From cca497b4cbbbf05c4f9181b7d8113cde81754831 Mon Sep 17 00:00:00 2001
From: Michal Židek <mzidek@redhat.com>
Date: Tue, 22 Mar 2016 14:09:34 +0100
Subject: confdb: Make it possible to use config snippets
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Resolves:
https://fedorahosted.org/sssd/ticket/2247

Signed-off-by: Lukas Slebodnik <lslebodn@redhat.com>

Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
 src/util/sss_ini.c | 62 +++++++++++++++++++++++++++++++++++++++++++++++++++++-
 1 file changed, 61 insertions(+), 1 deletion(-)

(limited to 'src/util/sss_ini.c')

diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c
index 766a75ea6..667447e17 100644
--- a/src/util/sss_ini.c
+++ b/src/util/sss_ini.c
@@ -46,6 +46,8 @@
 
 struct sss_ini_initdata {
     char **error_list;
+    struct ref_array *ra_success_list;
+    struct ref_array *ra_error_list;
     struct ini_cfgobj *sssd_config;
     struct value_obj *obj;
     const struct stat *cstat;
@@ -205,10 +207,19 @@ void sss_ini_config_print_errors(char **error_list)
 /* Load configuration */
 
 int sss_ini_get_config(struct sss_ini_initdata *init_data,
-                       const char *config_file)
+                       const char *config_file,
+                       const char *config_dir)
 {
     int ret;
 #ifdef HAVE_LIBINI_CONFIG_V1
+#ifdef HAVE_LIBINI_CONFIG_V1_3
+    const char *patterns[] = { "^[^\\.].*\\.conf", NULL };
+    const char *sections[] = { ".*", NULL };
+    uint32_t i = 0;
+    char *msg = NULL;
+    struct access_check snip_check;
+    struct ini_cfgobj *modified_sssd_config = NULL;
+#endif /* HAVE_LIBINI_CONFIG_V1_3 */
 
     /* Create config object */
     ret = ini_config_create(&(init_data->sssd_config));
@@ -244,6 +255,55 @@ int sss_ini_get_config(struct sss_ini_initdata *init_data,
         return ret;
     }
 
+#ifdef HAVE_LIBINI_CONFIG_V1_3
+    snip_check.flags = INI_ACCESS_CHECK_MODE | INI_ACCESS_CHECK_UID
+                       | INI_ACCESS_CHECK_GID;
+    snip_check.uid = 0; /* owned by root */
+    snip_check.gid = 0; /* owned by root */
+    snip_check.mode = S_IRUSR; /* r**------ */
+    snip_check.mask = ALLPERMS & ~(S_IWUSR | S_IXUSR);
+
+    ret = ini_config_augment(init_data->sssd_config,
+                             config_dir,
+                             patterns,
+                             sections,
+                             &snip_check,
+                             INI_STOP_ON_ANY,
+                             INI_MV1S_OVERWRITE,
+                             INI_PARSE_NOWRAP,
+                             INI_MV2S_OVERWRITE,
+                             &modified_sssd_config,
+                             &init_data->ra_error_list,
+                             &init_data->ra_success_list);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              "Failed to augment configuration [%d]: %s",
+              ret, sss_strerror(ret));
+    }
+
+    while (ref_array_get(init_data->ra_success_list, i, &msg) != NULL) {
+        DEBUG(SSSDBG_TRACE_FUNC,
+              "Config merge success: %s\n", msg);
+        i++;
+    }
+
+    i = 0;
+    while (ref_array_get(init_data->ra_error_list, i, &msg) != NULL) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              "Config merge error: %s\n", msg);
+        i++;
+    }
+
+    /* switch config objects if there are no errors */
+    if (modified_sssd_config != NULL) {
+        ini_config_destroy(init_data->sssd_config);
+        init_data->sssd_config = modified_sssd_config;
+    } else {
+        DEBUG(SSSDBG_TRACE_FUNC,
+              "Using only main configuration file due to errors in merging\n");
+    }
+#endif
+
     return ret;
 
 #else
-- 
cgit