struct cli_ctx *cctx) /* execute command */ ret = client_cmd_execute(cctx, cctx->rctx->sss_cmds); if (ret != EOK) { - DEBUG(0, "Failed to execute request, aborting client!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to execute request, aborting client!\n"); talloc_free(cctx); } /* past this point cctx can be freed at any time by callbacks @@ -314,17 +320,18 @@ static void client_recv(struct cli_ctx *cctx) break; case EINVAL: - DEBUG(6, "Invalid data from client, closing connection!\n"); + DEBUG(SSSDBG_TRACE_FUNC, + "Invalid data from client, closing connection!\n"); talloc_free(cctx); break; case ENODATA: - DEBUG(5, "Client disconnected!\n"); + DEBUG(SSSDBG_FUNC_DATA, "Client disconnected!\n"); talloc_free(cctx); break; default: - DEBUG(6, "Failed to read request, aborting client!\n"); + DEBUG(SSSDBG_TRACE_FUNC, "Failed to read request, aborting client!\n"); talloc_free(cctx); } @@ -387,14 +394,16 @@ static void accept_fd_handler(struct tevent_context *ev, if (accept_ctx->is_private) { ret = stat(rctx->priv_sock_name, &stat_buf); if (ret == -1) { - DEBUG(1, "stat on privileged pipe failed: [%d][%s].\n", errno, + DEBUG(SSSDBG_CRIT_FAILURE, + "stat on privileged pipe failed: [%d][%s].\n", errno, strerror(errno)); return; } if ( ! (stat_buf.st_uid == 0 && stat_buf.st_gid == 0 && (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) { - DEBUG(1, "privileged pipe has an illegal status.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "privileged pipe has an illegal status.\n"); /* TODO: what is the best response to this condition? Terminate? */ return; } @@ -403,7 +412,8 @@ static void accept_fd_handler(struct tevent_context *ev, cctx = talloc_zero(rctx, struct cli_ctx); if (!cctx) { struct sockaddr_un addr; - DEBUG(0, "Out of memory trying to setup client context%s!\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Out of memory trying to setup client context%s!\n", accept_ctx->is_private ? " on privileged pipe": ""); /* accept and close to signal the client we have a problem */ memset(&addr, 0, sizeof(addr)); @@ -419,7 +429,7 @@ static void accept_fd_handler(struct tevent_context *ev, len = sizeof(cctx->addr); cctx->cfd = accept(fd, (struct sockaddr *)&cctx->addr, &len); if (cctx->cfd == -1) { - DEBUG(1, "Accept failed [%s]\n", strerror(errno)); + DEBUG(SSSDBG_CRIT_FAILURE, "Accept failed [%s]\n", strerror(errno)); talloc_free(cctx); return; } @@ -428,7 +438,7 @@ static void accept_fd_handler(struct tevent_context *ev, ret = get_client_cred(cctx); if (ret != EOK) { - DEBUG(2, "get_client_cred failed, " + DEBUG(SSSDBG_OP_FAILURE, "get_client_cred failed, " "client cred may not be available.\n"); } @@ -543,7 +553,7 @@ static int sss_dp_init(struct resp_ctx *rctx, /* Set up SBUS connection to the monitor */ ret = dp_get_sbus_address(be_conn, &be_conn->sbus_address, domain->name); if (ret != EOK) { - DEBUG(0, "Could not locate DP address.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Could not locate DP address.\n"); return ret; } ret = sbus_client_init(rctx, rctx->ev, @@ -551,7 +561,7 @@ static int sss_dp_init(struct resp_ctx *rctx, intf, &be_conn->conn, NULL, rctx); if (ret != EOK) { - DEBUG(0, "Failed to connect to monitor services.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to connect to monitor services.\n"); return ret; } @@ -562,7 +572,7 @@ static int sss_dp_init(struct resp_ctx *rctx, DATA_PROVIDER_VERSION, cli_name); if (ret != EOK) { - DEBUG(0, "Failed to identify to the DP!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to identify to the DP!\n"); return ret; } @@ -641,11 +651,13 @@ static int set_unix_socket(struct resp_ctx *rctx) unlink(rctx->sock_name); if (bind(rctx->lfd, (struct sockaddr *)&addr, sizeof(addr)) == -1) { - DEBUG(0,"Unable to bind on socket '%s'\n", rctx->sock_name); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to bind on socket '%s'\n", rctx->sock_name); goto failed; } if (listen(rctx->lfd, 10) != 0) { - DEBUG(0,"Unable to listen on socket '%s'\n", rctx->sock_name); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to listen on socket '%s'\n", rctx->sock_name); goto failed; } @@ -658,7 +670,7 @@ static int set_unix_socket(struct resp_ctx *rctx) TEVENT_FD_READ, accept_fd_handler, accept_ctx); if (!rctx->lfde) { - DEBUG(0, "Failed to queue handler on pipe\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to queue handler on pipe\n"); goto failed; } } @@ -691,11 +703,13 @@ static int set_unix_socket(struct resp_ctx *rctx) unlink(rctx->priv_sock_name); if (bind(rctx->priv_lfd, (struct sockaddr *)&addr, sizeof(addr)) == -1) { - DEBUG(0,"Unable to bind on socket '%s'\n", rctx->priv_sock_name); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to bind on socket '%s'\n", rctx->priv_sock_name); goto failed; } if (listen(rctx->priv_lfd, 10) != 0) { - DEBUG(0,"Unable to listen on socket '%s'\n", rctx->priv_sock_name); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to listen on socket '%s'\n", rctx->priv_sock_name); goto failed; } @@ -708,7 +722,8 @@ static int set_unix_socket(struct resp_ctx *rctx) TEVENT_FD_READ, accept_fd_handler, accept_ctx); if (!rctx->priv_lfde) { - DEBUG(0, "Failed to queue handler on privileged pipe\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to queue handler on privileged pipe\n"); goto failed; } } @@ -759,7 +774,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, rctx = talloc_zero(mem_ctx, struct resp_ctx); if (!rctx) { - DEBUG(0, "fatal error initializing resp_ctx\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing resp_ctx\n"); return ENOMEM; } rctx->ev = ev; @@ -805,7 +820,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_domains(rctx->cdb, &rctx->domains); if (ret != EOK) { - DEBUG(0, "fatal error setting up domain map\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error setting up domain map\n"); goto fail; } @@ -823,7 +838,7 @@ int sss_process_init(TALLOC_CTX *mem_ctx, svc_name, svc_version, rctx, &rctx->mon_conn); if (ret != EOK) { - DEBUG(0, "fatal error setting up message bus\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error setting up message bus\n"); goto fail; } @@ -843,7 +858,8 @@ int sss_process_init(TALLOC_CTX *mem_ctx, ret = sss_dp_init(rctx, dp_intf, cli_name, dom); if (ret != EOK) { - DEBUG(0, "fatal error setting up backend connector\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "fatal error setting up backend connector\n"); goto fail; } } @@ -851,14 +867,14 @@ int sss_process_init(TALLOC_CTX *mem_ctx, ret = sysdb_init(rctx, rctx->domains, false); if (ret != EOK) { SYSDB_VERSION_ERROR_DAEMON(ret); - DEBUG(0, "fatal error initializing resp_ctx\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing resp_ctx\n"); goto fail; } /* after all initializations we are ready to listen on our socket */ ret = set_unix_socket(rctx); if (ret != EOK) { - DEBUG(0, "fatal error initializing socket\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing socket\n"); goto fail; } diff --git a/src/responder/common/responder_dp.c b/src/responder/common/responder_dp.c index 396c80997..a9b4ae23a 100644 --- a/src/responder/common/responder_dp.c +++ b/src/responder/common/responder_dp.c @@ -142,18 +142,19 @@ void handle_requests_after_reconnect(struct resp_ctx *rctx) struct sss_dp_req *sdp_req; if (!rctx->dp_request_table) { - DEBUG(7, "No requests to handle after reconnect\n"); + DEBUG(SSSDBG_TRACE_LIBS, "No requests to handle after reconnect\n"); return; } ret = hash_values(rctx->dp_request_table, &count, &values); if (ret != HASH_SUCCESS) { - DEBUG(1, "hash_values failed, " + DEBUG(SSSDBG_CRIT_FAILURE, "hash_values failed, " "not all request might be handled after reconnect.