| Commit message (Collapse) | Author | Age | Files | Lines |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Use the new internal SSSD errors, to simplify error handling.
Instad of having up to 3 different errors to care about (system, krb5 and
pam_status), collapse all error reporting into one error type mapped on
errno_t.
The returned error can contain either SSSD internal errors, kerberos errors
or system errors, they all use differen number spaces so there is no overlap
and tey can be safely merged.
This means the errors bein sent from the child to the parent is not a pam
status error message anymore. The parent properly deals with that.
Also not that this patch removes returning SSS_PAM_SYSTEM_INFO from the
krb5_child for kerberos errors as all it was doing was simply to make the
parent emit the same debug log already emitted by the child, and the code
is simpler if we do not do that.
|
|
|
|
|
|
| |
EIO has always been an odd match, but was used as an error to indicate
that something had gone wrong internally before we had specific SSSD
errors available. Use ERR_INTERNAL instead going forward.
|
|
|
|
|
|
| |
This prevents reportin false errors when internal functions return
a generic EINVAL or EACCES that should just be treated as internal
errors.
|
|
|
|
|
|
|
|
|
|
| |
This code adds a new range of error codes specific to SSSD,
It also provides helper functions to print out error defintions
like you can do with system error messages and the strerror() function.
The sss_strerror() function can accept both the new sssd errors and
system errno_t errors falling back to the system strerror() if the error
code provide is not a valid SSSD error code.
|
|
|
|
|
| |
Add plumbing to allow to push down an alias attribute to be used by
the memory cache.
|
|
|
|
| |
Basic plumbing to allow passing an alias down to mmap cache functions.
|
|
|
|
|
|
|
|
|
|
| |
This bumps the cache major number to 1 as this change is incompatible
with current clients.
The addiotinal key is used to allow name aliases to be added to user
and group entries. Aliases are a string that can be looked up via the
getpwname and getgrnam calls, and are useful to to fetch entries by
alternate names.
Currently only one, optional alias is allowed.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
The aim of this refactoring is to make the code readable and understandable.
This code has grown organically over time and has becomed confused and
baroque enough that understanding it's very simple flow had become very
complex for the uninitiated. Complex flows easily hide nasty bugs.
Improvements:
- Remove dead/unused data storage
- Fix and simplify talloc hierarchy, use a memory context (kr) for the
whole code and allocate kr->pd where it is filled up.
- Rename some functions to create a better name space (easier for
searching fucntions across the tree)
- Streamline setup function, by spliting out fast setup in a subroutine.
- Avoid confusing indirection in executng actual functions by not
using the krb5_req child_req member.
- Make main() flow s now simmetric, send abck data from the main function
instead of delegating a reply to every inner function that implements a
command.
Now the flow is evident from the main function:
1. read request
2. setup data
3. execute command
4. send reply back
|
|
|
|
| |
Use the standard 'done' label for exceptions.
|
| |
|
| |
|
| |
|
|
|
|
|
|
| |
sss_cache did not accept fully quaified domain names.
https://fedorahosted.org/sssd/ticket/1620
|
| |
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1735
|
|
|
|
|
|
|
|
|
|
| |
Added new parameter to split_on_separator that allows to skip
empty values.
The whole function was rewritten. Unit test case was added to
check the new implementation.
https://fedorahosted.org/sssd/ticket/1484
|
|
|
|
|
|
|
|
|
|
| |
If we are unable to delete some rule from cache we print a debug
message and ignore the error. Thus we should set ret to EOK after
the for loop otherwise we return whether the last rule was deleted
successfully or not.
This also removes compilation warning that ret may be used
uninitialized (when we don't go inside the loop at all).
|
|
|
|
|
|
|
|
|
|
| |
If a fatal EFAULT error is returned by the internal function that frees used
memory invalidate the whole cache and reinit it. This way we avoid further
corruption and insure clients see consistent data.
Also insure we use the right context in init() and we use talloc_zfree() in
reinit so that if the init() later fails we do not leave around a pointer
to free memory in the callers.
|
|
|
|
|
|
|
|
|
|
|
|
| |
We should never try to invalidate an already invalid record as
internal pointers will not be consistent. Carefully test that the
record really is valid when we are fishing for free space, and
properly invalidate records or return a fatal error if something
goes wrong.
In order to make the code more robust always invalidate the whole
data space on initialization by setting all bits to 1, and make sure
to invalidate the whole last allocated slot by converting rec->len to
the number of slots instead of just the space used.
|
|
|
|
|
| |
We were holding up slots when entries were invalidated directly an not through
our primitive garbage collection scheme.
|
|
|
|
|
|
|
| |
Although it should enver happen that we pass in an invalid hash it
is always better to just not do anything than access memory ouf of
the hash table. It can lead to segfaults, or worse referencing
memory that should not be touched.
|
|
|
|
|
| |
For some reason I was under the impression that the DN components are
counted backwards in libldb. This patch corrects this.
|
| |
|
|
|
|
|
|
| |
switch statements should always have a default section. In this
particular case gcc gave a "'send_fn' may be used uninitialized in this
function" warning.
|
| |
|
|
|
|
|
| |
A recent patch introduced a glaring memory leak in the routines that clean up
memcache memory on initgroups calls.
|
|
|
|
|
|
|
|
|
|
| |
When deleting a user we would fail the operation completely if the member
attribute was not found on one of the groups it was allegedly member of.
