diff options
-rw-r--r-- | src/db/sysdb.h | 1 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 16 | ||||
-rw-r--r-- | src/providers/krb5/krb5_auth.c | 13 | ||||
-rw-r--r-- | src/providers/ldap/sdap_access.c | 1 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 10 | ||||
-rw-r--r-- | src/responder/pam/pam_LOCAL_domain.c | 11 | ||||
-rw-r--r-- | src/responder/pam/pamsrv_cmd.c | 11 | ||||
-rw-r--r-- | src/tests/sysdb-tests.c | 7 | ||||
-rw-r--r-- | src/tools/sss_cache.c | 14 | ||||
-rw-r--r-- | src/tools/sss_sync_ops.c | 3 |
10 files changed, 51 insertions, 36 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 739842df..2b514ddc 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -575,6 +575,7 @@ int sysdb_set_entry_attr(struct sysdb_ctx *sysdb, /* Replace user attrs */ int sysdb_set_user_attr(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct sysdb_attrs *attrs, int mod_op); diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 013d073b..fba10277 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -549,6 +549,7 @@ done: /* =Replace-Attributes-On-User============================================ */ int sysdb_set_user_attr(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, struct sysdb_attrs *attrs, int mod_op) @@ -562,7 +563,7 @@ int sysdb_set_user_attr(struct sysdb_ctx *sysdb, return ENOMEM; } - dn = sysdb_user_dn(sysdb, tmp_ctx, sysdb->domain, name); + dn = sysdb_user_dn(sysdb, tmp_ctx, domain, name); if (!dn) { ret = ENOMEM; goto done; @@ -1162,7 +1163,8 @@ int sysdb_add_user(struct sysdb_ctx *sysdb, if (ret) goto done; } - ret = sysdb_set_user_attr(sysdb, name, id_attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, domain, name, + id_attrs, SYSDB_MOD_REP); goto done; } @@ -1186,7 +1188,7 @@ int sysdb_add_user(struct sysdb_ctx *sysdb, (now + cache_timeout) : 0)); if (ret) goto done; - ret = sysdb_set_user_attr(sysdb, name, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, domain, name, attrs, SYSDB_MOD_REP); if (ret) goto done; /* remove all ghost users */ @@ -1729,7 +1731,7 @@ int sysdb_store_user(struct sysdb_ctx *sysdb, (now + cache_timeout) : 0)); if (ret) goto fail; - ret = sysdb_set_user_attr(sysdb, name, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, sysdb->domain, name, attrs, SYSDB_MOD_REP); if (ret != EOK) goto fail; if (remove_attrs) { @@ -1971,7 +1973,8 @@ int sysdb_cache_password(struct sysdb_ctx *sysdb, if (ret) goto fail; - ret = sysdb_set_user_attr(sysdb, username, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, sysdb->domain, + username, attrs, SYSDB_MOD_REP); if (ret) { goto fail; } @@ -2936,7 +2939,8 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, } } - ret = sysdb_set_user_attr(sysdb, name, update_attrs, LDB_FLAG_MOD_REPLACE); + ret = sysdb_set_user_attr(sysdb, sysdb->domain, + name, update_attrs, LDB_FLAG_MOD_REPLACE); if (ret) { DEBUG(1, ("Failed to update Login attempt information!\n")); } diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c index f03cfcf4..00f5c339 100644 --- a/src/providers/krb5/krb5_auth.c +++ b/src/providers/krb5/krb5_auth.c @@ -118,6 +118,7 @@ check_old_ccache(const char *old_ccache, struct krb5child_req *kr, static int krb5_mod_ccname(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char *ccname, int mod_op) @@ -166,7 +167,7 @@ static int krb5_mod_ccname(TALLOC_CTX *mem_ctx, } in_transaction = true; - ret = sysdb_set_user_attr(sysdb, name, attrs, mod_op); + ret = sysdb_set_user_attr(sysdb, domain, name, attrs, mod_op); if (ret != EOK) { DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret))); goto done; @@ -192,19 +193,21 @@ done: static int krb5_save_ccname(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char *ccname) { - return krb5_mod_ccname(mem_ctx, sysdb, name, ccname, + return krb5_mod_ccname(mem_ctx, sysdb, domain, name, ccname, SYSDB_MOD_REP); } static int krb5_delete_ccname(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char *ccname) { - return krb5_mod_ccname(mem_ctx, sysdb, name, ccname, + return krb5_mod_ccname(mem_ctx, sysdb, domain, name, ccname, SYSDB_MOD_DEL); } @@ -945,7 +948,7 @@ static void krb5_auth_done(struct tevent_req *subreq) "please remove it manually.