\n"); return; } - DEBUG(7, "Will handle %lu requests after reconnect\n", count); + DEBUG(SSSDBG_TRACE_LIBS, + "Will handle %lu requests after reconnect\n", count); for (i=0; i SHELL_REALLOC_MAX) { - DEBUG(0, "Reached maximum number of shells [%d]. " + DEBUG(SSSDBG_FATAL_FAILURE, + "Reached maximum number of shells [%d]. " "Users may be denied access. " "Please check /etc/shells for sanity\n", SHELL_REALLOC_MAX); @@ -245,7 +246,8 @@ static int nss_get_config(struct nss_ctx *nctx, if (ret != EOK) goto done; if (nctx->cache_refresh_percent < 0 || nctx->cache_refresh_percent > 99) { - DEBUG(0,"Configuration error: entry_cache_nowait_percentage is " + DEBUG(SSSDBG_FATAL_FAILURE, + "Configuration error: entry_cache_nowait_percentage is " "invalid. Disabling feature.\n"); nctx->cache_refresh_percent = 0; } @@ -393,7 +395,7 @@ static void nss_dp_reconnect_init(struct sbus_connection *conn, /* Did we reconnect successfully? */ if (status == SBUS_RECONNECT_SUCCESS) { - DEBUG(1, "Reconnected to the Data Provider.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Reconnected to the Data Provider.\n"); /* Identify ourselves to the data provider */ ret = dp_common_send_id(be_conn->conn, @@ -407,7 +409,7 @@ static void nss_dp_reconnect_init(struct sbus_connection *conn, } /* Failed to reconnect */ - DEBUG(0, "Could not reconnect to %s provider.\n", + DEBUG(SSSDBG_FATAL_FAILURE, "Could not reconnect to %s provider.\n", be_conn->domain->name); /* FIXME: kill the frontend and let the monitor restart it ? */ @@ -446,14 +448,15 @@ int nss_process_init(TALLOC_CTX *mem_ctx, nctx = talloc_zero(rctx, struct nss_ctx); if (!nctx) { - DEBUG(0, "fatal error initializing nss_ctx\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing nss_ctx\n"); ret = ENOMEM; goto fail; } ret = sss_ncache_init(rctx, &nctx->ncache); if (ret != EOK) { - DEBUG(0, "fatal error initializing negative cache\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "fatal error initializing negative cache\n"); goto fail; } @@ -462,7 +465,7 @@ int nss_process_init(TALLOC_CTX *mem_ctx, ret = nss_get_config(nctx, cdb); if (ret != EOK) { - DEBUG(0, "fatal error getting nss config\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "fatal error getting nss config\n"); goto fail; } @@ -472,7 +475,8 @@ int nss_process_init(TALLOC_CTX *mem_ctx, CONFDB_SERVICE_RECON_RETRIES, 3, &max_retries); if (ret != EOK) { - DEBUG(0, "Failed to set up automatic reconnection\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to set up automatic reconnection\n"); goto fail; } @@ -493,7 +497,8 @@ int nss_process_init(TALLOC_CTX *mem_ctx, hret = sss_hash_create_ex(nctx, 10, &nctx->netgroups, 0, 0, 0, 0, netgroup_hash_delete_cb, NULL); if (hret != HASH_SUCCESS) { - DEBUG(0,"Unable to initialize netgroup hash table\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to initialize netgroup hash table\n"); ret = EIO; goto fail; } @@ -608,7 +613,8 @@ int main(int argc, const char *argv[]) ret = die_if_parent_died(); if (ret != EOK) { /* This is not fatal, don't return */ - DEBUG(2, "Could not set up to exit when parent process does\n"); + DEBUG(SSSDBG_OP_FAILURE, + "Could not set up to exit when parent process does\n"); } ret = nss_process_init(main_ctx, diff --git a/src/responder/nss/nsssrv_cmd.c b/src/responder/nss/nsssrv_cmd.c index ae21f1f92..e91093561 100644 --- a/src/responder/nss/nsssrv_cmd.c +++ b/src/responder/nss/nsssrv_cmd.c @@ -252,7 +252,7 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx, if (nctx->vetoed_shells) { for (i=0; nctx->vetoed_shells[i]; i++) { if (strcmp(nctx->vetoed_shells[i], user_shell) == 0) { - DEBUG(5, "The shell '%s' is vetoed. " + DEBUG(SSSDBG_FUNC_DATA, "The shell '%s' is vetoed. " "Using fallback\n", user_shell); return talloc_strdup(mem_ctx, nctx->shell_fallback); } @@ -262,14 +262,14 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx, if (nctx->etc_shells) { for (i=0; nctx->etc_shells[i]; i++) { if (strcmp(user_shell, nctx->etc_shells[i]) == 0) { - DEBUG(9, "Shell %s found in /etc/shells\n", + DEBUG(SSSDBG_TRACE_ALL, "Shell %s found in /etc/shells\n", nctx->etc_shells[i]); break; } } if (nctx->etc_shells[i]) { - DEBUG(9, "Using original shell '%s'\n", user_shell); + DEBUG(SSSDBG_TRACE_ALL, "Using original shell '%s'\n", user_shell); return talloc_strdup(mem_ctx, user_shell); } } @@ -277,14 +277,16 @@ static const char *get_shell_override(TALLOC_CTX *mem_ctx, if (nctx->allowed_shells) { for (i=0; nctx->allowed_shells[i]; i++) { if (strcmp(nctx->allowed_shells[i], user_shell) == 0) { - DEBUG(5, "The shell '%s' is allowed but does not exist. " + DEBUG(SSSDBG_FUNC_DATA, + "The shell '%s' is allowed but does not exist. " "Using fallback\n", user_shell); return talloc_strdup(mem_ctx, nctx->shell_fallback); } } } - DEBUG(5, "The shell '%s' is not allowed and does not exist.\n", + DEBUG(SSSDBG_FUNC_DATA, + "The shell '%s' is not allowed and does not exist.\n", user_shell); return talloc_strdup(mem_ctx, NOLOGIN_SHELL); } @@ -411,7 +413,8 @@ static int fill_pwent(struct sss_packet *packet, if (add_domain) { ret = sss_fqname((char *) &body[rp], fq_len, dom->names, dom, name.str); if (ret < 0 || ret != fq_len - 1) { - DEBUG(1, "Failed to generate a fully qualified name for user " + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to generate a fully qualified name for user " "[%s] in [%s]! Skipping user.\n", name.str, domain); continue; } @@ -514,7 +517,8 @@ errno_t check_cache(struct nss_dom_ctx *dctx, */ if ((req_type == SSS_DP_USER || req_type == SSS_DP_NETGR) && (res->count > 1)) { - DEBUG(1, "getpwXXX call returned more than one result!" + DEBUG(SSSDBG_CRIT_FAILURE, + "getpwXXX call returned more than one result!" " DB Corrupted?\n"); return ENOENT; } @@ -747,21 +751,25 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) return ENOENT; } - DEBUG(4, "Requesting info for [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } ret = sysdb_getpwnam(cmdctx, dom, name, &dctx->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); return EIO; } if (dctx->res->count > 1) { - DEBUG(0, "getpwnam call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getpwnam call returned more than one result !?!\n"); return ENOENT; } @@ -779,7 +787,7 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) if (dom) continue; } - DEBUG(2, "No results for getpwnam call\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for getpwnam call\n"); /* User not found in ldb -> delete user from memory cache. */ ret = delete_entry_from_memcache(dctx->domain, name, @@ -808,7 +816,8 @@ static int nss_cmd_getpwnam_search(struct nss_dom_ctx *dctx) } /* One result found */ - DEBUG(6, "Returning info for user [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for user [%s@%s]\n", name, dom->name); return EOK; } @@ -838,7 +847,8 @@ static void nss_cmd_getby_dp_callback(uint16_t err_maj, uint32_t err_min, bool check_subdomains; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n" "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); @@ -1135,7 +1145,7 @@ static int nss_cmd_getbynam(enum sss_cli_command cmd, struct cli_ctx *cctx) goto done; } - DEBUG(4, "Requesting info for [%s] from [%s]\n", + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for [%s] from [%s]\n", cmdctx->name, domname?domname:""); if (domname) { @@ -1306,7 +1316,8 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) /* check that the uid is valid for this domain */ if ((dom->id_min && (cmdctx->id < dom->id_min)) || (dom->id_max && (cmdctx->id > dom->id_max))) { - DEBUG(4, "Uid [%"PRIu32"] does not exist in domain [%s]! " + DEBUG(SSSDBG_CONF_SETTINGS, + "Uid [%"PRIu32"] does not exist in domain [%s]! " "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { @@ -1326,23 +1337,27 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) /* make sure to update the dctx if we changed domain */ dctx->domain = dom; - DEBUG(4, "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); ret = EIO; goto done; } ret = sysdb_getpwuid(cmdctx, dom, cmdctx->id, &dctx->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); ret = EIO; goto done; } if (dctx->res->count > 1) { - DEBUG(0, "getpwuid call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getpwuid call returned more than one result !?!