summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSimo Sorce <simo@redhat.com>2013-01-06 18:24:12 -0500
committerJakub Hrozek <jhrozek@redhat.com>2013-01-15 10:49:20 +0100
commit2ce00e0d3896bb42db169d1e79553a81ca837a22 (patch)
tree4680fe9905816d67d70169ccc378f41545db8352
parent5d78919c955c945e78865f322726aac075c71203 (diff)
downloadsssd-2ce00e0d3896bb42db169d1e79553a81ca837a22.tar.gz
sssd-2ce00e0d3896bb42db169d1e79553a81ca837a22.tar.bz2
sssd-2ce00e0d3896bb42db169d1e79553a81ca837a22.zip
Add domain to sysdb_search_user_by_name()
Also remove unused sysdb_search_domuser_by_name()
-rw-r--r--src/db/sysdb.h6
-rw-r--r--src/db/sysdb_ops.c11
-rw-r--r--src/db/sysdb_selinux.c4
-rw-r--r--src/db/sysdb_subdomains.c11
-rw-r--r--src/db/sysdb_sudo.c4
-rw-r--r--src/providers/ipa/ipa_auth.c1
-rw-r--r--src/providers/ipa/ipa_hbac_common.c9
-rw-r--r--src/providers/ipa/ipa_selinux.c2
-rw-r--r--src/providers/ldap/sdap_async.h2
-rw-r--r--src/providers/ldap/sdap_async_groups.c2
-rw-r--r--src/providers/ldap/sdap_async_initgroups.c32
-rw-r--r--src/providers/ldap/sdap_async_initgroups_ad.c14
-rw-r--r--src/providers/ldap/sdap_async_private.h1
-rw-r--r--src/providers/proxy/proxy_id.c8
-rw-r--r--src/providers/simple/simple_access.c2
-rw-r--r--src/tests/sysdb-tests.c7
-rw-r--r--src/tools/sss_groupshow.c2
-rw-r--r--src/util/sss_selinux.c3
-rw-r--r--src/util/sss_selinux.h1
19 files changed, 70 insertions, 52 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 097e0a1a..b744ac24 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -385,11 +385,6 @@ errno_t sysdb_master_domain_add_info(struct sysdb_ctx *sysdb,
struct sysdb_subdom *domain_info);
-errno_t sysdb_search_domuser_by_name(TALLOC_CTX *mem_ctx,
- struct sss_domain_info *domain,
- const char *name,
- const char **attrs,
- struct ldb_message **msg);
errno_t sysdb_search_domuser_by_uid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
uid_t uid,
@@ -552,6 +547,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx,
/* Search User (by uid or name) */
int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_message **msg);
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 08d7734d..76f19878 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -233,6 +233,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx,
int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_message **msg)
@@ -249,7 +250,7 @@ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
- basedn = sysdb_user_dn(sysdb, tmp_ctx, sysdb->domain, name);
+ basedn = sysdb_user_dn(sysdb, tmp_ctx, domain, name);
if (!basedn) {
ret = ENOMEM;
goto done;
@@ -1295,7 +1296,7 @@ int sysdb_add_group(struct sysdb_ctx *sysdb,
* Don't worry about users, if we try to add a user with the same
* name the operation will fail */
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain,
name, NULL, &msg);
if (ret != ENOENT) {
if (ret == EOK) ret = EEXIST;
@@ -1640,7 +1641,7 @@ int sysdb_store_user(struct sysdb_ctx *sysdb,
in_transaction = true;
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain,
name, NULL, &msg);
if (ret && ret != ENOENT) {
goto fail;
@@ -2393,7 +2394,7 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb,
}
if (name) {
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain,
name, NULL, &msg);
} else {
ret = sysdb_search_user_by_uid(tmp_ctx, sysdb,
@@ -2817,7 +2818,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb,
return ret;
}
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain,
name, attrs, &ldb_msg);
if (ret != EOK) {
DEBUG(1, ("sysdb_search_user_by_name failed [%d][%s].\n",
diff --git a/src/db/sysdb_selinux.c b/src/db/sysdb_selinux.c
index 44e87024..c1fb07fb 100644
--- a/src/db/sysdb_selinux.c
+++ b/src/db/sysdb_selinux.c
@@ -363,8 +363,10 @@ errno_t sysdb_search_selinux_usermap_by_username(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
+ domain = sysdb->domain;
+
/* Now extract user attributes */
- ret = sss_selinux_extract_user(tmp_ctx, sysdb, username, &user);
+ ret = sss_selinux_extract_user(tmp_ctx, sysdb, domain, username, &user);
if (ret != EOK) {
goto done;
}
diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c
index 9f20ed59..de5a6ac1 100644
--- a/src/db/sysdb_subdomains.c
+++ b/src/db/sysdb_subdomains.c
@@ -577,17 +577,6 @@ errno_t sysdb_get_subdomain_context(TALLOC_CTX *mem_ctx,
} \
} while(0)
-errno_t sysdb_search_domuser_by_name(TALLOC_CTX *mem_ctx,
- struct sss_domain_info *domain,
