diff options
author | Sumit Bose <sbose@redhat.com> | 2013-06-27 21:49:26 +0200 |
---|---|---|
committer | Jakub Hrozek <jhrozek@redhat.com> | 2013-06-28 20:20:59 +0200 |
commit | 09d7c105839bfc7447ea0f766413ed86675ca075 (patch) | |
tree | 382c007bb5182e17af6243f67fd06e08627aad82 | |
parent | 20ccfd63a17dc15dd24e6543424d86913d511c4b (diff) | |
download | sssd-09d7c105839bfc7447ea0f766413ed86675ca075.tar.gz sssd-09d7c105839bfc7447ea0f766413ed86675ca075.tar.bz2 sssd-09d7c105839bfc7447ea0f766413ed86675ca075.zip |
Save mpg state for subdomains
The information of a subdomain will use magic private groups (mpg) or
not will be stored together with other information about the domain in
the cache.
-rw-r--r-- | src/db/sysdb.h | 4 | ||||
-rw-r--r-- | src/db/sysdb_subdomains.c | 33 | ||||
-rw-r--r-- | src/providers/ad/ad_subdomains.c | 4 | ||||
-rw-r--r-- | src/providers/ipa/ipa_subdomains.c | 13 | ||||
-rw-r--r-- | src/tests/sysdb-tests.c | 13 |
5 files changed, 54 insertions, 13 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 0b99dee0..7045edf7 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -124,6 +124,7 @@ #define SYSDB_SUBDOMAIN_REALM "realmName" #define SYSDB_SUBDOMAIN_FLAT "flatName" #define SYSDB_SUBDOMAIN_ID "domainID" +#define SYSDB_SUBDOMAIN_MPG "mpg" #define SYSDB_BASE_ID "baseID" #define SYSDB_ID_RANGE_SIZE "idRangeSize" @@ -366,7 +367,8 @@ errno_t sysdb_domain_create(struct sysdb_ctx *sysdb, const char *domain_name); errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, const char *name, const char *realm, - const char *flat_name, const char *domain_id); + const char *flat_name, const char *domain_id, + bool mpg); errno_t sysdb_update_subdomains(struct sss_domain_info *domain); diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c index 3e0d7b40..ef248ff2 100644 --- a/src/db/sysdb_subdomains.c +++ b/src/db/sysdb_subdomains.c @@ -346,7 +346,8 @@ done: errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, const char *name, const char *realm, - const char *flat_name, const char *domain_id) + const char *flat_name, const char *domain_id, + bool mpg) { TALLOC_CTX *tmp_ctx; struct ldb_message *msg; @@ -356,12 +357,15 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, SYSDB_SUBDOMAIN_REALM, SYSDB_SUBDOMAIN_FLAT, SYSDB_SUBDOMAIN_ID, + SYSDB_SUBDOMAIN_MPG, NULL}; const char *tmp_str; + bool tmp_bool; bool store = false; int realm_flags = 0; int flat_flags = 0; int id_flags = 0; + int mpg_flags = 0; int ret; tmp_ctx = talloc_new(NULL); @@ -390,6 +394,7 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, if (realm) realm_flags = LDB_FLAG_MOD_ADD; if (flat_name) flat_flags = LDB_FLAG_MOD_ADD; if (domain_id) id_flags = LDB_FLAG_MOD_ADD; + mpg_flags = LDB_FLAG_MOD_ADD; } else if (res->count != 1) { ret = EINVAL; goto done; @@ -415,9 +420,16 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, id_flags = LDB_FLAG_MOD_REPLACE; } } + + tmp_bool = ldb_msg_find_attr_as_bool(res->msgs[0], SYSDB_SUBDOMAIN_MPG, + !mpg); + if (tmp_bool != mpg) { + mpg_flags = LDB_FLAG_MOD_REPLACE; + } } - if (!store && realm_flags == 0 && flat_flags == 0 && id_flags == 0) { + if (!store && realm_flags == 0 && flat_flags == 0 && id_flags == 0 + && mpg_flags == 0) { ret = EOK; goto done; } @@ -429,7 +441,7 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, } msg->dn = dn; - if (store) { + if (store) { ret = ldb_msg_add_empty(msg, SYSDB_OBJECTCLASS, LDB_FLAG_MOD_ADD, NULL); if (ret != LDB_SUCCESS) { ret = sysdb_error_to_errno(ret); @@ -485,6 +497,21 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb, } } + if (mpg_flags) { + ret = ldb_msg_add_empty(msg, SYSDB_SUBDOMAIN_MPG, mpg_flags, NULL); + if (ret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(ret); + goto done; + } + + ret = ldb_msg_add_string(msg, SYSDB_SUBDOMAIN_MPG, + mpg ? "TRUE" : "FALSE"); + if (ret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(ret); + goto done; + } + } + ret = ldb_modify(sysdb->ldb, msg); if (ret != LDB_SUCCESS) { DEBUG(SSSDBG_FATAL_FAILURE, ("Failed to add subdomain attributes to " diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c index 20aaa2d7..724d0736 100644 --- a/src/providers/ad/ad_subdomains.c +++ b/src/providers/ad/ad_subdomains.c @@ -220,7 +220,9 @@ ad_subdom_store(struct ad_subdomains_ctx *ctx, goto done; } - ret = sysdb_subdomain_store(domain->sysdb, name, realm, flat, sid_str); + /* AD subdomains are currently all mpg */ + ret = sysdb_subdomain_store(domain->sysdb, name, realm, flat, sid_str, + true); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_subdomain_store failed.