From 46d3d2c731e8c7e138462e5b60a39a279dc77d81 Mon Sep 17 00:00:00 2001 From: Pavel Březina Date: Mon, 12 Mar 2012 10:07:35 +0100 Subject: sudo api: send uid, username and domainname https://fedorahosted.org/sssd/ticket/1239 Test client was changed accordingly. The new usage is: sss_sudo_cli username [uid] If uid is not set, getpwnam(username) is called. It will retrieve both default options and rules. --- src/sss_client/sudo/sss_sudo.h | 40 ++++++++++++++++++++++++++++------------ 1 file changed, 28 insertions(+), 12 deletions(-) (limited to 'src/sss_client/sudo/sss_sudo.h') diff --git a/src/sss_client/sudo/sss_sudo.h b/src/sss_client/sudo/sss_sudo.h index fe01e65d..1a275cfa 100644 --- a/src/sss_client/sudo/sss_sudo.h +++ b/src/sss_client/sudo/sss_sudo.h @@ -30,6 +30,7 @@ */ #include +#include /** The value returned when the communication with SUDO is successful and * the user was found in one of the domains @@ -89,7 +90,9 @@ struct sss_sudo_result { * @brief Send a request to SSSD to retreive all SUDO rules for a given * user. * + * @param[in] uid The uid of the user to retreive the rules for. * @param[in] username The username to retreive the rules for + * @param[in] domainname The domain name the user is a member of. * @param[out] _error The result of the search in SSSD's domains. If the * user was present in the domain, the _error code is * SSS_SUDO_ERROR_OK and the _result structure is @@ -109,7 +112,9 @@ struct sss_sudo_result { * tell whether the result contains any rules or whether SSSD knew the * user at all. That information is transferred in the _error parameter. */ -int sss_sudo_send_recv(const char *username, +int sss_sudo_send_recv(uid_t uid, + const char *username, + const char *domainname, uint32_t *_error, struct sss_sudo_result **_result); @@ -117,24 +122,35 @@ int sss_sudo_send_recv(const char *username, * @brief Send a request to SSSD to retrieve the default options, commonly * stored in the "cn=defaults" record, * - * @param[out] _error The result of the search in SSSD's domains. If the - * options were present in the domain, the _error code - * is SSS_SUDO_ERROR_OK and the _result structure is - * returned even if it was empty (in other words - * _result->num_rules == 0). Other problems are returned - * as errno codes. + * @param[in] uid The uid of the user to retreive the rules for. * - * @param[out] _result Newly allocated structure sss_result that contains - * the options. If no options were found this structure - * is "empty", which means that the num_rules member - * is 0. + * @param[in] username The username to retreive the rules for. + * + * @param[out] _error The result of the search in SSSD's domains. If the + * options were present in the domain, the _error code + * is SSS_SUDO_ERROR_OK and the _result structure is + * returned even if it was empty (in other words + * _result->num_rules == 0). Other problems are returned + * as errno codes. + * + * @param[out] _domainname The domain name the user is a member of. + * + * @param[out] _result Newly allocated structure sss_result that contains + * the options. If no options were found this structure + * is "empty", which means that the num_rules member + * is 0. * * @return 0 on success and other errno values on failure. The return value * denotes whether communication with SSSD was successful. It does not * tell whether the result contains any rules or whether SSSD knew the * user at all. That information is transferred in the _error parameter. + * + * @note The _domainname should be freed using free(). */ -int sss_sudo_send_recv_defaults(uint32_t *_error, +int sss_sudo_send_recv_defaults(uid_t uid, + const char *username, + uint32_t *_error, + char **_domainname, struct sss_sudo_result **_result); /** -- cgit