summaryrefslogtreecommitdiffstats
path: root/src/tools
Commit message (Collapse)AuthorAgeFilesLines
* TOOLS: Prevent dereference of null pointerLukas Slebodnik2016-07-121-35/+28
| | | | | | | | | | VAR_CHECK is called with (var, EOK, ...) EOK would be returned in case of "var != EOK" and output argument _attrs would not be initialized. Therefore there could be dereference of null pointer after calling function usermod_build_attrs. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* sssctl: Fix warning maybe-uninitializedLukas Slebodnik2016-07-121-5/+9
| | | | | | | | | | | | | | | | | | | | | It looks like some special gcc optimalisation and special case may cause to have unitialized output argument _dom when return code is EOK src/tools/sssctl/sssctl_cache.c: In function ‘sssctl_print_object’: src/tools/sssctl/sssctl_cache.c:491:8: error: ‘dom’ may be used uninitialized in this function [-Werror=maybe-uninitialized] if (dom == NULL) { ^ src/tools/sssctl/sssctl_cache.c:447:15: error: ‘entry’ may be used uninitialized in this function [-Werror=maybe-uninitialized] *_entry = talloc_steal(mem_ctx, entry); ^~~~~~~~~~~~ src/tools/sssctl/sssctl_cache.c:412:25: note: ‘entry’ was declared here struct sysdb_attrs *entry; ^~~~~ Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sssctl: Fix format string for size_tLukas Slebodnik2016-07-121-1/+1
| | | | | | | | | | | | | src/tools/sssctl/sssctl_config.c: In function 'sssctl_config_check': src/tools/sssctl/sssctl_config.c:93:14: warning: format '%lu' expects argument of type 'long unsigned int', but argument 2 has type 'size_t {aka unsigned int}' [-Wformat=] printf(_("Issues identified by validators: %lu\n"), num_errors); ^ src/tools/sssctl/sssctl_config.c:93:12: note: in expansion of macro '_' printf(_("Issues identified by validators: %lu\n"), num_errors); ^ Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sssctl: config-check access check reportMichal Židek2016-07-111-1/+2
| | | | | | | Improve output when access check error is detected by sssctl config-check command. Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* sssctl: Fix error handling after memory allocation failureLukas Slebodnik2016-07-111-1/+2
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* sssctl: Add config-check commandMichal Židek2016-07-073-0/+144
| | | | | | | | | | | Fixes: https://fedorahosted.org/sssd/ticket/2269 sssctl sconfig-check command allows to call SSSD config file validators on demand. Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TOOLS: Add the upgrade-cache commandJakub Hrozek2016-07-073-0/+35
| | | | | | | Allows to upgrade the cache using the sssctl tool, which might be useful e.g. in RPM %post scripts. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TOOLS: Some tools command might not need initialization to succeedJakub Hrozek2016-07-074-38/+66
| | | | | | | | | | | | Since we want to use the sssctl tool during upgrade, we need to amend the tools initialization code to not error out if sysdb can't be instantiated, but rather return errno and let the tool handle the error. Each tool command now has a 'allowed errno' the command is able to handle. In this patch iteration, only a single errno can be handled and only the upgrade command is able to do so. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SYSDB: Remove useless parameter from sysdb_init()Jakub Hrozek2016-07-072-2/+2
| | | | | | | The function sysdb_init() is never used to allow upgrade, so the allow_upgrade parameter was pointless. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TOOLS: sssctl: Work with trusted usersJakub Hrozek2016-07-071-22/+115
| | | | | | | | | For users and groups, convert the input name to the qualified format. Resolves: https://fedorahosted.org/sssd/ticket/3059 Reviewed-by: Sumit Bose <sbose@redhat.com>
* SSS_OVERRIDE: Fixes for fully qualified namesJakub Hrozek2016-07-072-62/+87
| | | | | | | | | Use sss_create_internal_fqname for internal cache lookups. Because the object's existence is verified using getpw* and getgr*, we keep using sss_tc_fqname there, just to feed the NSS interface the expected qualified or unqualified name format. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SSS_SEED: Use FQDN for accessing sysdbJakub Hrozek2016-07-071-15/+9
| | | | | | Same as all other tools. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SSS_CACHE: Don't use sss_get_domain_name, but create the internal fqname ↵Jakub Hrozek2016-07-071-12/+23
| | | | | | | | | instead for users and groups All users and groups are now stored in the cache using the same format, so we can use that one instead of creating a domain-specific name. Reviewed-by: Sumit Bose <sbose@redhat.com>
* SSS_CACHE: Make internal functions staticJakub Hrozek2016-07-071-4/+8