\n"); ret = ENOENT; goto done; } @@ -1376,7 +1391,8 @@ static int nss_cmd_getpwuid_search(struct nss_dom_ctx *dctx) } /* One result found */ - DEBUG(6, "Returning info for uid [%"PRIu32"@%s]\n", cmdctx->id, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for uid [%"PRIu32"@%s]\n", cmdctx->id, dom->name); ret = EOK; goto done; @@ -1642,7 +1658,8 @@ static int nss_cmd_setpwent(struct cli_ctx *cctx) req = nss_cmd_setpwent_send(cmdctx, cctx); if (!req) { - DEBUG(0, "Fatal error calling nss_cmd_setpwent_send\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal error calling nss_cmd_setpwent_send\n"); ret = EIO; goto done; } @@ -1663,7 +1680,7 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom; struct setent_step_ctx *step_ctx; - DEBUG(4, "Received setpwent request\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Received setpwent request\n"); nctx = talloc_get_type(client->rctx->pvt_ctx, struct nss_ctx); /* Reset the read pointers */ @@ -1672,7 +1689,8 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, req = tevent_req_create(mem_ctx, &state, struct setent_ctx); if (!req) { - DEBUG(0, "Could not create tevent request for setpwent\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not create tevent request for setpwent\n"); return NULL; } @@ -1692,7 +1710,7 @@ struct tevent_req *nss_cmd_setpwent_send(TALLOC_CTX *mem_ctx, state->dctx->domain = dom; if (state->dctx->domain == NULL) { - DEBUG(2, "Enumeration disabled on all domains!\n"); + DEBUG(SSSDBG_OP_FAILURE, "Enumeration disabled on all domains!\n"); ret = ENOENT; goto error; } @@ -1812,10 +1830,12 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) /* make sure to update the dctx if we changed domain */ dctx->domain = dom; - DEBUG(6, "Requesting info for domain [%s]\n", dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Requesting info for domain [%s]\n", dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } @@ -1853,14 +1873,16 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) ret = sysdb_enumpwent(dctx, dom, &res); if (ret != EOK) { - DEBUG(1, "Enum from cache failed, skipping domain [%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Enum from cache failed, skipping domain [%s]\n", dom->name); dom = get_next_domain(dom, true); continue; } if (res->count == 0) { - DEBUG(4, "Domain [%s] has no users, skipping.\n", dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Domain [%s] has no users, skipping.\n", dom->name); dom = get_next_domain(dom, true); continue; } @@ -1895,7 +1917,8 @@ static errno_t nss_cmd_setpwent_step(struct setent_step_ctx *step_ctx) te = tevent_add_timer(rctx->ev, nctx->pctx, tv, setpwent_result_timeout, nctx); if (!te) { - DEBUG(0, "Could not set up life timer for setpwent result object. " + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not set up life timer for setpwent result object. " "Entries may become stale.\n"); } @@ -1916,7 +1939,8 @@ static void setpwent_result_timeout(struct tevent_context *ev, { struct nss_ctx *nctx = talloc_get_type(pvt, struct nss_ctx); - DEBUG(1, "setpwent result object has expired. Cleaning up.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "setpwent result object has expired. Cleaning up.\n"); /* Free the passwd enumeration context. * If additional getpwent requests come in, they will invoke @@ -1933,7 +1957,8 @@ static void nss_cmd_setpwent_dp_callback(uint16_t err_maj, uint32_t err_min, int ret; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n" "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); @@ -1982,7 +2007,7 @@ static int nss_cmd_getpwent(struct cli_ctx *cctx) struct nss_cmd_ctx *cmdctx; struct tevent_req *req; - DEBUG(4, "Requesting info for all accounts\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for all accounts\n"); cmdctx = talloc_zero(cctx, struct nss_cmd_ctx); if (!cmdctx) { @@ -2114,7 +2139,8 @@ static void nss_cmd_implicit_setpwent_done(struct tevent_req *req) * later. */ if (ret != EOK && ret != ENOENT) { - DEBUG(0, "Implicit setpwent failed with unexpected error [%d][%s]\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Implicit setpwent failed with unexpected error [%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -2125,7 +2151,8 @@ static void nss_cmd_implicit_setpwent_done(struct tevent_req *req) ret = nss_cmd_getpwent_immediate(cmdctx); if (ret != EOK) { - DEBUG(0, "Immediate retrieval failed with unexpected error " + DEBUG(SSSDBG_FATAL_FAILURE, + "Immediate retrieval failed with unexpected error " "[%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -2136,7 +2163,7 @@ static int nss_cmd_endpwent(struct cli_ctx *cctx) struct nss_ctx *nctx; int ret; - DEBUG(4, "Terminating request info for all accounts\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Terminating request info for all accounts\n"); nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -2422,7 +2449,7 @@ static int fill_grent(struct sss_packet *packet, /* new group */ if (!ldb_msg_check_string_attribute(msg, "objectClass", SYSDB_GROUP_CLASS)) { - DEBUG(1, "Wrong object (%s) found on stack!\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Wrong object (%s) found on stack!\n", ldb_dn_get_linearized(msg->dn)); continue; } @@ -2435,7 +2462,8 @@ static int fill_grent(struct sss_packet *packet, orig_name = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL); gid = ldb_msg_find_attr_as_uint64(msg, SYSDB_GIDNUM, 0); if (!orig_name || !gid) { - DEBUG(2, "Incomplete group object for %s[%llu]! Skipping\n", + DEBUG(SSSDBG_OP_FAILURE, + "Incomplete group object for %s[%llu]! Skipping\n", orig_name?orig_name:"", (unsigned long long int)gid); continue; } @@ -2492,7 +2520,8 @@ static int fill_grent(struct sss_packet *packet, ret = sss_fqname((char *)&body[rzero+STRS_ROFFSET], fq_len, dom->names, dom, name.str); if (ret < 0 || ret != fq_len - 1) { - DEBUG(1, "Failed to generate a fully qualified name for" + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to generate a fully qualified name for" " group [%s] in [%s]! Skipping\n", name.str, domain); /* reclaim space */ ret = sss_packet_shrink(packet, rsize); @@ -2671,21 +2700,25 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) return ENOENT; } - DEBUG(4, "Requesting info for [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } ret = sysdb_getgrnam(cmdctx, dom, name, &dctx->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); return EIO; } if (dctx->res->count > 1) { - DEBUG(0, "getgrnam call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getgrnam call returned more than one result !?!\n"); return ENOENT; } @@ -2703,7 +2736,7 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) if (dom) continue; } - DEBUG(2, "No results for getgrnam call\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for getgrnam call\n"); /* Group not found in ldb -> delete group from memory cache. */ ret = delete_entry_from_memcache(dctx->domain, name, @@ -2733,7 +2766,8 @@ static int nss_cmd_getgrnam_search(struct nss_dom_ctx *dctx) } /* One result found */ - DEBUG(6, "Returning info for group [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for group [%s@%s]\n", name, dom->name); return EOK; } @@ -2772,7 +2806,8 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) /* check that the gid is valid for this domain */ if ((dom->id_min && (cmdctx->id < dom->id_min)) || (dom->id_max && (cmdctx->id > dom->id_max))) { - DEBUG(4, "Gid [%"PRIu32"] does not exist in domain [%s]! " + DEBUG(SSSDBG_CONF_SETTINGS, + "Gid [%"PRIu32"] does not exist in domain [%s]! " "(id out of range)\n", cmdctx->id, dom->name); if (cmdctx->check_next) { @@ -2792,23 +2827,27 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) /* make sure to update the dctx if we changed domain */ dctx->domain = dom; - DEBUG(4, "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%"PRIu32"@%s]\n", cmdctx->id, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); ret = EIO; goto done; } ret = sysdb_getgrgid(cmdctx, dom, cmdctx->id, &dctx->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); ret = EIO; goto done; } if (dctx->res->count > 1) { - DEBUG(0, "getgrgid call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getgrgid call returned more than one result !?!