diff options
| author | Jakub Hrozek <jhrozek@redhat.com> | 2016-10-25 15:58:27 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2017-02-15 14:51:47 +0100 |
| commit | c71e0a6710418991d759a329b8dcb77c7ad3e16e (patch) | |
| tree | 25fabafc0ce3f4eacd55265dcbc7a3555e0fdd92 /Makefile.am | |
| parent | 90a103d6050b266fd8fc8fd0636be32de5885dec (diff) | |
| download | sssd-c71e0a6710418991d759a329b8dcb77c7ad3e16e.tar.gz sssd-c71e0a6710418991d759a329b8dcb77c7ad3e16e.tar.xz sssd-c71e0a6710418991d759a329b8dcb77c7ad3e16e.zip | |
FILES: Add the files provider
Adds a new provider type "files". The provider watches the UNIX password
and group databases for changes using inotify and propagates its
contents to the sysdb.
The files provider is only built on platforms that support the inotify
interface, polling or loading the entries on-deman is not supported.
During initialization, the files are loaded from the environment
variables SSS_FILES_PASSWD and SSS_FILES_GROUP, defaulting to
/etc/passwd and /etc/group respectively. Loading the files from
environment variables is mostly implemented for tests that need to load
nss_wrapped files.
The files provider is a bit different from other provider types in the
sense that it always enumerates full contents of the database.
Therefore, the requests from Data Provider are always just replied to
with success. Enumerating the contents is done in full at the moment,
all users and all groups are removed and added anew. Modifying the
passwd and group databses should be rare enough for this to be
justified and we can optimize the code later.
Since with large databases, the cache update might take a bit of time,
we signal the responders to disable the files domain once we receive the
inotify notification and re-enable the files domain after the update is
finished. The idea is that the NSS configuration would still contain
"files" after "sss" so that if the domain is disabled, libc would fall
back to a direct "files" lookup.
Resolves:
https://fedorahosted.org/sssd/ticket/3262
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Diffstat (limited to 'Makefile.am')
| -rw-r--r-- | Makefile.am | 29 |
1 files changed, 28 insertions, 1 deletions
diff --git a/Makefile.am b/Makefile.am index 09c021d22..e6d3530d0 100644 --- a/Makefile.am +++ b/Makefile.am @@ -339,7 +339,8 @@ sssdlib_LTLIBRARIES = \ libsss_ldap.la \ libsss_krb5.la \ libsss_proxy.la \ - libsss_simple.la + libsss_simple.la \ + $(NULL) if BUILD_SAMBA sssdlib_LTLIBRARIES += \ @@ -347,6 +348,12 @@ sssdlib_LTLIBRARIES += \ libsss_ad.la endif +if HAVE_INOTIFY +sssdlib_LTLIBRARIES += \ + libsss_files.la \ + $(NULL) +endif # HAVE_INOTIFY + ldblib_LTLIBRARIES = \ memberof.la @@ -771,6 +778,7 @@ dist_noinst_HEADERS = \ src/providers/ad/ad_subdomains.h \ src/providers/proxy/proxy.h \ src/providers/proxy/proxy_iface_generated.h \ + src/providers/files/files_private.h \ src/tools/tools_util.h \ src/tools/sss_sync_ops.h \ src/resolv/async_resolv.h \ @@ -1853,6 +1861,7 @@ if BUILD_SEMANAGE FILES_TESTS_LIBS += $(SEMANAGE_LIBS) endif +if HAVE_INOTIFY files_tests_SOURCES = \ src/tests/files-tests.c \ src/util/check_and_open.c \ @@ -1866,6 +1875,7 @@ files_tests_LDADD = \ $(FILES_TESTS_LIBS) \ libsss_test_common.la \ $(SSSD_INTERNAL_LTLIBS) +endif # HAVE_INOTIFY SSSD_RESOLV_TESTS_OBJ = \ $(SSSD_RESOLV_OBJ) @@ -3510,6 +3520,23 @@ libsss_proxy_la_LDFLAGS = \ -avoid-version \ -module +libsss_files_la_SOURCES = \ + src/providers/files/files_init.c \ + src/providers/files/files_id.c \ + src/providers/files/files_ops.c \ + src/util/inotify.c \ + $(NULL) +libsss_files_la_CFLAGS = \ + $(AM_CFLAGS) \ + $(NULL) +libsss_files_la_LIBADD = \ + $(PAM_LIBS) \ + $(NULL) +libsss_files_la_LDFLAGS = \ + -avoid-version \ + -module \ + $(NULL) + libsss_simple_la_SOURCES = \ src/providers/simple/simple_access_check.c \ src/providers/simple/simple_access.c |