| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
| |
and override objects
Runs a sysdb upgrade that changes objects that represent users, groups,
sudo rules and overrides to the new schema, which uses the fully
qualified names.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
We decide on whether to upgrade or not based on a pointer value, not a
boolean. This pointer points to a structure that the upgrade invoker
(typically the monitor) can use to fill auxilary data the sysdb upgrade
has no means of instantiating.
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
With this mode we can add socket activated services and have systemd
pre exec sssd to genrate the configuration file w/o starting the whole
sssd if not necessary.
https://fedorahosted.org/sssd/ticket/2243
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
Now thast services use an internal watchdog we do not need pings anymore,
this will cut down the chatter and allow more flexible process management,
for example socket activation and exit-on-idle.
Resolves:
https://fedorahosted.org/sssd/ticket/2921
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2247
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
So tools (especially sssctl) may be run even when databases where
removed.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
| |
New name is SSSD_CONFIG_FILE. This is done because we will start to
ship a static default configuration in addition to the runtime
configuration.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
| |
We only need to go online if we receive a netlink signal that might
indicate that the external connection might have become available. This
will never be true for link-local addresses.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This option is an optional one that is run when a sbus ping times out
and before a SIGKILL signal is sent.
It is undocumented by default.
diag_cmd (string):
A command that should be run for diagnostic purpose when an sbus timeout
fails. The option value may contain %p which would be expanded for the
process ID of the process that timed out
Example:
pstack %p
This setting would print the stackstrace of the service whose ping timed out.
Default: not set.
Reviewed-by: Petr Cech <pcech@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
SSSDBG_CONF_SETTINGS is reserved for configuration information. These
pings are generally just noise (when they fail, this is logged at
SSDBG_FATAL_FAILURE). We should only log these at SSSDBG_TRACE_INTERNAL.
Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>
Reviewed-by: Petr Cech <pcech@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Update get next domain to be able to
include disbled domains and change the
interface to accept flags instead of
multiple booleans.
Ticket:
https://fedorahosted.org/sssd/ticket/2673
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
resolv.conf can be missing during boot. This is not
fatal and we will check for its existence later.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
|
|
|
|
|
|
| |
If resolv.conf is not available when SSSD is starting,
check for its existence later.
Ticket:
https://fedorahosted.org/sssd/ticket/2590
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
| |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Properties are single value of a small number of predefined D-Bus
types. There is no need to generate them with codegen. Actually,
the source generator for property getters is already quite mess
with branching for array, strings and object paths. Adding any
more complex type in the future (such as dictionary) would require
even more branching or creating a separate path for it.
Hard coding the getters will simplify creating new ones for more
complex types. This patch also reduces lots of code duplication
and creates a simple function for GetAll.
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
If kill timer was successfully executed then it will be released by libtevent.
So we should not released it in mt_svc_exit_handler for the second time.
[sssd] [mt_svc_exit_handler] (0x0040): Child [ifp] terminated with signal [9]
[sssd] [talloc_log_fn] (0x0010): talloc: access after free error - first free
may be at ../tevent_timed.c:351
[sssd] [talloc_log_fn] (0x0010): Bad talloc magic value - access after free
==19129== Invalid read of size 4
==19129== at 0x50470CD: talloc_chunk_from_ptr (talloc.c:372)
==19129== by 0x50470CD: _talloc_free (talloc.c:1559)
==19129== by 0x11086C: mt_svc_exit_handler (monitor.c:2754)
==19129== by 0x8AF9B2F: sss_child_invoke_cb (child_common.c:181)
==19129== by 0x4E39823: tevent_common_loop_immediate (tevent_immediate.c:135)
==19129== by 0x4E3AF4D: poll_event_loop_once (tevent_poll.c:649)
==19129== by 0x4E38FEC: _tevent_loop_once (tevent.c:530)
==19129== by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677)
==19129== by 0x84C4B02: server_loop (server.c:668)
==19129== by 0x10D9A6: main (monitor.c:3028)
==19129== Address 0xb8a06c0 is 64 bytes inside a block of size 176 free'd
==19129== at 0x4C2ACE9: free (in /usr/lib64/valgrind/vgpreload_memcheck-amd64-linux.so)
==19129== by 0x50472F2: _talloc_free_internal (talloc.c:1057)
==19129== by 0x50472F2: _talloc_free (talloc.c:1581)
==19129== by 0x4E3D0A3: tevent_common_loop_timer_delay (tevent_timed.c:351)
==19129== by 0x4E3AF59: poll_event_loop_once (tevent_poll.c:653)
==19129== by 0x4E38FEC: _tevent_loop_once (tevent.c:530)
==19129== by 0x4E3AA4A: poll_event_loop_wait (tevent_poll.c:677)
==19129== by 0x84C4B02: server_loop (server.c:668)
==19129== by 0x10D9A6: main (monitor.c:3028)
Resolves:
https://fedorahosted.org/sssd/ticket/2572
Reviewed-by: Stephen Gallagher <sgallagh@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Rename sbus_conn_add_interface() to sbus_conn_register_iface()
and remove sbus_new_interface() calls since it is just one more
unnecessary call outside the sbus code.