\n", kr->old_ccname)); } - ret = krb5_delete_ccname(state, state->sysdb, + ret = krb5_delete_ccname(state, state->sysdb, state->domain, pd->user, kr->old_ccname); if (ret != EOK) { DEBUG(1, ("krb5_delete_ccname failed.\n")); @@ -1048,7 +1051,7 @@ static void krb5_auth_done(struct tevent_req *subreq) "please remove it manually.\n", kr->old_ccname)); } - ret = krb5_save_ccname(state, state->sysdb, + ret = krb5_save_ccname(state, state->sysdb, state->domain, pd->user, store_ccname); if (ret) { DEBUG(1, ("krb5_save_ccname failed.\n")); diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c index a0d4443f..a703f8b0 100644 --- a/src/providers/ldap/sdap_access.c +++ b/src/providers/ldap/sdap_access.c @@ -1061,6 +1061,7 @@ static void sdap_access_filter_get_access_done(struct tevent_req *subreq) } ret = sysdb_set_user_attr(state->be_req->sysdb, + state->be_req->domain, state->username, attrs, SYSDB_MOD_REP); if (ret != EOK) { diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index c4957fb1..cdb60819 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -1810,6 +1810,7 @@ static void sdap_get_groups_done(struct tevent_req *subreq) static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_options *opts, struct sysdb_attrs **users, int num_users, @@ -1866,7 +1867,7 @@ static void sdap_ad_match_rule_members_process(struct tevent_req *subreq) /* Figure out which users are already cached in the sysdb and * which ones need to be added as ghost users. */ - ret = sdap_nested_group_populate_users(tmp_ctx, state->sysdb, + ret = sdap_nested_group_populate_users(tmp_ctx, state->sysdb, state->dom, state->opts, users, count, &ghosts); if (ret != EOK) { @@ -2022,7 +2023,8 @@ static void sdap_nested_done(struct tevent_req *subreq) } in_transaction = true; - ret = sdap_nested_group_populate_users(state, state->sysdb, state->opts, + ret = sdap_nested_group_populate_users(state, state->sysdb, + state->dom, state->opts, users, user_count, &ghosts); if (ret != EOK) { goto fail; @@ -2058,6 +2060,7 @@ fail: static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_options *opts, struct sysdb_attrs **users, int num_users, @@ -2171,7 +2174,8 @@ static errno_t sdap_nested_group_populate_users(TALLOC_CTX *mem_ctx, ret = sysdb_attrs_add_string(attrs, SYSDB_NAME, username); if (ret) goto done; - ret = sysdb_set_user_attr(sysdb, sysdb_name, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, domain, sysdb_name, + attrs, SYSDB_MOD_REP); if (ret != EOK) goto done; } else { key.type = HASH_KEY_STRING; diff --git a/src/responder/pam/pam_LOCAL_domain.c b/src/responder/pam/pam_LOCAL_domain.c index a903fea9..72ea61e8 100644 --- a/src/responder/pam/pam_LOCAL_domain.c +++ b/src/responder/pam/pam_LOCAL_domain.c @@ -49,6 +49,7 @@ struct LOCAL_request { struct tevent_context *ev; struct sysdb_ctx *dbctx; + struct sss_domain_info *domain; struct sysdb_attrs *mod_attrs; struct ldb_result *res; @@ -86,7 +87,8 @@ static void do_successful_login(struct LOCAL_request *lreq) NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"), lreq->error, ret, done); - ret = sysdb_set_user_attr(lreq->dbctx, lreq->preq->pd->user, + ret = sysdb_set_user_attr(lreq->dbctx, lreq->domain, + lreq->preq->pd->user, lreq->mod_attrs, SYSDB_MOD_REP); NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"), lreq->error, ret, done); @@ -126,7 +128,8 @@ static void do_failed_login(struct LOCAL_request *lreq) NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"), lreq->error, ret, done); - ret = sysdb_set_user_attr(lreq->dbctx, lreq->preq->pd->user, + ret = sysdb_set_user_attr(lreq->dbctx, lreq->domain, + lreq->preq->pd->user, lreq->mod_attrs, SYSDB_MOD_REP); NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"), lreq->error, ret, done); @@ -194,7 +197,8 @@ static void do_pam_chauthtok(struct LOCAL_request *lreq) NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_attrs_add_long failed.\n"), lreq->error, ret, done); - ret = sysdb_set_user_attr(lreq->dbctx, lreq->preq->pd->user, + ret = sysdb_set_user_attr(lreq->dbctx, lreq->domain, + lreq->preq->pd->user, lreq->mod_attrs, SYSDB_MOD_REP); NEQ_CHECK_OR_JUMP(ret, EOK, ("sysdb_set_user_attr failed.