Failing in this case is unnecessary, and can cause issues.
Found trying to upgrade db versione (and failing) on one of my RHEL machines.
Also removed a tray \ in the companion function that removes ghost members,
that function needs no changes as it was already ignoring this kind of
failure.
|
|
|
|
|
| |
We should use talloc_zfree() when freeing state variables, so we
can later avoid undesirable access after free.
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Currently the wildcard lookup '*$' is done before the one for
host/our.hostname@REALM. This means we would ignore a more specific
match in favour of an unspecific match with a principal which is only
used in a AD environment.
I think this is wrong an wildcards should only be used is all specific
lookups fail.
|
|
|
|
|
|
|
| |
Currently in select_principal_from_keytab() all kind of different
versions of the host principal are looked up in the keytab except for
the plain name the ldap_sasl_authid option. With this patch the plain
name is looked up first.
|
|
|
|
|
|
|
| |
This is an additional proteciont in case the provider misbheaves to avoid
having requests pending forever.
Fixes: https://fedorahosted.org/sssd/ticket/1717
|
|
|
|
|
| |
In order for sss_cache to work correctly, we must also signal the autofs
responder to invalidate the hash table requests.
|
|
|
|
|
|
|
| |
The monitor sends calls different sbus methods to different responders.
Instead of including headers of the particular responders directly in
monitor, which breaks layering a little, create a common header file
that will be included from src/responder/common/
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1592
When a request for auto.master comes in, we need to remove all the maps
from the lookup hash table. We can't simply delete the maps, because
another request might be processing them, so instead the maps are
removed from the hash table, effectively becoming orphaned. The maps
will get freed when the timed destructor is invoked.
|
|
|
|
|
|
|
|
|
| |
There is a timed desctructor in the autofs responder that, when the
entry timeout passes, removes the autofs map from the hash table while
the map is freed. This patch adds a hash delete callback so that if the
map is removed from the hash table with hash_delete, its hash table
pointer will be invalidated. Later, when the entry is being freed, the
destructor won't attempt to remove it from the hash table.
|
|
|
|
|
|
| |
If the Data Provider receives a request for the auto.master map, it
passes on a flag to let the actual provider let know he should
invalidate the existing maps
|
|
|
|
| |
This sysdb API will be used later to invalidate the autofs maps
|
| |
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1689
Add a online callback if the first full refresh fails due to the
provider beeing offline so we can perform the refresh as soon as
possible.
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1689
If the first full refresh of sudo rules fails because the data provider
is offline, we will schedule another one in 2, 4, ... minutes.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1689
|
|
|
|
| |
Reduces amount of code duplication.
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1679
The problem is when we are about to reset the server status, we don't
get through the timeout (30 seconds) because the "switch to primary
server" task is scheduled 30 seconds after fall back to a backup
server. Thus the server status remains "not working" and is resetted
after another 30 seconds.
We need to make sure that the server status is tried after the
timeout period. retry_timeout is currently hardcoded to 30, thus
the change in man page.
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1706
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1708
The services kept the fd to /var/log/sssd/sssd.log open. I don't think
there's any point in keeping the logfiles open after exec-ing for the
child, so I set the CLOEXEC flag.
|
|
|
|
|
|
|
|
|
|
|
|
| |
src/ldb_modules/memberof.c: In function ‘mbof_get_ghost_from_parent_cb’:
src/ldb_modules/memberof.c:3085: warning: declaration of ‘dup’ shadows a global declaration
/usr/include/unistd.h:528: warning: shadowed declaration is here
src/ldb_modules/memberof.c: In function ‘mbof_inherited_mod’:
src/ldb_modules/memberof.c:3253: warning: declaration of ‘dup’ shadows a global declaration
/usr/include/unistd.h:528: warning: shadowed declaration is here
src/ldb_modules/memberof.c: In function ‘mbof_fill_vals_array’:
src/ldb_modules/memberof.c:3786: warning: declaration of ‘index’ shadows a global declaration
/usr/include/string.h:489: warning: shadowed declaration is here
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1685
Properly react on deleting group which was not found in sysdb.
|
|
|
|
|
|
|
|
|
| |
https://fedorahosted.org/sssd/ticket/1699
We want to continue with the next server on all errors, not only
on ETIMEDOUT.
This particullar ticket was dealing with ECONNREFUSED.
|
|
|
|
|
|
|
|
|
| |
The pam responder was not properly configured to recover from a backend
disconnect. The connections that were in flight before the disconnection
were never freed and new requests for the same user would just pile up on
top of the now phantom requests.
Fixes: https://fedorahosted.org/sssd/ticket/1655
|