MONITOR: Enable an implicit files domain if one is not configured

If SSSD is compiled with --enable-files-domain, the loading of the
domains changes such that:
    * if no domain with id_provider=files exists in the config file, an
      implicit SSSD files domain is added
    * this domain is always first in the list

The administrator is free to create a files domain in the config file
himself and either place it at the end of the list or not enable it at
all.

Resolves:
https://pagure.io/SSSD/sssd/issue/3112

Reviewed-by: Pavel Březina <pbrezina@redhat.com>

1 files changed, 11 insertions, 0 deletions

diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index 59bf70741..7e7b5a07d 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -90,6 +90,9 @@
                                  "that the file is accessible only by the "\
                                  "owner and owned by root.root.\n"
 
+/* SSSD domain name that is used for the auto-configured files domain */
+#define IMPLICIT_FILES_DOMAIN_NAME "implicit_files"
+
 int cmdline_debug_level;
 int cmdline_debug_timestamps;
 int cmdline_debug_microseconds;
@@ -1053,6 +1056,14 @@ static int get_monitor_config(struct mt_ctx *ctx)
         return ret;
     }
 
+    ret = confdb_ensure_files_domain(ctx->cdb, IMPLICIT_FILES_DOMAIN_NAME);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_MINOR_FAILURE,
+              "Cannot add the implicit files domain [%d]: %s\n",
+              ret, strerror(ret));
+        /* Not fatal */
+    }
+
     ret = confdb_get_domains(ctx->cdb, &ctx->domains);
     if (ret != EOK) {
         DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured.\n");