\n"), lreq->error, ret, done); @@ -238,6 +242,7 @@ int LOCAL_pam_handler(struct pam_auth_req *preq) talloc_free(lreq); return ENOENT; } + lreq->domain = preq->domain; lreq->ev = preq->cctx->ev; lreq->preq = preq; diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c index fa8eabf6..6fe216db 100644 --- a/src/responder/pam/pamsrv_cmd.c +++ b/src/responder/pam/pamsrv_cmd.c @@ -335,7 +335,6 @@ static int pam_parse_in_data(struct sss_domain_info *domains, static errno_t set_last_login(struct pam_auth_req *preq) { - struct sysdb_ctx *dbctx; struct sysdb_attrs *attrs; errno_t ret; @@ -355,14 +354,8 @@ static errno_t set_last_login(struct pam_auth_req *preq) goto fail; } - dbctx = preq->domain->sysdb; - if (dbctx == NULL) { - DEBUG(0, ("Fatal: Sysdb context not found for this domain!\n")); - ret = EINVAL; - goto fail; - } - - ret = sysdb_set_user_attr(dbctx, preq->pd->user, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(preq->domain->sysdb, preq->domain, + preq->pd->user, attrs, SYSDB_MOD_REP); if (ret != EOK) { DEBUG(2, ("set_last_login failed.\n")); preq->pd->pam_status = PAM_SYSTEM_ERR; diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index db30f2fa..baf1afe5 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -305,7 +305,8 @@ static int test_set_user_attr(struct test_data *data) { int ret; - ret = sysdb_set_user_attr(data->ctx->sysdb, data->username, + ret = sysdb_set_user_attr(data->ctx->sysdb, + data->ctx->domain, data->username, data->attrs, SYSDB_MOD_REP); return ret; } @@ -1642,8 +1643,8 @@ static void cached_authentication_with_expiration(const char *username, data->attrs = sysdb_new_attrs(data); ret = sysdb_attrs_add_time_t(data->attrs, SYSDB_LAST_ONLINE_AUTH, now); - ret = sysdb_set_user_attr(data->ctx->sysdb, data->username, - data->attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(data->ctx->sysdb, data->ctx->domain, + data->username, data->attrs, SYSDB_MOD_REP); fail_unless(ret == EOK, "Could not modify user %s", data->username); ret = sysdb_cache_auth(test_ctx->sysdb, data->username, password, diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c index 3de12237..b8f0f266 100644 --- a/src/tools/sss_cache.c +++ b/src/tools/sss_cache.c @@ -76,8 +76,9 @@ struct cache_tool_ctx { errno_t init_domains(struct cache_tool_ctx *ctx, const char *domain); errno_t init_context(int argc, const char *argv[], struct cache_tool_ctx **tctx); -errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, - const char *name, int entry_type); +static errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *name, int entry_type); static bool invalidate_entries(TALLOC_CTX *ctx, struct sss_domain_info *dinfo, struct sysdb_ctx *sysdb, @@ -333,7 +334,7 @@ static bool invalidate_entries(TALLOC_CTX *ctx, ERROR("Couldn't invalidate %1$s", type_string); iret = false; } else { - ret = invalidate_entry(ctx, sysdb, c_name, entry_type); + ret = invalidate_entry(ctx, sysdb, dinfo, c_name, entry_type); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Couldn't invalidate %s %s", type_string, c_name)); @@ -346,8 +347,9 @@ static bool invalidate_entries(TALLOC_CTX *ctx, return iret; } -errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, - const char *name, int entry_type) +static errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, + const char *name, int entry_type) { struct sysdb_attrs *sys_attrs = NULL; errno_t ret; @@ -359,7 +361,7 @@ errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb, if (ret == EOK) { switch (entry_type) { case TYPE_USER: - ret = sysdb_set_user_attr(sysdb, name, sys_attrs, + ret = sysdb_set_user_attr(sysdb, domain, name, sys_attrs, SYSDB_MOD_REP); break; case TYPE_GROUP: diff --git a/src/tools/sss_sync_ops.c b/src/tools/sss_sync_ops.c index f5d496b5..d6f447e7 100644 --- a/src/tools/sss_sync_ops.c +++ b/src/tools/sss_sync_ops.c @@ -218,7 +218,8 @@ int usermod(TALLOC_CTX *mem_ctx, } if (attrs->num != 0) { - ret = sysdb_set_user_attr(sysdb, data->name, attrs, SYSDB_MOD_REP); + ret = sysdb_set_user_attr(sysdb, data->domain, data->name, + attrs, SYSDB_MOD_REP); if (ret) { return ret; } |