\n"); ret = ENOENT; goto done; } @@ -2842,7 +2881,8 @@ static int nss_cmd_getgrgid_search(struct nss_dom_ctx *dctx) } /* One result found */ - DEBUG(6, "Returning info for gid [%"PRIu32"@%s]\n", cmdctx->id, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for gid [%"PRIu32"@%s]\n", cmdctx->id, dom->name); /* Success. Break from the loop and return EOK */ ret = EOK; @@ -2898,7 +2938,8 @@ static int nss_cmd_setgrent(struct cli_ctx *cctx) req = nss_cmd_setgrent_send(cmdctx, cctx); if (!req) { - DEBUG(0, "Fatal error calling nss_cmd_setgrent_send\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal error calling nss_cmd_setgrent_send\n"); ret = EIO; goto done; } @@ -2919,7 +2960,7 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom; struct setent_step_ctx *step_ctx; - DEBUG(4, "Received setgrent request\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Received setgrent request\n"); nctx = talloc_get_type(client->rctx->pvt_ctx, struct nss_ctx); /* Reset the read pointers */ @@ -2928,7 +2969,8 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, req = tevent_req_create(mem_ctx, &state, struct setent_ctx); if (!req) { - DEBUG(0, "Could not create tevent request for setgrent\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not create tevent request for setgrent\n"); return NULL; } @@ -2948,7 +2990,7 @@ struct tevent_req *nss_cmd_setgrent_send(TALLOC_CTX *mem_ctx, state->dctx->domain = dom; if (state->dctx->domain == NULL) { - DEBUG(2, "Enumeration disabled on all domains!\n"); + DEBUG(SSSDBG_OP_FAILURE, "Enumeration disabled on all domains!\n"); ret = ENOENT; goto error; } @@ -3068,10 +3110,12 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) /* make sure to update the dctx if we changed domain */ dctx->domain = dom; - DEBUG(6, "Requesting info for domain [%s]\n", dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Requesting info for domain [%s]\n", dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } @@ -3109,14 +3153,16 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) ret = sysdb_enumgrent(dctx, dom, &res); if (ret != EOK) { - DEBUG(1, "Enum from cache failed, skipping domain [%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Enum from cache failed, skipping domain [%s]\n", dom->name); dom = get_next_domain(dom, true); continue; } if (res->count == 0) { - DEBUG(4, "Domain [%s] has no groups, skipping.\n", dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Domain [%s] has no groups, skipping.\n", dom->name); dom = get_next_domain(dom, true); continue; } @@ -3151,7 +3197,8 @@ static errno_t nss_cmd_setgrent_step(struct setent_step_ctx *step_ctx) te = tevent_add_timer(rctx->ev, nctx->gctx, tv, setgrent_result_timeout, nctx); if (!te) { - DEBUG(0, "Could not set up life timer for setgrent result object. " + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not set up life timer for setgrent result object. " "Entries may become stale.\n"); } @@ -3173,7 +3220,8 @@ static void setgrent_result_timeout(struct tevent_context *ev, { struct nss_ctx *nctx = talloc_get_type(pvt, struct nss_ctx); - DEBUG(1, "setgrent result object has expired. Cleaning up.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "setgrent result object has expired. Cleaning up.\n"); /* Free the group enumeration context. * If additional getgrent requests come in, they will invoke @@ -3190,7 +3238,8 @@ static void nss_cmd_setgrent_dp_callback(uint16_t err_maj, uint32_t err_min, int ret; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n" "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); @@ -3317,7 +3366,7 @@ static int nss_cmd_getgrent(struct cli_ctx *cctx) struct nss_cmd_ctx *cmdctx; struct tevent_req *req; - DEBUG(4, "Requesting info for all groups\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for all groups\n"); cmdctx = talloc_zero(cctx, struct nss_cmd_ctx); if (!cmdctx) { @@ -3363,7 +3412,8 @@ static void nss_cmd_implicit_setgrent_done(struct tevent_req *req) * later. */ if (ret != EOK && ret != ENOENT) { - DEBUG(0, "Implicit setgrent failed with unexpected error [%d][%s]\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Implicit setgrent failed with unexpected error [%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -3374,7 +3424,8 @@ static void nss_cmd_implicit_setgrent_done(struct tevent_req *req) ret = nss_cmd_getgrent_immediate(cmdctx); if (ret != EOK) { - DEBUG(0, "Immediate retrieval failed with unexpected error " + DEBUG(SSSDBG_FATAL_FAILURE, + "Immediate retrieval failed with unexpected error " "[%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -3385,7 +3436,7 @@ static int nss_cmd_endgrent(struct cli_ctx *cctx) struct nss_ctx *nctx; int ret; - DEBUG(4, "Terminating request info for all groups\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Terminating request info for all groups\n"); nctx = talloc_get_type(cctx->rctx->pvt_ctx, struct nss_ctx); @@ -3564,7 +3615,8 @@ static int fill_initgr(struct sss_packet *packet, struct ldb_result *res) skipped++; continue; } else { - DEBUG(1, "Incomplete group object for initgroups! Aborting\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Incomplete group object for initgroups! Aborting\n"); return EFAULT; } } @@ -3671,16 +3723,19 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) return ENOENT; } - DEBUG(4, "Requesting info for [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } ret = sysdb_initgroups(cmdctx, dom, name, &dctx->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache! [%d][%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache! [%d][%s]\n", ret, strerror(ret)); return EIO; } @@ -3699,7 +3754,7 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) if (dom) continue; } - DEBUG(2, "No results for initgroups call\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for initgroups call\n"); return ENOENT; } @@ -3719,7 +3774,8 @@ static int nss_cmd_initgroups_search(struct nss_dom_ctx *dctx) } } - DEBUG(6, "Initgroups for [%s@%s] completed\n", name, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Initgroups for [%s@%s] completed\n", name, dom->name); return EOK; } @@ -4059,7 +4115,7 @@ static errno_t nss_cmd_getbysid_search(struct nss_dom_ctx *dctx) } if (dctx->res->count == 0 && !dctx->check_provider) { - DEBUG(2, "No results for getbysid call.\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for getbysid call.\n"); /* set negative cache only if not result of cache check */ ret = sss_ncache_set_sid(nctx->ncache, false, cmdctx->secid); @@ -4473,7 +4529,7 @@ static int nss_cmd_getbysid(enum sss_cli_command cmd, struct cli_ctx *cctx) goto done; } - DEBUG(4, "Requesting info for [%s] from [%s]\n", + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for [%s] from [%s]\n", cmdctx->secid, dctx->domain->name); dctx->check_provider = NEED_CHECK_PROVIDER(dctx->domain->provider); diff --git a/src/responder/nss/nsssrv_netgroup.c b/src/responder/nss/nsssrv_netgroup.c index 469445f88..c269309f5 100644 --- a/src/responder/nss/nsssrv_netgroup.c +++ b/src/responder/nss/nsssrv_netgroup.c @@ -50,7 +50,8 @@ static errno_t get_netgroup_entry(struct nss_ctx *nctx, return ENOENT; } - DEBUG(1, "Unexpected error reading from netgroup hash [%d][%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, + "Unexpected error reading from netgroup hash [%d][%s]\n", hret, hash_error_string(hret)); return EIO; } @@ -64,7 +65,7 @@ static errno_t set_netgroup_entry(struct nss_ctx *nctx, int hret; if (netgr->name == NULL) { - DEBUG(1, "Missing netgroup name.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing netgroup name.