| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
| |
and override objects
Runs a sysdb upgrade that changes objects that represent users, groups,
sudo rules and overrides to the new schema, which uses the fully
qualified names.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
When the cache is upgraded, we want to avoid upgrading the timestamps
cache, because it was only introduced recently in Beta, so it doesn't
make senes to write complex code to change the format.
This patch rather removes the cache during upgrade, it will be recreated
with later lookups anyway.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This patch fixes several issues introduced during the recent sysdb
upgrade:
1) The upgrade code often accesses sysdb->ldb, but at this point,
the ldb pointer might not be initialized yet. As a kind of an ugly,
yet functional workaround, we pass in the ldb pointer that we
received from the caller as part of the sysdb structure.
2) the version that sysdb_domain_cache_upgrade() returns is not a
talloc pointer, so the upgrade was crashing when we tried to steal
it.
3) the ldb pointer sysdb_cache_connect() returns was kept allocated
on the tmp_ctx. We need to steal it instead.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
| |
We decide on whether to upgrade or not based on a pointer value, not a
boolean. This pointer points to a structure that the upgrade invoker
(typically the monitor) can use to fill auxilary data the sysdb upgrade
has no means of instantiating.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
| |
The function sysdb_init() is never used to allow upgrade, so the
allow_upgrade parameter was pointless.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
| |
For all domain types, except the local domain, open a connection to a
new ldb file located at /var/lib/sss/db names timestamps_$domain.ldb.
Constructs the ldb file path manually in sysdb_check_upgrade_02() but
that should be acceptable because nobody should be running such an old
cache these days anyway.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Uses the generic functions in sysdb_init.c to open a new ldb database.
The path to the database and the ldb context are stored in the
sysdb_ctx. The database will be used to store ephemeral attributes such
as timestamps. Because these attributes are not required for SSSD
operation and the intent is for writes to this cache to be very fast,
the database is opened with LDB_FLG_NOSYNC flag. At the same time, none
of the attributes of the cache is required for sssd operation, so if we
fail to open the database, we just start over.
Adds a separate base LDIF with attributes that are supposed to be
indexed in the timestamp database as well as a separate timestamp cache
version.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changes the functions in sysdb_init.c so that the functions are usable
to initialize a second cache to store timestamps. In particular,
functions that operated on sysdb->ldb now operate on a generic ldb
context so that a new ldb_ts context can be used later. Existing
functions that initialize the sysdb cache call the generic functions
with sysdb->ldb as a parameter.
Splits out a function to initialize an empty ldb database with a generic
LDIF.
Splits out the sysdb upgrade function because the upgrade will only be
used by the sysdb cache, the timestamp cache will start with a different
version and might receive separate upgrade functions in the future.
The ldb connection function accepts ldb flags parameter, currently
unused.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
|
|
|
|
|
| |
We used really strange errno codes for detecting whether the database is
too old or too new. We should use our sssd-specific error coded instead.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
The sysdb initialization was in the sysdb.c module. With adding
initialization of the timestamp cache, this module would become too big
with too many private functions meant only for initialization.
This patch only moves code around, there are no functional changes to
the initialization.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|