summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorPavel Březina <pbrezina@redhat.com>2012-04-23 15:58:57 +0200
committerStephen Gallagher <sgallagh@redhat.com>2012-06-29 11:37:17 -0400
commitf8cbe2ddc3bd6e1f003f1d16a609b0697cafc721 (patch)
treefb2799ffffd5ee982511430cedb8244fe83421b2
parent72985dbeba2d2eb8bc94d9ce62424aa6045c03cb (diff)
downloadsssd-f8cbe2ddc3bd6e1f003f1d16a609b0697cafc721.tar.gz
sssd-f8cbe2ddc3bd6e1f003f1d16a609b0697cafc721.tar.bz2
sssd-f8cbe2ddc3bd6e1f003f1d16a609b0697cafc721.zip
sudo ldap provider: add support for on demand full refresh
-rw-r--r--src/providers/data_provider.h1
-rw-r--r--src/providers/ldap/sdap_sudo.c41
2 files changed, 26 insertions, 16 deletions
diff --git a/src/providers/data_provider.h b/src/providers/data_provider.h
index b3e6bce7..93840b8c 100644
--- a/src/providers/data_provider.h
+++ b/src/providers/data_provider.h
@@ -141,6 +141,7 @@
#define BE_REQ_SUDO_ALL 0x0006
#define BE_REQ_SUDO_DEFAULTS 0x0007
#define BE_REQ_SUDO_USER 0x0008
+#define BE_REQ_SUDO_FULL 0x0100 /* todo: change it after clean up */
#define BE_REQ_AUTOFS 0x0009
#define BE_REQ_HOST 0x0010
#define BE_REQ_FAST 0x1000
diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c
index ab73deb6..a1ad234a 100644
--- a/src/providers/ldap/sdap_sudo.c
+++ b/src/providers/ldap/sdap_sudo.c
@@ -149,12 +149,24 @@ int sdap_sudo_setup_tasks(struct sdap_id_ctx *id_ctx)
static void sdap_sudo_reply(struct tevent_req *req)
{
struct be_req *be_req = NULL;
+ struct be_sudo_req *sudo_req = NULL;
int dp_error;
int error;
int ret;
be_req = tevent_req_callback_data(req, struct be_req);
- ret = sdap_sudo_refresh_recv(req, &dp_error, &error);
+ sudo_req = talloc_get_type(be_req->req_data, struct be_sudo_req);
+
+ switch (sudo_req->type) {
+ case BE_REQ_SUDO_FULL:
+ ret = sdap_sudo_full_refresh_recv(req, &dp_error, &error);
+ break;
+ default:
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Invalid request type: %d\n",
+ sudo_req->type));
+ ret = EINVAL;
+ }
+
talloc_zfree(req);
if (ret != EOK) {
sdap_handler_done(be_req, DP_ERR_FATAL, ret, strerror(ret));
@@ -176,24 +188,21 @@ void sdap_sudo_handler(struct be_req *be_req)
sudo_req = talloc_get_type(be_req->req_data, struct be_sudo_req);
- /* get user info */
- if (sudo_req->username != NULL) {
- ret = sysdb_get_sudo_user_info(sudo_req, sudo_req->username,
- id_ctx->be->sysdb,
- &sudo_req->uid, &sudo_req->groups);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to get uid and groups of %s\n",
- sudo_req->username));
- goto fail;
- }
- } else {
- sudo_req->uid = 0;
- sudo_req->groups = NULL;
+ switch (sudo_req->type) {
+ case BE_REQ_SUDO_FULL:
+ DEBUG(SSSDBG_TRACE_FUNC, ("Issuing a full refresh of sudo rules\n"));
+ req = sdap_sudo_full_refresh_send(be_req, id_ctx);
+ break;
+ default:
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Invalid request type: %d\n",
+ sudo_req->type));
+ ret = EINVAL;
+ goto fail;
}
- req = sdap_sudo_refresh_send(be_req, id_ctx->be, id_ctx->opts,
- id_ctx->conn_cache, NULL, NULL);
if (req == NULL) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to send request: %d\n",
+ sudo_req->type));
ret = ENOMEM;
goto fail;
}