\n"); return EINVAL; } /* Add this entry to the hash table */ @@ -74,8 +75,10 @@ static errno_t set_netgroup_entry(struct nss_ctx *nctx, value.ptr = netgr; hret = hash_enter(nctx->netgroups, &key, &value); if (hret != EOK) { - DEBUG(0, "Unable to add hash table entry for [%s]", key.str); - DEBUG(4, "Hash error [%d][%s]", hret, hash_error_string(hret)); + DEBUG(SSSDBG_FATAL_FAILURE, + "Unable to add hash table entry for [%s]", key.str); + DEBUG(SSSDBG_CONF_SETTINGS, + "Hash error [%d][%s]", hret, hash_error_string(hret)); return EIO; } talloc_steal(nctx->netgroups, netgr); @@ -125,7 +128,7 @@ int nss_cmd_setnetgrent(struct cli_ctx *client) req = setnetgrent_send(cmdctx, rawname, cmdctx); if (!req) { - DEBUG(0, "Fatal error calling setnetgrent_send\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Fatal error calling setnetgrent_send\n"); ret = EIO; goto done; } @@ -154,7 +157,8 @@ static int netgr_hash_remove (TALLOC_CTX *ctx) /* Remove the netgroup result object from the lookup table */ hret = hash_delete(netgr->lookup_table, &key); if (hret != HASH_SUCCESS) { - DEBUG(0, "Could not remove key [%s] from table! [%d][%s]\n", + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not remove key [%s] from table! [%d][%s]\n", netgr->name, hret, hash_error_string(hret)); return -1; } @@ -187,7 +191,8 @@ static struct tevent_req *setnetgrent_send(TALLOC_CTX *mem_ctx, req = tevent_req_create(mem_ctx, &state, struct setnetgrent_ctx); if (!req) { - DEBUG(0, "Could not create tevent request for setnetgrent\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not create tevent request for setnetgrent\n"); return NULL; } @@ -207,11 +212,11 @@ static struct tevent_req *setnetgrent_send(TALLOC_CTX *mem_ctx, client->rctx->default_domain, rawname, &domname, &state->netgr_shortname); if (ret != EOK) { - DEBUG(2, "Invalid name received [%s]\n", rawname); + DEBUG(SSSDBG_OP_FAILURE, "Invalid name received [%s]\n", rawname); goto error; } - DEBUG(4, "Requesting info for netgroup [%s] from [%s]\n", + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for netgroup [%s] from [%s]\n", state->netgr_shortname, domname?domname:""); if (domname) { @@ -341,7 +346,7 @@ static errno_t setnetgrent_retry(struct tevent_req *req) ret = set_netgroup_entry(nctx, state->netgr); if (ret != EOK) { - DEBUG(1, "set_netgroup_entry failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "set_netgroup_entry failed.\n"); talloc_free(state->netgr); goto done; } @@ -418,7 +423,8 @@ static void set_netgr_lifetime(uint32_t lifetime, setnetgrent_result_timeout, netgr); if (!te) { - DEBUG(0, "Could not set up life timer for setnetgrent result object. " + DEBUG(SSSDBG_FATAL_FAILURE, + "Could not set up life timer for setnetgrent result object. " "Entries may become stale.\n"); } } @@ -458,10 +464,11 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) return ENOMEM; } - DEBUG(4, "Requesting info for [%s@%s]\n", + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); return EIO; } @@ -485,7 +492,8 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) } if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); return EIO; } @@ -493,7 +501,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) &netgr); if (ret != EOK) { /* Something really bad happened! */ - DEBUG(0, "Netgroup entry was lost!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Netgroup entry was lost!\n"); return ret; } @@ -502,7 +510,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) &netgr->entries); if (ret == ENOENT) { /* This netgroup was not found in this domain */ - DEBUG(2, "No results for netgroup %s (domain %s)\n", + DEBUG(SSSDBG_OP_FAILURE, "No results for netgroup %s (domain %s)\n", name, dom->name); if (!step_ctx->dctx->check_provider) { @@ -516,7 +524,8 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) } if (ret != EOK) { - DEBUG(1, "Failed to convert results into entries\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to convert results into entries\n"); netgr->ready = true; netgr->found = false; set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr); @@ -542,7 +551,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) } /* Results found */ - DEBUG(6, "Returning info for netgroup [%s@%s]\n", + DEBUG(SSSDBG_TRACE_FUNC, "Returning info for netgroup [%s@%s]\n", name, dom->name); netgr->ready = true; netgr->found = true; @@ -563,7 +572,7 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) netgr = talloc_zero(step_ctx->nctx, struct getent_ctx); if (netgr == NULL) { - DEBUG(1, "talloc_zero failed, ignored.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed, ignored.\n"); } else { netgr->ready = true; netgr->found = false; @@ -571,14 +580,14 @@ static errno_t lookup_netgr_step(struct setent_step_ctx *step_ctx) netgr->lookup_table = step_ctx->nctx->netgroups; netgr->name = talloc_strdup(netgr, step_ctx->name); if (netgr->name == NULL) { - DEBUG(1, "talloc_strdup failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n"); talloc_free(netgr); return ENOMEM; } ret = set_netgroup_entry(step_ctx->nctx, netgr); if (ret != EOK) { - DEBUG(1, "set_netgroup_entry failed, ignored.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "set_netgroup_entry failed, ignored.\n"); } set_netgr_lifetime(step_ctx->nctx->neg_timeout, step_ctx, netgr); } @@ -596,7 +605,8 @@ static void lookup_netgr_dp_callback(uint16_t err_maj, uint32_t err_min, int ret; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n" "Will try to return what we have in cache\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); @@ -658,7 +668,7 @@ static void nss_cmd_setnetgrent_done(struct tevent_req *req) reqret = setnetgrent_recv(req); talloc_zfree(req); if (reqret != EOK && reqret != ENOENT) { - DEBUG(1, "setnetgrent failed\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "setnetgrent failed\n"); nss_cmd_done(cmdctx, reqret); return; } @@ -675,7 +685,7 @@ static void nss_cmd_setnetgrent_done(struct tevent_req *req) packet = cmdctx->cctx->creq->out; ret = sss_packet_grow(packet, 2*sizeof(uint32_t)); if (ret != EOK) { - DEBUG(1, "Couldn't grow the packet\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Couldn't grow the packet\n"); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -692,7 +702,7 @@ static void nss_cmd_setnetgrent_done(struct tevent_req *req) return; } - DEBUG(1, "Error creating packet\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Error creating packet\n"); } static void setnetgrent_implicit_done(struct tevent_req *req); @@ -706,7 +716,7 @@ int nss_cmd_getnetgrent(struct cli_ctx *client) struct getent_ctx *netgr; struct tevent_req *req; - DEBUG(4, "Requesting netgroup data\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "Requesting netgroup data\n"); cmdctx = talloc_zero(client, struct nss_cmd_ctx); if (!cmdctx) { @@ -739,7 +749,7 @@ int nss_cmd_getnetgrent(struct cli_ctx *client) return EOK; } else if (ret != EOK) { - DEBUG(1, "An unexpected error occurred: [%d][%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "An unexpected error occurred: [%d][%s]\n", ret, strerror(ret)); return nss_cmd_done(cmdctx, ret); @@ -758,16 +768,18 @@ int nss_cmd_getnetgrent(struct cli_ctx *client) return EOK; } else if (!netgr->found) { - DEBUG(6, "Results for [%s] not found.\n", client->netgr_name); + DEBUG(SSSDBG_TRACE_FUNC, + "Results for [%s] not found.\n", client->netgr_name); return ENOENT; } - DEBUG(6, "Returning results for [%s]\n", client->netgr_name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning results for [%s]\n", client->netgr_name); /* Read the result strings */ ret = nss_cmd_getnetgrent_process(cmdctx, netgr); if (ret != EOK) { - DEBUG(1, "Failed: [%d][%s]\n", ret, strerror(ret)); + DEBUG(SSSDBG_CRIT_FAILURE, "Failed: [%d][%s]\n", ret, strerror(ret)); } return ret; } @@ -789,7 +801,8 @@ static void setnetgrent_implicit_done(struct tevent_req *req) * nss_cmd_retnetgrent later */ if (ret != EOK && ret != ENOENT) { - DEBUG(0, "Implicit setnetgrent failed with unexpected error " + DEBUG(SSSDBG_FATAL_FAILURE, + "Implicit setnetgrent failed with unexpected error " "[%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -804,11 +817,12 @@ static void setnetgrent_implicit_done(struct tevent_req *req) ret = get_netgroup_entry(nctx, cmdctx->cctx->netgr_name, &netgr); if (ret == ENOENT) { /* Critical error. This should never happen */ - DEBUG(0, "Implicit setnetgrent returned success without creating " + DEBUG(SSSDBG_FATAL_FAILURE, + "Implicit setnetgrent returned success without creating " "result object.