summaryrefslogtreecommitdiffstats
path: root/src/db/sysdb_ops.c
diff options
context:
space:
mode:
Diffstat (limited to 'src/db/sysdb_ops.c')
-rw-r--r--src/db/sysdb_ops.c71
1 files changed, 71 insertions, 0 deletions
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 4755ea3..60bd746 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2290,6 +2290,77 @@ fail:
return ret;
}
+errno_t sysdb_refresh_group_memberships(struct sss_domain_info *dom,
+ struct ldb_dn *dn)
+{
+ int ret;
+ TALLOC_CTX *tmp_ctx;
+ const char *attrs[] = { SYSDB_MEMBEROF, NULL };
+ size_t msgs_count;
+ struct ldb_message **msgs;
+ struct ldb_message_element *groups;
+ size_t c;
+ struct ldb_dn *group_dn;
+
+ tmp_ctx = talloc_new(NULL);
+ if (tmp_ctx == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
+ return ENOMEM;
+ }
+
+ ret = sysdb_search_entry(tmp_ctx, dom->sysdb, dn, LDB_SCOPE_BASE, NULL,
+ attrs, &msgs_count, &msgs);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed for [%s].\n",
+ ldb_dn_get_linearized(dn));
+ goto done;
+ }
+
+ if (msgs_count != 1) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Expected 1 result for base search, got [%d].\n", msgs_count);
+ ret = EINVAL;
+ goto done;
+ }
+
+ groups = ldb_msg_find_element(msgs[0], SYSDB_MEMBEROF);
+ if (groups == NULL) {
+ DEBUG(SSSDBG_TRACE_ALL, "[%s] is not member of any group.\n",
+ ldb_dn_get_linearized(dn));
+ ret = EOK;
+ goto done;
+ }
+
+ for (c = 0; c < groups->num_values; c++) {
+ group_dn = ldb_dn_from_ldb_val(tmp_ctx, dom->sysdb->ldb,
+ &groups->values[c]);
+ if (group_dn == NULL) {
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_dn_from_ldb_val failed.\n");
+ ret = ENOMEM;
+ goto done;
+ }
+
+ ret = sysdb_mod_group_member(dom, dn, group_dn, SYSDB_MOD_DEL);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "sysdb_mod_group_member SYSDB_MOD_DEL failed.\n");
+ goto done;
+ }
+ ret = sysdb_mod_group_member(dom, dn, group_dn, SYSDB_MOD_ADD);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "sysdb_mod_group_member SYSDB_MOD_ADD failed.\n");
+ goto done;
+ }
+ }
+
+ ret = EOK;
+done:
+ talloc_free(tmp_ctx);
+
+ return ret;
+}
+
/* =Add-Basic-Netgroup-NO-CHECKS============================================= */
int sysdb_add_basic_netgroup(struct sss_domain_info *domain,