diff options
| author | Michal Židek <mzidek@redhat.com> | 2016-06-22 19:11:42 +0200 |
|---|---|---|
| committer | Jakub Hrozek <jhrozek@redhat.com> | 2016-06-27 22:25:27 +0200 |
| commit | 8b2a31634764168183506925a4b9f461afdba6f3 (patch) | |
| tree | e2c922c85a073f28db47e77daea84fd4cb558b17 | |
| parent | cca497b4cbbbf05c4f9181b7d8113cde81754831 (diff) | |
| download | sssd-8b2a31634764168183506925a4b9f461afdba6f3.tar.gz sssd-8b2a31634764168183506925a4b9f461afdba6f3.tar.xz sssd-8b2a31634764168183506925a4b9f461afdba6f3.zip | |
confdb: Check for config file errors on sssd startup
Resolves:
https://fedorahosted.org/sssd/ticket/2028
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
| -rw-r--r-- | src/confdb/confdb.c | 2 | ||||
| -rw-r--r-- | src/confdb/confdb.h | 2 | ||||
| -rw-r--r-- | src/confdb/confdb_setup.c | 9 | ||||
| -rw-r--r-- | src/util/sss_ini.c | 49 | ||||
| -rw-r--r-- | src/util/sss_ini.h | 4 |
5 files changed, 61 insertions, 5 deletions
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c index d40934489..b99c6cf40 100644 --- a/src/confdb/confdb.c +++ b/src/confdb/confdb.c @@ -1,7 +1,7 @@ /* SSSD - NSS Configuratoin DB + SSSD Configuration DB Copyright (C) Simo Sorce <ssorce@redhat.com> 2008 diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 2cd75b9e8..eb5764c2e 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -1,7 +1,7 @@ /* SSSD - NSS Configuratoin DB + SSSD Configuration DB Copyright (C) Simo Sorce <ssorce@redhat.com> 2008 diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c index 1e4b9a269..614aa2206 100644 --- a/src/confdb/confdb_setup.c +++ b/src/confdb/confdb_setup.c @@ -141,7 +141,6 @@ static int confdb_init_db(const char *config_file, const char *config_dir, struct ldb_ldif *ldif; struct sss_ini_initdata *init_data; - tmp_ctx = talloc_new(cdb); if (tmp_ctx == NULL) { DEBUG(SSSDBG_FATAL_FAILURE, "Out of memory.\n"); @@ -234,6 +233,14 @@ static int confdb_init_db(const char *config_file, const char *config_dir, goto done; } + /* FIXME: Do not hardcode the path */ + ret = sss_ini_call_validators(init_data, + "/var/lib/sss/cfg_rules.ini"); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Failed to call validators\n"); + /* This is not fatal, continue */ + } + /* Make sure that the config file version matches the confdb version */ ret = sss_ini_get_cfgobj(init_data, "sssd", "config_file_version"); if (ret != EOK) { diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c index 667447e17..b4dbb0772 100644 --- a/src/util/sss_ini.c +++ b/src/util/sss_ini.c @@ -59,8 +59,6 @@ struct sss_ini_initdata { #define sss_ini_get_const_string_config_value ini_get_const_string_config_value #define sss_ini_get_config_obj ini_get_config_valueobj - - #else struct sss_ini_initdata { @@ -545,3 +543,50 @@ error: talloc_free(ldif); return ret; } + +int sss_ini_call_validators(struct sss_ini_initdata *data, + const char *rules_path) +{ +#ifdef HAVE_LIBINI_CONFIG_V1_3 + int ret; + struct ini_cfgobj *rules_cfgobj = NULL; + struct ini_errobj *errobj = NULL; + + ret = ini_errobj_create(&errobj); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, "Failed to create error list\n"); + goto done; + } + + ret = ini_rules_read_from_file(rules_path, &rules_cfgobj); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to read sssd.conf schema %d [%s]\n", ret, strerror(ret)); + goto done; + } + + ret = ini_rules_check(rules_cfgobj, data->sssd_config, NULL, errobj); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + "ini_rules_check failed %d [%s]\n", ret, strerror(ret)); + goto done; + } + + /* Do not error out when validators find some issue */ + while (!ini_errobj_no_more_msgs(errobj)) { + DEBUG(SSSDBG_CRIT_FAILURE, + "%s\n", ini_errobj_get_msg(errobj)); + ini_errobj_next(errobj); + } + +done: + if (rules_cfgobj) ini_config_destroy(rules_cfgobj); + ini_errobj_destroy(&errobj); + + return ret; +#else + DEBUG(SSSDBG_TRACE_FUNC, + "libini_config does not support configuration file validataion\n"); + return EOK; +#endif /* HAVE_LIBINI_CONFIG_V1_3 */ +} diff --git a/src/util/sss_ini.h b/src/util/sss_ini.h index f5b36deb9..7734bab3c 100644 --- a/src/util/sss_ini.h +++ b/src/util/sss_ini.h @@ -79,4 +79,8 @@ int sss_confdb_create_ldif(TALLOC_CTX *mem_ctx, struct sss_ini_initdata *init_data, const char **config_ldif); +/* Validate sssd.conf if libini_config support it */ +int sss_ini_call_validators(struct sss_ini_initdata *data, + const char *rules_path); + #endif /* __SSS_INI_H__ */ |