\n"); NSS_CMD_FATAL_ERROR(cmdctx); } else if (ret != EOK) { - DEBUG(1, "An unexpected error occurred: [%d][%s]\n", + DEBUG(SSSDBG_CRIT_FAILURE, "An unexpected error occurred: [%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); @@ -816,14 +830,16 @@ static void setnetgrent_implicit_done(struct tevent_req *req) if (!netgr->ready) { /* Critical error. This should never happen */ - DEBUG(0, "Implicit setnetgrent returned success without creating " + DEBUG(SSSDBG_FATAL_FAILURE, + "Implicit setnetgrent returned success without creating " "result object.\n"); NSS_CMD_FATAL_ERROR(cmdctx); } ret = nss_cmd_getnetgrent_process(cmdctx, netgr); if (ret != EOK) { - DEBUG(0, "Immediate retrieval failed with unexpected error " + DEBUG(SSSDBG_FATAL_FAILURE, + "Immediate retrieval failed with unexpected error " "[%d][%s]\n", ret, strerror(ret)); NSS_CMD_FATAL_ERROR(cmdctx); } @@ -858,7 +874,7 @@ static errno_t nss_cmd_getnetgrent_process(struct nss_cmd_ctx *cmdctx, if (!netgr->entries || netgr->entries[0] == NULL) { /* No entries */ - DEBUG(5, "No entries found\n"); + DEBUG(SSSDBG_FUNC_DATA, "No entries found\n"); ret = sss_cmd_empty_packet(client->creq->out); if (ret != EOK) { return nss_cmd_done(cmdctx, ret); @@ -953,7 +969,8 @@ static errno_t nss_cmd_retnetgrent(struct cli_ctx *client, } else if (entries[client->netgrent_cur]->type == SYSDB_NETGROUP_GROUP_VAL) { if (entries[client->netgrent_cur]->value.groupname == NULL || entries[client->netgrent_cur]->value.groupname[0] == '\0') { - DEBUG(1, "Empty netgroup member. Please check your cache.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Empty netgroup member. Please check your cache.\n"); continue; } @@ -975,7 +992,8 @@ static errno_t nss_cmd_retnetgrent(struct cli_ctx *client, grouplen); rp += grouplen; } else { - DEBUG(1, "Unexpected value type for netgroup entry. " + DEBUG(SSSDBG_CRIT_FAILURE, + "Unexpected value type for netgroup entry. " "Please check your cache.\n"); continue; } diff --git a/src/responder/nss/nsssrv_private.h b/src/responder/nss/nsssrv_private.h index fbfe5ee94..2dcc07b5c 100644 --- a/src/responder/nss/nsssrv_private.h +++ b/src/responder/nss/nsssrv_private.h @@ -95,13 +95,13 @@ struct setent_step_ctx { }; #define NSS_CMD_FATAL_ERROR(cctx) do { \ - DEBUG(1,"Fatal error, killing connection!\n"); \ + DEBUG(SSSDBG_CRIT_FAILURE,"Fatal error, killing connection!\n"); \ talloc_free(cctx); \ return; \ } while(0) #define NSS_CMD_FATAL_ERROR_CODE(cctx, ret) do { \ - DEBUG(1,"Fatal error, killing connection!\n"); \ + DEBUG(SSSDBG_CRIT_FAILURE,"Fatal error, killing connection!\n"); \ talloc_free(cctx); \ return ret; \ } while(0) diff --git a/src/responder/nss/nsssrv_services.c b/src/responder/nss/nsssrv_services.c index 7cfaf1e6b..67ca5d592 100644 --- a/src/responder/nss/nsssrv_services.c +++ b/src/responder/nss/nsssrv_services.c @@ -631,7 +631,7 @@ fill_service(struct sss_packet *packet, /* new service */ if (!ldb_msg_check_string_attribute(msg, "objectClass", SYSDB_SVC_CLASS)) { - DEBUG(1, "Wrong object (%s) found on stack!\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Wrong object (%s) found on stack!\n", ldb_dn_get_linearized(msg->dn)); continue; } diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c index b602259ee..4b076146c 100644 --- a/src/responder/pam/pam_LOCAL_domain.c +++ b/src/responder/pam/pam_LOCAL_domain.c @@ -31,7 +31,7 @@ #define NULL_CHECK_OR_JUMP(var, msg, ret, err, label) do { \ if (var == NULL) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -39,7 +39,7 @@ #define NEQ_CHECK_OR_JUMP(var, val, msg, ret, err, label) do { \ if (var != (val)) { \ - DEBUG(1, msg); \ + DEBUG(SSSDBG_CRIT_FAILURE, msg); \ ret = (err); \ goto label; \ } \ @@ -168,7 +168,7 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) if (ret) { /* TODO: should we allow null passwords via a config option ? */ if (ret == ENOENT) { - DEBUG(1, "Empty passwords are not allowed!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Empty passwords are not allowed!\n"); } lreq->error = EINVAL; goto done; @@ -177,12 +177,12 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) ret = s3crypt_gen_salt(lreq, &salt); NEQ_CHECK_OR_JUMP(ret, EOK, ("Salt generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "Using salt [%s]\n", salt); + DEBUG(SSSDBG_CONF_SETTINGS, "Using salt [%s]\n", salt); ret = s3crypt_sha512(lreq, password, salt, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("Hash generation failed.\n"), lreq->error, ret, done); - DEBUG(4, "New hash [%s]\n", new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, "New hash [%s]\n", new_hash); lreq->mod_attrs = sysdb_new_attrs(lreq); NULL_CHECK_OR_JUMP(lreq->mod_attrs, ("sysdb_new_attrs failed.\n"), @@ -229,7 +229,7 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) struct pam_data *pd = preq->pd; int ret; - DEBUG(4, "LOCAL pam handler.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "LOCAL pam handler.\n"); lreq = talloc_zero(preq, struct LOCAL_request); if (!lreq) { @@ -238,7 +238,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) lreq->dbctx = preq->domain->sysdb; if (lreq->dbctx == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); talloc_free(lreq); return ENOENT; } @@ -251,18 +252,20 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) ret = sysdb_get_user_attr(lreq, preq->domain, preq->pd->user, attrs, &res); if (ret != EOK) { - DEBUG(1, "sysdb_get_user_attr failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_get_user_attr failed.\n"); talloc_free(lreq); return ret; } if (res->count < 1) { - DEBUG(4, "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "No user found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); pd->pam_status = PAM_USER_UNKNOWN; goto done; } else if (res->count > 1) { - DEBUG(4, "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", + DEBUG(SSSDBG_CONF_SETTINGS, + "More than one object found with filter ["SYSDB_PWNAM_FILTER"]\n", pd->user, pd->user, pd->user); lreq->error = EFAULT; goto done; @@ -270,7 +273,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) username = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_NAME, NULL); if (strcmp(username, pd->user) != 0) { - DEBUG(1, "Expected username [%s] get [%s].\n", pd->user, username); + DEBUG(SSSDBG_CRIT_FAILURE, + "Expected username [%s] get [%s].\n", pd->user, username); lreq->error = EINVAL; goto done; } @@ -285,7 +289,8 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pd->cmd == SSS_PAM_CHAUTHTOK_PRELIM) && lreq->preq->cctx->priv == 1) { /* TODO: maybe this is a candiate for an explicit audit message. */ - DEBUG(4, "allowing root to reset a password.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, + "allowing root to reset a password.\n"); break; } ret = sss_authtok_get_password(pd->authtok, &password, NULL); @@ -295,16 +300,18 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) pwdhash = ldb_msg_find_attr_as_string(res->msgs[0], SYSDB_PWD, NULL); NULL_CHECK_OR_JUMP(pwdhash, ("No password stored.\n"), lreq->error, LDB_ERR_NO_SUCH_ATTRIBUTE, done); - DEBUG(4, "user: [%s], password hash: [%s]\n", username, pwdhash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], password hash: [%s]\n", username, pwdhash); ret = s3crypt_sha512(lreq, password, pwdhash, &new_hash); NEQ_CHECK_OR_JUMP(ret, EOK, ("nss_sha512_crypt failed.\n"), lreq->error, ret, done); - DEBUG(4, "user: [%s], new hash: [%s]\n", username, new_hash); + DEBUG(SSSDBG_CONF_SETTINGS, + "user: [%s], new hash: [%s]\n", username, new_hash); if (strcmp(new_hash, pwdhash) != 0) { - DEBUG(1, "Passwords do not match.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Passwords do not match.