\n")); goto done; diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c index 119f44a5..a67526c8 100644 --- a/src/providers/ipa/ipa_subdomains.c +++ b/src/providers/ipa/ipa_subdomains.c @@ -23,6 +23,7 @@ */ #include "providers/ldap/sdap_async.h" +#include "providers/ldap/sdap_idmap.h" #include "providers/ipa/ipa_subdomains.h" #include "providers/ipa/ipa_common.h" #include <ctype.h> @@ -232,6 +233,7 @@ done: } static errno_t ipa_subdom_store(struct sss_domain_info *domain, + struct sdap_idmap_ctx *sdap_idmap_ctx, struct sysdb_attrs *attrs) { TALLOC_CTX *tmp_ctx; @@ -240,6 +242,7 @@ static errno_t ipa_subdom_store(struct sss_domain_info *domain, const char *flat; const char *id; int ret; + bool mpg; tmp_ctx = talloc_new(domain); if (tmp_ctx == NULL) { @@ -270,7 +273,9 @@ static errno_t ipa_subdom_store(struct sss_domain_info *domain, goto done; } - ret = sysdb_subdomain_store(domain->sysdb, name, realm, flat, id); + mpg = sdap_idmap_domain_has_algorithmic_mapping(sdap_idmap_ctx, id); + + ret = sysdb_subdomain_store(domain->sysdb, name, realm, flat, id, mpg); if (ret) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_subdomain_store failed.\n")); goto done; @@ -323,7 +328,8 @@ static errno_t ipa_subdomains_refresh(struct ipa_subdomains_ctx *ctx, } } else { /* ok let's try to update it */ - ret = ipa_subdom_store(domain, reply[c]); + ret = ipa_subdom_store(domain, ctx->sdap_id_ctx->opts->idmap_ctx, + reply[c]); if (ret) { /* Nothing we can do about the errorr. Let's at least try * to reuse the existing domain @@ -352,7 +358,8 @@ static errno_t ipa_subdomains_refresh(struct ipa_subdomains_ctx *ctx, /* Nothing we can do about the errorr. Let's at least try * to reuse the existing domain. */ - ret = ipa_subdom_store(domain, reply[c]); + ret = ipa_subdom_store(domain, ctx->sdap_id_ctx->opts->idmap_ctx, + reply[c]); if (ret) { DEBUG(SSSDBG_MINOR_FAILURE, ("Failed to parse subdom data, " "will try to use cached subdomain\n")); diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index db2d903d..12471179 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -4486,7 +4486,7 @@ START_TEST(test_sysdb_subdomain_create) fail_if(ret != EOK, "Could not set up the test"); ret = sysdb_subdomain_store(test_ctx->sysdb, - dom1[0], dom1[1], dom1[2], dom1[3]); + dom1[0], dom1[1], dom1[2], dom1[3], false); fail_if(ret != EOK, "Could not set up the test (dom1)"); ret = sysdb_update_subdomains(test_ctx->domain); @@ -4499,7 +4499,7 @@ START_TEST(test_sysdb_subdomain_create) dom1[0], test_ctx->domain->subdomains->name); ret = sysdb_subdomain_store(test_ctx->sysdb, - dom2[0], dom2[1], dom2[2], dom2[3]); + dom2[0], dom2[1], dom2[2], dom2[3], false); fail_if(ret != EOK, "Could not set up the test (dom2)"); ret = sysdb_update_subdomains(test_ctx->domain); @@ -4543,7 +4543,8 @@ START_TEST(test_sysdb_subdomain_store_user) testdom[0], testdom[1], testdom[2], testdom[3]); fail_unless(subdomain != NULL, "Failed to create new subdomin."); ret = sysdb_subdomain_store(test_ctx->sysdb, - testdom[0], testdom[1], testdom[2], testdom[3]); + testdom[0], testdom[1], testdom[2], testdom[3], + false); fail_if(ret != EOK, "Could not set up the test (test subdom)"); ret = sysdb_update_subdomains(test_ctx->domain); @@ -4600,7 +4601,8 @@ START_TEST(test_sysdb_subdomain_user_ops) testdom[0], testdom[1], testdom[2], testdom[3]); fail_unless(subdomain != NULL, "Failed to create new subdomin."); ret = sysdb_subdomain_store(test_ctx->sysdb, - testdom[0], testdom[1], testdom[2], testdom[3]); + testdom[0], testdom[1], testdom[2], testdom[3], + false); fail_if(ret != EOK, "Could not set up the test (test subdom)"); ret = sysdb_update_subdomains(test_ctx->domain); @@ -4653,7 +4655,8 @@ START_TEST(test_sysdb_subdomain_group_ops) testdom[0], testdom[1], testdom[2], testdom[3]); fail_unless(subdomain != NULL, "Failed to create new subdomin."); ret = sysdb_subdomain_store(test_ctx->sysdb, - testdom[0], testdom[1], testdom[2], testdom[3]); + testdom[0], testdom[1], testdom[2], testdom[3], + false); fail_if(ret != EOK, "Could not set up the test (test subdom)"); ret = sysdb_update_subdomains(test_ctx->domain); |