summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-01-06 02:04:58 -0500
committerJakub Hrozek <jhrozek@redhat.com>2013-01-15 10:49:20 +0100
commit9675bccabff4e79d224f64611ad9ff3e073b488e (patch)
tree39f5a16b37263395930a6e0ed209a3244ae22c81
parentde526c8425886ca3bed8f07a0f092ba5ac325654 (diff)
downloadsssd-9675bccabff4e79d224f64611ad9ff3e073b488e.tar.gz
sssd-9675bccabff4e79d224f64611ad9ff3e073b488e.tar.xz
sssd-9675bccabff4e79d224f64611ad9ff3e073b488e.zip
Make sysdb_custom_subtree_dn() require a domain.
-rw-r--r--src/db/sysdb.c3
-rw-r--r--src/db/sysdb.h4
-rw-r--r--src/db/sysdb_ops.c3
-rw-r--r--src/db/sysdb_sudo.c8
-rw-r--r--src/db/sysdb_sudo.h3
-rw-r--r--src/providers/ipa/ipa_access.c2
-rw-r--r--src/providers/ipa/ipa_hbac_common.c2
-rw-r--r--src/providers/ldap/sdap_async_sudo.c6
8 files changed, 19 insertions, 12 deletions
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index 2f58d70d..4127b912 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -93,6 +93,7 @@ errno_t sysdb_dn_sanitize(TALLOC_CTX *mem_ctx, const char *input,
struct ldb_dn *sysdb_custom_subtree_dn(struct sysdb_ctx *sysdb,
TALLOC_CTX *mem_ctx,
+ struct sss_domain_info *dom,
const char *subtree_name)
{
errno_t ret;
@@ -110,7 +111,7 @@ struct ldb_dn *sysdb_custom_subtree_dn(struct sysdb_ctx *sysdb,
}
dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_TMPL_CUSTOM_SUBTREE,
- clean_subtree, sysdb->domain->name);
+ clean_subtree, dom->name);
if (dn) {
talloc_steal(mem_ctx, dn);
}
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index fd1d7c81..f1a17c21 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -340,7 +340,9 @@ struct ldb_dn *sysdb_custom_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
struct sss_domain_info *dom,
const char *object_name,
const char *subtree_name);
-struct ldb_dn *sysdb_custom_subtree_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
+struct ldb_dn *sysdb_custom_subtree_dn(struct sysdb_ctx *sysdb,
+ TALLOC_CTX *mem_ctx,
+ struct sss_domain_info *dom,
const char *subtree_name);
char *sysdb_user_strdn(TALLOC_CTX *mem_ctx,
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index b70e0966..08d7734d 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -1998,7 +1998,8 @@ int sysdb_search_custom(TALLOC_CTX *mem_ctx,
return EINVAL;
}
- basedn = sysdb_custom_subtree_dn(sysdb, mem_ctx, subtree_name);
+ basedn = sysdb_custom_subtree_dn(sysdb, mem_ctx,
+ sysdb->domain, subtree_name);
if (basedn == NULL) {
DEBUG(1, ("sysdb_custom_subtree_dn failed.\n"));
return ENOMEM;
diff --git a/src/db/sysdb_sudo.c b/src/db/sysdb_sudo.c
index d50df0ba..9a8e76aa 100644
--- a/src/db/sysdb_sudo.c
+++ b/src/db/sysdb_sudo.c
@@ -598,7 +598,8 @@ errno_t sysdb_sudo_get_last_full_refresh(struct sysdb_ctx *sysdb, time_t *value)
/* ==================== Purge functions ==================== */
-errno_t sysdb_sudo_purge_all(struct sysdb_ctx *sysdb)
+static errno_t sysdb_sudo_purge_all(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain)
{
struct ldb_dn *base_dn = NULL;
TALLOC_CTX *tmp_ctx = NULL;
@@ -607,7 +608,7 @@ errno_t sysdb_sudo_purge_all(struct sysdb_ctx *sysdb)
tmp_ctx = talloc_new(NULL);
NULL_CHECK(tmp_ctx, ret, done);
- base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, SUDORULE_SUBDIR);
+ base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, domain, SUDORULE_SUBDIR);
NULL_CHECK(base_dn, ret, done);