- const char *name,
- const char **attrs,
- struct ldb_message **msg)
-{
- CHECK_DOMAIN_INFO(domain);
-
- return sysdb_search_user_by_name(mem_ctx, domain->sysdb, name, attrs, msg);
-}
-
errno_t sysdb_search_domuser_by_uid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
uid_t uid,
diff --git a/src/db/sysdb_sudo.c b/src/db/sysdb_sudo.c
index 9a8e76aa..43c17bd6 100644
--- a/src/db/sysdb_sudo.c
+++ b/src/db/sysdb_sudo.c
@@ -332,8 +332,8 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx, const char *username,
tmp_ctx = talloc_new(NULL);
NULL_CHECK(tmp_ctx, ret, done);
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb, username,
- attrs, &msg);
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain,
+ username, attrs, &msg);
if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE, ("Error looking up user %s\n", username));
goto done;
diff --git a/src/providers/ipa/ipa_auth.c b/src/providers/ipa/ipa_auth.c
index ee15afa5..b409542d 100644
--- a/src/providers/ipa/ipa_auth.c
+++ b/src/providers/ipa/ipa_auth.c
@@ -358,6 +358,7 @@ static void ipa_migration_flag_connect_done(struct tevent_req *req)
attrs[1] = NULL;
ret = sysdb_search_user_by_name(state, state->be_req->be_ctx->sysdb,
+ state->be_req->be_ctx->domain,
state->pd->user, attrs, &user_msg);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("sysdb_search_user_by_name failed.\n"));
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
index 73789bd1..9ccab784 100644
--- a/src/providers/ipa/ipa_hbac_common.c
+++ b/src/providers/ipa/ipa_hbac_common.c
@@ -410,6 +410,7 @@ done:
static errno_t
hbac_eval_user_element(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
struct hbac_request_element **user_element);
@@ -462,10 +463,10 @@ hbac_ctx_to_eval_request(TALLOC_CTX *mem_ctx,
ret = ENOMEM;
goto done;
}
- ret = hbac_eval_user_element(eval_req, user_dom->sysdb,
+ ret = hbac_eval_user_element(eval_req, user_dom->sysdb, user_dom,
pd->user, &eval_req->user);
} else {
- ret = hbac_eval_user_element(eval_req, sysdb,
+ ret = hbac_eval_user_element(eval_req, sysdb, domain,
pd->user, &eval_req->user);
}
if (ret != EOK) goto done;
@@ -515,6 +516,7 @@ done:
static errno_t
hbac_eval_user_element(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
struct hbac_request_element **user_element)
{
@@ -543,7 +545,8 @@ hbac_eval_user_element(TALLOC_CTX *mem_ctx,
* This will give us the list of both POSIX and
* non-POSIX groups that this user belongs to.
*/
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb, users->name, attrs, &msg);
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain,
+ users->name, attrs, &msg);
if (ret != EOK) {
DEBUG(1, ("Could not determine user memberships for [%s]\n",
users->name));
diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c
index 7a615677..744dc46c 100644
--- a/src/providers/ipa/ipa_selinux.c
+++ b/src/providers/ipa/ipa_selinux.c
@@ -141,7 +141,7 @@ ipa_selinux_create_op_ctx(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
}
op_ctx->be_req = be_req;
- ret = sss_selinux_extract_user(op_ctx, sysdb, username, &op_ctx->user);
+ ret = sss_selinux_extract_user(op_ctx, sysdb, domain, username, &op_ctx->user);
if (ret != EOK) {
goto fail;
}
diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h
index c5dc1703..69590b9e 100644
--- a/src/providers/ldap/sdap_async.h
+++ b/src/providers/ldap/sdap_async.h
@@ -268,6 +268,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct sdap_options *opts,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_handle *sh,
const char *name,
const char *orig_dn,
@@ -282,6 +283,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct sdap_options *opts,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_handle *sh,
const char *name,
const char *orig_dn,
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
index fe540e8c..c4957fb1 100644
--- a/src/providers/ldap/sdap_async_groups.c
+++ b/src/providers/ldap/sdap_async_groups.c
@@ -1262,7 +1262,7 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state,
/* We need to skip over zero-length usernames */
if (member_name[0] == '\0') continue;
- ret = sysdb_search_user_by_name(state, state->sysdb,
+ ret = sysdb_search_user_by_name(state, state->sysdb, state->dom,
member_name, NULL, &msg);
if (ret == EOK) {
/*
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
index 66be76e6..ad794b8d 100644
--- a/src/providers/ldap/sdap_async_initgroups.c