| | | | | | No need to export functions that are only used internally. Reviewed-by: Sumit Bose <sbose@redhat.com>
* TOOLS: Make the local domain operate on FQDNsJakub Hrozek2016-07-072-14/+75
| | | | | | | | | Normally we convert the names from short to internal format on input. For the local domain tools, we can consider the sss_sync_ops an input interface, to avoid having to convert the name in each tool and interface separately. Reviewed-by: Sumit Bose <sbose@redhat.com>
* sssctl: remove also ccachePavel Březina2016-07-061-1/+1
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sssctl: restart SSSD when removing cachePavel Březina2016-07-061-21/+40
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/3066 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* confdb: Make it possible to use config snippetsMichal Židek2016-06-271-1/+3
| | | | | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2247 Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sssctl: new toolPavel Březina2016-06-277-0/+1633
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_override: return EXIT_FAILURE if file does not exist during importPavel Březina2016-06-271-0/+2
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_override: return EXIT_SUCCESS even when no overrides are foundPavel Březina2016-06-271-1/+6
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: create confdb if not existPavel Březina2016-06-271-4/+5
| | | | | | | So tools (especially sssctl) may be run even when databases where removed. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: add test if sssd is runningPavel Březina2016-06-277-98/+162
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: return errno_t instead of system codePavel Březina2016-06-273-180/+158
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: pad help message properlyPavel Březina2016-06-271-8/+31
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: add commands delimiterPavel Březina2016-06-272-0/+19
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: tell whether an option was providedPavel Březina2016-06-273-16/+28
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: unify description of --debugPavel Březina2016-06-271-1/+1
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: add help commands to usage messagePavel Březina2016-06-271-0/+6
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_tools: add command descriptionPavel Březina2016-06-273-14/+22
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* sss_override: add certificate supportSumit Bose2016-06-091-5/+33
| | | | Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* TOOLS: Fix warning maybe-uninitializedLukas Slebodnik2016-05-121-0/+1
| | | | | | | | | | src/tools/files.c: In function ‘copy_file_contents’: src/tools/files.c:413:12: error: ‘ret’ may be used uninitialized in this function [-Werror=maybe-uninitialized] return ret; ^~~ Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* Internal: Rename CONFDB_DEFAULT_CONFIG_FILEStephen Gallagher2016-05-111-1/+1
| | | | | | | | New name is SSSD_CONFIG_FILE. This is done because we will start to ship a static default configuration in addition to the runtime configuration. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* UTIL: Add secure copy functionStephen Gallagher2016-05-112-38/+109
| | | | | | | | | | | This is a precursor to supporting a static default configuration file. We need to be able to copy the default into the mutable location if the infopipe is asked to modify it. This patch opens both the source and destination files together in order to avoid time-of-check/time-of-use bugs. Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* TOOL: Invalidation of sudo rules at sss_cachePetr Cech2016-04-201-3/+63
| | | | | | | | | | This patch adds new functionality to sss_cach for invalidation of given sudo rule or all sudo rules. Resolves: https://fedorahosted.org/sssd/ticket/2081 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* SSS_CACHE: RefactorPetr Cech2016-04-201-47/+106
| | | | | | | | | Refactor of sss_cache tool. Resolves: https://fedorahosted.org/sssd/ticket/2081 Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* sss_override: only add domain if name is not fully qualifiedSumit Bose2016-04-131-1/+27
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2989 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* tools: read additional data of the master domainSumit Bose2016-04-131-0/+8
| | | | | | | Resolves: https://fedorahosted.org/sssd/ticket/2989 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* sss_override: do not generate DN, search objectSumit Bose2016-04-131-7/+27