The function sbus_new_interface() is made static and used
directly in sbus_conn_register_iface().
The name was chosen to better describe what the function is
doing. That it registers an interface on a given object path.
The same interface can be used with different paths so it is
not really about adding an interface.
Preparation for:
https://fedorahosted.org/sssd/ticket/2339
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
There are actually two bugs here:
1) When either the kill(SIGTERM) or kill(SIGKILL) commands returned
failure (for any reason), we would talloc_free(svc) which removed it
from being eligible for restart, resulting in the service never
starting again without an SSSD service restart.
2) There is a fairly wide race condition where it's possible for a
SIGKILL timer to "catch up" to the child exit handler between us
noticing the termination and actually restarting it. The race
happens because we re-enter the mainloop and add a restart
timeout to avoid a quick failure if we keep restarting due to a
transitory issue (the mt_svc object, and therefore the SIGKILL
timer, were never freed until we got to the actual service
restart).
We can minimize this race by recording the timer_event for the
SIGKILL timeout in the mt_svc object. This way, if the process
exits via SIGTERM, we will immediately remove the timer for the
SIGKILL. Additionally, we'll catch the special-case of an ESRCH
response from the kill(SIGKILL) and assume that it means that the
process has exited. The only other two possible errors are
* EINVAL: (an invalid signal was specified) - This should be
impossible, obviously.
* EPERM: This process doesn't have permission to send signals to
this PID. If this happens, it's either an SELinux bug or
else the process has terminated and a new process that
SSSD doesn't control has taken the ID over.
So in the incredibly unlikely case that one of those occurs, we'll
just go ahead and try to start a new process.
This patch also removes the incorrect talloc_free(svc) calls on the
kill() failures and replaces them with an attempt to just start up
the service again and hope for the best.
Resolves:
https://fedorahosted.org/sssd/ticket/2525
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This reverts commit cff89439b21f8573c6896b09cb1a8d5f9de3144c.
The previous fix was not sufficient and similar warning appears after different
change in function load_configuration.
src/monitor/monitor.c: In function ‘main’:
src/monitor/monitor.c:2962:24: error: ‘monitor’ may be used uninitialized
in this function [-Werror=maybe-uninitialized]
monitor->is_daemon = !opt_interactive;
^
cc1: all warnings being treated as errors
It's better to disable optimisation of function load_configuration after fail
in chown(unlink) instead of checking errno for 0 and overriding it with EINVAL.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
| |
Resolves:
https://fedorahosted.org/sssd/ticket/2506
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This warning is caused be change 579e5d4b7a3ca161ea7518b2996905fa22c15995
"MONITOR: Allow confdb to be accessed by nonroot user"
src/monitor/monitor.c: In function ‘main’:
src/monitor/monitor.c:2953:24: error: ‘monitor’ may be used uninitialized
in this function [-Werror=maybe-uninitialized]
monitor->is_daemon = !opt_interactive;
^
cc1: all warnings being treated as errors
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Adds the NSS responder to the list of services known to work as a
non-root user and becomes the specified user after starting the NSS
responder.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
| |
Sysdb must be accessible for the nonroot sssd
processes.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
| |
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
In some cases, the back end might still be running as root, but the
responder would be running unprivileged. In this case, we need to allow
connecting from the SSSD user ID.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Unless dbus_connection_set_unix_user_function() is used, D-Bus only
allows connections from UID 0. This patch adds a custom checker function
that allows either UID 0 or the pre-configured SSSD user ID.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
When setting up the sbus server, we might need to chown the sbus socket
to make sure non-root peers, running as the SSSD user are able to access
the file.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Related:
https://fedorahosted.org/sssd/ticket/2370
Adds a option, user to run as, that is specified in the [sssd] section. When
this option is specified, SSSD will run as this user and his private
group. When these are not specified, SSSD will run as the configure-time
user and group (usually root).