\n"); do_failed_login(lreq); goto done; } diff --git a/src/responder/pam/pamsrv.c b/src/responder/pam/pamsrv.c index 3806d763e..5f9844ebc 100644 --- a/src/responder/pam/pamsrv.c +++ b/src/responder/pam/pamsrv.c @@ -82,7 +82,7 @@ static void pam_dp_reconnect_init(struct sbus_connection *conn, int status, void /* Did we reconnect successfully? */ if (status == SBUS_RECONNECT_SUCCESS) { - DEBUG(1, "Reconnected to the Data Provider.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Reconnected to the Data Provider.\n"); /* Identify ourselves to the data provider */ ret = dp_common_send_id(be_conn->conn, @@ -96,7 +96,7 @@ static void pam_dp_reconnect_init(struct sbus_connection *conn, int status, void } /* Handle failure */ - DEBUG(0, "Could not reconnect to %s provider.\n", + DEBUG(SSSDBG_FATAL_FAILURE, "Could not reconnect to %s provider.\n", be_conn->domain->name); /* FIXME: kill the frontend and let the monitor restart it ? */ @@ -147,7 +147,8 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, ret = confdb_get_int(pctx->rctx->cdb, CONFDB_PAM_CONF_ENTRY, CONFDB_SERVICE_RECON_RETRIES, 3, &max_retries); if (ret != EOK) { - DEBUG(0, "Failed to set up automatic reconnection\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to set up automatic reconnection\n"); goto done; } @@ -172,7 +173,8 @@ static int pam_process_init(TALLOC_CTX *mem_ctx, ret = sss_ncache_init(pctx, &pctx->ncache); if (ret != EOK) { - DEBUG(0, "fatal error initializing negative cache\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "fatal error initializing negative cache\n"); goto done; } @@ -258,7 +260,8 @@ int main(int argc, const char *argv[]) ret = die_if_parent_died(); if (ret != EOK) { /* This is not fatal, don't return */ - DEBUG(2, "Could not set up to exit when parent process does\n"); + DEBUG(SSSDBG_OP_FAILURE, + "Could not set up to exit when parent process does\n"); } ret = pam_process_init(main_ctx, diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index f3ceea49d..140d541ad 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -172,7 +172,7 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, /* the uint32_t end maker SSS_END_OF_PAM_REQUEST does not count to * the remaining buffer */ if (size > (blen - c - sizeof(uint32_t))) { - DEBUG(1, "Invalid data size.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid data size.\n"); return EINVAL; } @@ -218,7 +218,8 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, if (ret != EOK) return ret; break; default: - DEBUG(1,"Ignoring unknown data type [%d].\n", type); + DEBUG(SSSDBG_CRIT_FAILURE, + "Ignoring unknown data type [%d].\n", type); c += size; } } @@ -227,7 +228,7 @@ static int pam_parse_in_data_v2(struct sss_domain_info *domains, if (pd->user == NULL || *pd->user == '\0') return EINVAL; - DEBUG_PAM_DATA(4, pd); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); return EOK; @@ -242,12 +243,12 @@ static int pam_parse_in_data_v3(struct sss_domain_info *domains, ret = pam_parse_in_data_v2(domains, default_domain, pd, body, blen); if (ret != EOK) { - DEBUG(1, "pam_parse_in_data_v2 failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_parse_in_data_v2 failed.\n"); return ret; } if (pd->cli_pid == 0) { - DEBUG(1, "Missing client PID.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Missing client PID.\n"); return EINVAL; } @@ -322,16 +323,16 @@ static int pam_parse_in_data(struct sss_domain_info *domains, ret = extract_authtok_v1(pd->authtok, body, blen, &end); if (ret) { - DEBUG(1, "Invalid auth token\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid auth token\n"); return ret; } ret = extract_authtok_v1(pd->newauthtok, body, blen, &end); if (ret) { - DEBUG(1, "Invalid new auth token\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "Invalid new auth token\n"); return ret; } - DEBUG_PAM_DATA(4, pd); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); return EOK; } @@ -362,7 +363,7 @@ static errno_t set_last_login(struct pam_auth_req *preq) ret = sysdb_set_user_attr(preq->domain, preq->pd->user, attrs, SYSDB_MOD_REP); if (ret != EOK) { - DEBUG(2, "set_last_login failed.\n"); + DEBUG(SSSDBG_OP_FAILURE, "set_last_login failed.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto fail; } else { @@ -389,7 +390,8 @@ static errno_t filter_responses(struct confdb_ctx *cdb, CONFDB_PAM_VERBOSITY, DEFAULT_PAM_VERBOSITY, &pam_verbosity); if (ret != EOK) { - DEBUG(1, "Failed to read PAM verbosity, not fatal.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to read PAM verbosity, not fatal.\n"); pam_verbosity = DEFAULT_PAM_VERBOSITY; } @@ -397,7 +399,7 @@ static errno_t filter_responses(struct confdb_ctx *cdb, while(resp != NULL) { if (resp->type == SSS_PAM_USER_INFO) { if (resp->len < sizeof(uint32_t)) { - DEBUG(1, "User info entry is too short.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "User info entry is too short.\n"); return EINVAL; } @@ -413,7 +415,8 @@ static errno_t filter_responses(struct confdb_ctx *cdb, switch (user_info_type) { case SSS_PAM_USER_INFO_OFFLINE_AUTH: if (resp->len != sizeof(uint32_t) + sizeof(int64_t)) { - DEBUG(1, "User info offline auth entry is " + DEBUG(SSSDBG_CRIT_FAILURE, + "User info offline auth entry is " "too short.\n"); return EINVAL; } @@ -447,7 +450,7 @@ static void pam_reply_delay(struct tevent_context *ev, struct tevent_timer *te, { struct pam_auth_req *preq; - DEBUG(4, "pam_reply_delay get called.\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "pam_reply_delay get called.\n"); preq = talloc_get_type(pvt, struct pam_auth_req); @@ -496,14 +499,15 @@ static void pam_reply(struct pam_auth_req *preq) pd->offline_auth = true; if (preq->domain->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for domain" + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for domain" " [%s]!\n", preq->domain->name); goto done; } ret = sss_authtok_get_password(pd->authtok, &password, NULL); if (ret) { - DEBUG(0, "Failed to get password.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get password.\n"); goto done; } @@ -518,13 +522,14 @@ static void pam_reply(struct pam_auth_req *preq) break; case SSS_PAM_CHAUTHTOK_PRELIM: case SSS_PAM_CHAUTHTOK: - DEBUG(5, "Password change not possible while offline.\n"); + DEBUG(SSSDBG_FUNC_DATA, + "Password change not possible while offline.\n"); pd->pam_status = PAM_AUTHTOK_ERR; user_info_type = SSS_PAM_USER_INFO_OFFLINE_CHPASS; ret = pam_add_response(pd, SSS_PAM_USER_INFO, sizeof(uint32_t), (const uint8_t *) &user_info_type); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); goto done; } break; @@ -534,12 +539,13 @@ static void pam_reply(struct pam_auth_req *preq) case SSS_PAM_ACCT_MGMT: case SSS_PAM_OPEN_SESSION: case SSS_PAM_CLOSE_SESSION: - DEBUG(2, "Assuming offline authentication setting status for " + DEBUG(SSSDBG_OP_FAILURE, + "Assuming offline authentication setting status for " "pam call %d to PAM_SUCCESS.\n", pd->cmd); pd->pam_status = PAM_SUCCESS; break; default: - DEBUG(1, "Unknown PAM call [%d].\n", pd->cmd); + DEBUG(SSSDBG_CRIT_FAILURE, "Unknown PAM call [%d].\n", pd->cmd); pd->pam_status = PAM_MODULE_UNKNOWN; } } @@ -547,7 +553,7 @@ static void pam_reply(struct pam_auth_req *preq) if (pd->response_delay > 0) { ret = gettimeofday(&tv, NULL); if (ret != EOK) { - DEBUG(1, "gettimeofday failed [%d][%s].\n", + DEBUG(SSSDBG_CRIT_FAILURE, "gettimeofday failed [%d][%s].\n", errno, strerror(errno)); goto done; } @@ -557,7 +563,8 @@ static void pam_reply(struct pam_auth_req *preq) te = tevent_add_timer(cctx->ev, cctx, tv, pam_reply_delay, preq); if (te == NULL) { - DEBUG(1, "Failed to add event pam_reply_delay.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to add event pam_reply_delay.\n"); goto done; } @@ -586,14 +593,14 @@ static void pam_reply(struct pam_auth_req *preq) ret = filter_responses(pctx->rctx->cdb, pd->resp_list); if (ret != EOK) { - DEBUG(1, "filter_responses failed, not fatal.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "filter_responses failed, not fatal.