| | | | | | | | | | | | DNs of existing objects can not be generate reliable because the use of fully qualified names and upper and lower cases in names has to be considered. The most reliable way to get the DN is to search the object and take the DN from the result. Resolves: https://fedorahosted.org/sssd/ticket/2989 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TOOLS: Add comments on functions in colondbPetr Cech2016-02-241-0/+23
| | | | | | | | | | | | | | | | | | The colondb API provides three function: * sss_colondb_open() * sss_colondb_write_field() * sss_colondb_read_field() It is not obvious that sss_colondb_open() add destructor on talloc context which close the colondb during free context. And there is expectation that SSS_COLONDB_SENTINEL is type of last item in line. So this patch adds simple lightening comments in doxygen style. Resolves: https://fedorahosted.org/sssd/ticket/2764 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TOOLS: Fix memory leak after getline() failedPetr Cech2016-02-241-0/+4
| | | | | | | | | | | | | | | | | | This patch fixes buffer freeing in case if getline() failed in function sss_colondb_readline(). ssize_t getline(char **lineptr, size_t *n, FILE *stream); If *lineptr is set to NULL and *n is set 0 before the call, then getline() will allocate a buffer for storing the line. This buffer should be freed by the user program even if getline() failed. man 3 getline This patch fix buffer freeing in case if getline() failed. Resolves: https://fedorahosted.org/sssd/ticket/2764 Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TOOLS: Fix minor memory leak in sss_colondb_writelineLukas Slebodnik2016-02-241-0/+7
| | | | | | | | | | The variable line was initialized to NULL. The we created temporary context tmp_ctx. We use talloc_asprintf_append to append string to line which is initially NULL and therefore new context which was not connected to tmp_ctx. man 3 talloc_string -> talloc_asprintf_append Reviewed-by: Petr Cech <pcech@redhat.com>
* Fix typos reported by lintianLukas Slebodnik2016-02-231-1/+1
| | | | Reviewed-by: Pavel Březina <pbrezina@redhat.com>
* PYTHON: Fix pep8 errors in sss_obfuscateLukas Slebodnik2016-02-031-5/+8
| | | | | | | | | | | | src/tools/sss_obfuscate:12:1: E302 expected 2 blank lines, found 1 src/tools/sss_obfuscate:29:80: E501 line too long (111 > 79 characters) src/tools/sss_obfuscate:35:1: E302 expected 2 blank lines, found 1 src/tools/sss_obfuscate:47:80: E501 line too long (107 > 79 characters) src/tools/sss_obfuscate:50:13: E265 block comment should start with '# ' src/tools/sss_obfuscate:58:17: E265 block comment should start with '# ' src/tools/sss_obfuscate:107:5: E303 too many blank lines (2) Reviewed-by: Martin Basti <mbasti@redhat.com>
* PYTHON: sss_obfuscate should work with python3Lukas Slebodnik2016-02-031-11/+13
| | | | | | | | | Based on patch from: Steven W. Elling <ellingsw+29044@gmail.com> Resolves: https://fedorahosted.org/sssd/ticket/2937 Reviewed-by: Martin Basti <mbasti@redhat.com>
* TOOLS: Fix warning Wsign-compareLukas Slebodnik2016-01-291-1/+1
| | | | | | | | | | src/tools/tools_util.c: In function ‘parse_groups’: src/tools/tools_util.c:116:19: error: comparison between signed and unsigned integer expressions [-Werror=sign-compare] for (i = 0; i < tokens; i++) { ^ Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* DEBUG: Add missing new linesLukas Slebodnik2015-12-141-1/+1
| | | | Reviewed-by: Petr Cech <pcech@redhat.com>
* tools: Don't shadow 'exit'Jakub Hrozek2015-11-101-18/+18
| | | | | | | | | | | | Fixes: /sssd/src/tools/sss_override.c: In function ‘override_user_import’: /sssd/src/tools/sss_override.c:1471: warning: declaration of ‘exit’ shadows a global declaration /usr/include/stdlib.h:544: warning: shadowed declaration is here /sssd/src/tools/sss_override.c: In function ‘override_group_import’: /sssd/src/tools/sss_override.c:1737: warning: declaration of ‘exit’ shadows a global declaration /usr/include/stdlib.h:544: warning: shadowed declaration is here Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
* TOOLS: DFL_UMASK --> SSS_DFL_UMASKPetr Cech2015-11-051-2/+1
| | | | | | | | | We could use SSS_DFL_UMASK instead of DFL_UMASK. Resolves: https://fedorahosted.org/sssd/ticket/2424 Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
* util: Continue if setlocale failsMichal Židek2015-11-041-1/+3
| | | | | | | | | | | | | setlocale needs some environment variables to be set in order to work. These variables are not present in some special cases. We should not fail completely in these cases but continue with the compatible C locale. Resolves: https://fedorahosted.org/sssd/ticket/2785 Reviewed-by: Michal Židek <mzidek@redhat.com>
generated by cgit (git 2.34.1) at 2024-05-10 02:43:55 +0000