Currently all services and providers are started as root. There is a
temporary svc_supported_as_nonroot() function that returns true for a
service if that service runs and was tested as nonroot and false
otherwise. Currently this function always returns false, but will be
amended in future patches.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Adds new command line options --uid and --gid to all SSSD servers,
making it possible to switch to another user ID if needed.
So far all code still runs as root.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
| |
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
| |
Just moves code around. There should be a way to use the server.c module
without linking the monitor code.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
|
|
|
| |
Several functions in the monitor.c file were not marked as static even
though they were only used inside monitor.c
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/2348
When SSSD is running in interactive mode, we should print DEBUG messages
directly to stderr, not journal.
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
| |
|
|
|
|
|
|
| |
When the monitor receives SIGUSR2, it also signals the IFP responder to
attempt to reconnect to the system bus using the sysbusReconnect SBUS
method. No action is taken by other responders.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
| |
|
|
|
|
|
|
|
| |
Introduces a new method implemented only by the IFP responder. When this
method is received, the responder attempts to reconnect to the system
bus, if not connected already.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
| |
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
This patch implements the GetAll method of the
org.freedesktop.DBus.Properties interface by iterating over the
available getters and putting all the results into a single getter.
The patch includes a unit test that exercies all currently supported
array types.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
The monitor process does not read data from standard input in.
We can close file descriptor from stdin.
[sssd] [server_stdin_handler] (0x0020): sssd: EOF on stdin - terminating
Resolves:
https://fedorahosted.org/sssd/ticket/2312
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
| |
|
|
|
|
|
| |
Change description of supported access modes.
Add missing new line in message.
Reviewed-by: Simo Sorce <simo@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Instead of using a custom way to chck file type, use the system
provided macros and a mode mask to decide when we want to check.
Additionally a mask also allows us to selectively check permissions.
Related:
https://bugzilla.redhat.com/1089098
Resolves:
https://fedorahosted.org/sssd/ticket/2321
Signed-off-by: Simo Sorce <simo@redhat.com>
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Type safe method handlers allow methods not to have to do tedious
unwrapping and wrapping of DBus method call messages or replies.
Arguments of the following DBus types are supported in type-safe
method handlers. In addition arrays of these are supported.
y: uint8_t
b: bool (but no arrays, yet)
n: int16_t
q: uint16_t
i: int32_t
u: uint32_t
x: int64_t
t: uint64_t
d: double
s: char * (utf8 string)
o: char * (object path)
As an exception, arrays of booleans are not supported, but could be
added later. Other more complex types could be added later if desired.
If a method has other argument types, then it must be marked as having
a raw handler (see below).
Internally each method can have a type specific invoker function which
unpacks the incoming arguments and invokes the method handler with the
correct arguments.
Each method also has a finish which accepts the type-safe out arguments
(ie: return values) and builds the reply message. Like other request
'finish' functions, these free the request talloc context, and are to
be used in place of sbus_request_finish() or friends.
Raw method handlers parse their own method arguments, and prepare their
own reply (ideally using sbus_request_finish() helpers). They can also
do strange things like have variable arguments. To mark a DBus method
as having a raw method handler use the following annotation:
<annotation name="org.freedesktop.sssd.RawHandler" value="true"/>
Raw methods do not have invokers or finish functions.
I've left all of the internal peer to peer communication using raw
method handlers. No code changes here.
|
| |
|
|
|
|
|
|
| |
Related:
https://fedorahosted.org/sssd/ticket/2072
This commit only adds the responder and the needed plumbing. No DBus
related code is in yet.
|
| |
|
|
|
|
|
|
|
| |
Remove support for "--with-distro-version" configure option as unused.
The option was added in August 2011 (d3da1c1). As of now nothing seems
to use it. Packaging checked: rpm, deb, pacman, ebuilds, FreeBSD ports.
Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
We had in source code following pattern #elif HAVE_<name>
It worked because undefined identifier(in some cases) was evaluated to 0.
But we do not care about value of HAVE_SOMETHING. We just need to know
whether identifier was defined.
There is not equivalent to #ifdef (short for of #if definded)
We need to use long form: #elif defined HAVE_<name>
It causes also compiler warning with enabled compiler flag -Wundef.
Reviewed-by: Pavel Reichl <preichl@redhat.com>
|