ret = sysdb_delete_recursive(sysdb, base_dn, true);
@@ -630,6 +631,7 @@ errno_t sysdb_sudo_purge_byname(struct sysdb_ctx *sysdb,
}
errno_t sysdb_sudo_purge_byfilter(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *filter)
{
TALLOC_CTX *tmp_ctx;
@@ -647,7 +649,7 @@ errno_t sysdb_sudo_purge_byfilter(struct sysdb_ctx *sysdb,
/* just purge all if there's no filter */
if (!filter) {
- return sysdb_sudo_purge_all(sysdb);
+ return sysdb_sudo_purge_all(sysdb, domain);
}
tmp_ctx = talloc_new(NULL);
diff --git a/src/db/sysdb_sudo.h b/src/db/sysdb_sudo.h
index f37afff8..60911b6e 100644
--- a/src/db/sysdb_sudo.h
+++ b/src/db/sysdb_sudo.h
@@ -84,12 +84,11 @@ sysdb_save_sudorule(struct sysdb_ctx *sysdb_ctx,
errno_t sysdb_sudo_set_last_full_refresh(struct sysdb_ctx *sysdb, time_t value);
errno_t sysdb_sudo_get_last_full_refresh(struct sysdb_ctx *sysdb, time_t *value);
-errno_t sysdb_sudo_purge_all(struct sysdb_ctx *sysdb);
-
errno_t sysdb_sudo_purge_byname(struct sysdb_ctx *sysdb,
const char *name);
errno_t sysdb_sudo_purge_byfilter(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *filter);
#endif /* _SYSDB_SUDO_H_ */
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
index 3a34864c..47bd91e7 100644
--- a/src/providers/ipa/ipa_access.c
+++ b/src/providers/ipa/ipa_access.c
@@ -491,7 +491,7 @@ static void hbac_sysdb_save(struct tevent_req *req)
* are also denied.
*/
base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx,
- HBAC_RULES_SUBDIR);
+ domain, HBAC_RULES_SUBDIR);
if (base_dn == NULL) {
talloc_free(tmp_ctx);
ipa_access_reply(hbac_ctx, PAM_SYSTEM_ERR);
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index 500f3548..73789bd1 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -44,7 +44,7 @@ ipa_hbac_save_list(struct sysdb_ctx *sysdb, bool delete_subdir,
}
if (delete_subdir) {
- base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, subdir);
+ base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, domain, subdir);
if (base_dn == NULL) {
ret = ENOMEM;
goto done;
diff --git a/src/providers/ldap/sdap_async_sudo.c b/src/providers/ldap/sdap_async_sudo.c
index 89e28d89..974d3b17 100644
--- a/src/providers/ldap/sdap_async_sudo.c
+++ b/src/providers/ldap/sdap_async_sudo.c
@@ -87,6 +87,7 @@ static int sdap_sudo_load_sudoers_recv(struct tevent_req *req,
static void sdap_sudo_refresh_load_done(struct tevent_req *subreq);
static int sdap_sudo_purge_sudoers(struct sysdb_ctx *sysdb_ctx,
+ struct sss_domain_info *dom,
const char *filter,
struct sdap_attr_map *map,
size_t rules_count,
@@ -486,7 +487,7 @@ static void sdap_sudo_refresh_load_done(struct tevent_req *subreq)
in_transaction = true;
/* purge cache */
- ret = sdap_sudo_purge_sudoers(state->sysdb, state->sysdb_filter,
+ ret = sdap_sudo_purge_sudoers(state->sysdb, state->domain, state->sysdb_filter,
state->opts->sudorule_map, rules_count, rules);
if (ret != EOK) {
goto done;
@@ -533,6 +534,7 @@ done:
}
static int sdap_sudo_purge_sudoers(struct sysdb_ctx *sysdb_ctx,
+ struct sss_domain_info *dom,
const char *filter,
struct sdap_attr_map *map,
size_t rules_count,
@@ -570,7 +572,7 @@ static int sdap_sudo_purge_sudoers(struct sysdb_ctx *sysdb_ctx,
ret = EOK;
} else {
/* purge cache by provided filter */
- ret = sysdb_sudo_purge_byfilter(sysdb_ctx, filter);
+ ret = sysdb_sudo_purge_byfilter(sysdb_ctx, dom, filter);
if (ret != EOK) {
goto done;
}