\n"); } if (pd->domain != NULL) { ret = pam_add_response(pd, SSS_PAM_DOMAIN_NAME, strlen(pd->domain)+1, (uint8_t *) pd->domain); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); goto done; } } @@ -661,7 +668,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, resp_len = sizeof(uint32_t) + sizeof(int64_t); resp = talloc_size(preq->pd, resp_len); if (resp == NULL) { - DEBUG(1, "talloc_size failed, cannot prepare user info.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "talloc_size failed, cannot prepare user info.\n"); } else { memcpy(resp, &resp_type, sizeof(uint32_t)); dummy = (int64_t) expire_date; @@ -669,7 +677,7 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, ret = pam_add_response(preq->pd, SSS_PAM_USER_INFO, resp_len, (const uint8_t *) resp); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n"); } } break; @@ -679,7 +687,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, resp_len = sizeof(uint32_t) + sizeof(int64_t); resp = talloc_size(preq->pd, resp_len); if (resp == NULL) { - DEBUG(1, "talloc_size failed, cannot prepare user info.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "talloc_size failed, cannot prepare user info.\n"); } else { memcpy(resp, &resp_type, sizeof(uint32_t)); dummy = (int64_t) delayed_until; @@ -687,7 +696,8 @@ static void pam_handle_cached_login(struct pam_auth_req *preq, int ret, ret = pam_add_response(preq->pd, SSS_PAM_USER_INFO, resp_len, (const uint8_t *) resp); if (ret != EOK) { - DEBUG(1, "pam_add_response failed.\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "pam_add_response failed.\n"); } } } @@ -748,7 +758,7 @@ errno_t pam_forwarder_parse_data(struct cli_ctx *cctx, struct pam_data *pd) body, blen); break; default: - DEBUG(1, "Illegal protocol version [%d].\n", + DEBUG(SSSDBG_CRIT_FAILURE, "Illegal protocol version [%d].\n", cctx->cli_protocol_version->version); ret = EINVAL; } @@ -854,7 +864,8 @@ static int pam_forwarder(struct cli_ctx *cctx, int pam_cmd) } if (preq->domain->provider == NULL) { - DEBUG(1, "Domain [%s] has no auth provider.\n", preq->domain->name); + DEBUG(SSSDBG_CRIT_FAILURE, + "Domain [%s] has no auth provider.\n", preq->domain->name); ret = EINVAL; goto done; } @@ -965,22 +976,26 @@ static int pam_check_user_search(struct pam_auth_req *preq) /* Entry is still valid, get it from the sysdb */ } - DEBUG(4, "Requesting info for [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_CONF_SETTINGS, + "Requesting info for [%s@%s]\n", name, dom->name); if (dom->sysdb == NULL) { - DEBUG(0, "Fatal: Sysdb CTX not found for this domain!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "Fatal: Sysdb CTX not found for this domain!\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; return EFAULT; } ret = sysdb_getpwnam(preq, dom, name, &preq->res); if (ret != EOK) { - DEBUG(1, "Failed to make request to our cache!\n"); + DEBUG(SSSDBG_CRIT_FAILURE, + "Failed to make request to our cache!\n"); return EIO; } if (preq->res->count > 1) { - DEBUG(0, "getpwnam call returned more than one result !?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE, + "getpwnam call returned more than one result !?!\n"); return ENOENT; } @@ -1002,7 +1017,7 @@ static int pam_check_user_search(struct pam_auth_req *preq) continue; } - DEBUG(2, "No results for getpwnam call\n"); + DEBUG(SSSDBG_OP_FAILURE, "No results for getpwnam call\n"); /* TODO: store negative cache ? */ @@ -1020,7 +1035,8 @@ static int pam_check_user_search(struct pam_auth_req *preq) } } - DEBUG(6, "Returning info for user [%s@%s]\n", name, dom->name); + DEBUG(SSSDBG_TRACE_FUNC, + "Returning info for user [%s@%s]\n", name, dom->name); /* We might have searched by alias. Pass on the primary name */ ret = pd_set_primary_name(preq->res->msgs[0], preq->pd); @@ -1133,7 +1149,8 @@ static void pam_check_user_dp_callback(uint16_t err_maj, uint32_t err_min, char *name; if (err_maj) { - DEBUG(2, "Unable to get information from Data Provider\n" + DEBUG(SSSDBG_OP_FAILURE, + "Unable to get information from Data Provider\n" "Error: %u, %u, %s\n", (unsigned int)err_maj, (unsigned int)err_min, err_msg); } @@ -1188,7 +1205,7 @@ static void pam_dom_forwarder(struct pam_auth_req *preq) else { preq->callback = pam_reply; ret = pam_dp_send_req(preq, SSS_CLI_SOCKET_TIMEOUT/2); - DEBUG(4, "pam_dp_send_req returned %d\n", ret); + DEBUG(SSSDBG_CONF_SETTINGS, "pam_dp_send_req returned %d\n", ret); } if (ret != EOK) { @@ -1198,37 +1215,37 @@ static void pam_dom_forwarder(struct pam_auth_req *preq) } static int pam_cmd_authenticate(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_authenticate\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_authenticate\n"); return pam_forwarder(cctx, SSS_PAM_AUTHENTICATE); } static int pam_cmd_setcred(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_setcred\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_setcred\n"); return pam_forwarder(cctx, SSS_PAM_SETCRED); } static int pam_cmd_acct_mgmt(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_acct_mgmt\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_acct_mgmt\n"); return pam_forwarder(cctx, SSS_PAM_ACCT_MGMT); } static int pam_cmd_open_session(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_open_session\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_open_session\n"); return pam_forwarder(cctx, SSS_PAM_OPEN_SESSION); } static int pam_cmd_close_session(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_close_session\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_close_session\n"); return pam_forwarder(cctx, SSS_PAM_CLOSE_SESSION); } static int pam_cmd_chauthtok(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_chauthtok\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_chauthtok\n"); return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK); } static int pam_cmd_chauthtok_prelim(struct cli_ctx *cctx) { - DEBUG(4, "entering pam_cmd_chauthtok_prelim\n"); + DEBUG(SSSDBG_CONF_SETTINGS, "entering pam_cmd_chauthtok_prelim\n"); return pam_forwarder(cctx, SSS_PAM_CHAUTHTOK_PRELIM); } diff --git a/src/responder/pam/pamsrv_dp.c b/src/responder/pam/pamsrv_dp.c index a35627e11..4e79eee87 100644 --- a/src/responder/pam/pamsrv_dp.c +++ b/src/responder/pam/pamsrv_dp.c @@ -58,7 +58,8 @@ static void pam_dp_process_reply(DBusPendingCall *pending, void *ptr) /* Sanity-check of message validity */ if (msg == NULL) { - DEBUG(0, "Severe error. A reply callback was called but no reply was" + DEBUG(SSSDBG_FATAL_FAILURE, + "Severe error. A reply callback was called but no reply was" "received and no timeout occurred\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto done; @@ -69,18 +70,19 @@ static void pam_dp_process_reply(DBusPendingCall *pending, void *ptr) case DBUS_MESSAGE_TYPE_METHOD_RETURN: ret = dp_unpack_pam_response(msg, preq->pd, &dbus_error); if (!ret) { - DEBUG(0, "Failed to parse reply.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to parse reply.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; goto done; } - DEBUG(4, "received: [%d][%s]\n", preq->pd->pam_status, preq->pd->domain); + DEBUG(SSSDBG_CONF_SETTINGS, + "received: [%d][%s]\n", preq->pd->pam_status, preq->pd->domain); break; case DBUS_MESSAGE_TYPE_ERROR: - DEBUG(0, "Reply error.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Reply error.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; break; default: - DEBUG(0, "Default... what now?.\n"); + DEBUG(SSSDBG_FATAL_FAILURE, "Default... what now?.\n"); preq->pd->pam_status = PAM_SYSTEM_ERR; } @@ -129,17 +131,17 @@ int pam_dp_send_req(struct pam_auth_req *preq, int timeout) DP_INTERFACE, DP_METHOD_PAMHANDLER); if (msg == NULL) { - DEBUG(0,"Out of memory?!\n"); + DEBUG(SSSDBG_FATAL_FAILURE,"Out of memory?!\n"); return ENOMEM; } - DEBUG(4, "Sending request with the following data:\n"); - DEBUG_PAM_DATA(4, pd); + DEBUG(SSSDBG_CONF_SETTINGS, "Sending request with the following data:\n"); + DEBUG_PAM_DATA(SSSDBG_CONF_SETTINGS, pd); ret = dp_pack_pam_request(msg, pd); if (!ret) { - DEBUG(1,"Failed to build message\n"); + DEBUG(SSSDBG_CRIT_FAILURE,"Failed to build message\n"); return EIO; } -- cgit