+++ b/src/providers/ldap/sdap_async_initgroups.c
@@ -300,6 +300,7 @@ done:
struct sdap_initgr_rfc2307_state {
struct tevent_context *ev;
struct sysdb_ctx *sysdb;
+ struct sss_domain_info *domain;
struct sdap_options *opts;
struct sdap_handle *sh;
const char **attrs;
@@ -324,6 +325,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx,
struct tevent_context *ev,
struct sdap_options *opts,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_handle *sh,
const char *name)
{
@@ -339,6 +341,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx,
state->ev = ev;
state->opts = opts;
state->sysdb = sysdb;
+ state->domain = domain;
state->sh = sh;
state->op = NULL;
state->timeout = dp_opt_get_int(state->opts->basic, SDAP_SEARCH_TIMEOUT);
@@ -502,8 +505,8 @@ static void sdap_initgr_rfc2307_process(struct tevent_req *subreq)
}
/* Search for all groups for which this user is a member */
- ret = get_sysdb_grouplist(state, state->sysdb, state->name,
- &sysdb_grouplist);
+ ret = get_sysdb_grouplist(state, state->sysdb, state->domain,
+ state->name, &sysdb_grouplist);
if (ret != EOK) {
tevent_req_error(req, ret);
return;
@@ -2712,7 +2715,7 @@ static void sdap_get_initgr_user(struct tevent_req *subreq)
switch (state->opts->schema_type) {
case SDAP_SCHEMA_RFC2307:
subreq = sdap_initgr_rfc2307_send(state, state->ev, state->opts,
- state->sysdb, state->sh,
+ state->sysdb, state->dom, state->sh,
cname);
if (!subreq) {
tevent_req_error(req, ENOMEM);
@@ -2736,18 +2739,26 @@ static void sdap_get_initgr_user(struct tevent_req *subreq)
/* Take advantage of AD's tokenGroups mechanism to look up all
* parent groups in a single request.
*/
- subreq = sdap_get_ad_tokengroups_initgroups_send(
- state, state->ev, state->opts, state->sysdb,
- state->sh, cname, orig_dn, state->timeout);
+ subreq = sdap_get_ad_tokengroups_initgroups_send(state, state->ev,
+ state->opts,
+ state->sysdb,
+ state->dom,
+ state->sh,
+ cname, orig_dn,
+ state->timeout);
} else if (state->opts->support_matching_rule
&& dp_opt_get_bool(state->opts->basic,
SDAP_AD_MATCHING_RULE_INITGROUPS)) {
/* Take advantage of AD's extensibleMatch filter to look up
* all parent groups in a single request.
*/
- subreq = sdap_get_ad_match_rule_initgroups_send(
- state, state->ev, state->opts, state->sysdb,
- state->sh, cname, orig_dn, state->timeout);
+ subreq = sdap_get_ad_match_rule_initgroups_send(state, state->ev,
+ state->opts,
+ state->sysdb,
+ state->dom,
+ state->sh,
+ cname, orig_dn,
+ state->timeout);
} else {
subreq = sdap_initgr_rfc2307bis_send(
state, state->ev, state->opts, state->sysdb,
@@ -2965,6 +2976,7 @@ int sdap_get_initgr_recv(struct tevent_req *req)
errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
char ***grouplist)
{
@@ -2982,7 +2994,7 @@ errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx,
tmp_ctx = talloc_new(NULL);
if (!tmp_ctx) return ENOMEM;
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb, name,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, name,
attrs, &msg);
if (ret != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c
index 8c0e7062..9b1acd6a 100644
--- a/src/providers/ldap/sdap_async_initgroups_ad.c
+++ b/src/providers/ldap/sdap_async_initgroups_ad.c
@@ -31,6 +31,7 @@ struct sdap_ad_match_rule_initgr_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sysdb_ctx *sysdb;
+ struct sss_domain_info *domain;
struct sdap_handle *sh;
const char *name;
const char *orig_dn;
@@ -57,6 +58,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct sdap_options *opts,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_handle *sh,
const char *name,
const char *orig_dn,
@@ -75,6 +77,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx,
state->ev = ev;
state->opts = opts;
state->sysdb = sysdb;
+ state->domain = domain;
state->sh = sh;
state->name = name;
state->orig_dn = orig_dn;
@@ -252,8 +255,8 @@ sdap_get_ad_match_rule_initgroups_step(struct tevent_req *subreq)
/* Get the current sysdb group list for this user
* so we can update it.
*/
- ret = get_sysdb_grouplist(state, state->sysdb, state->name,
- &sysdb_grouplist);
+ ret = get_sysdb_grouplist(state, state->sysdb, state->domain,
+ state->name, &sysdb_grouplist);
if (ret != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
("Could not get the list of groups for [%s] in the sysdb: "
@@ -297,6 +300,7 @@ struct sdap_ad_tokengroups_initgr_state {
struct tevent_context *ev;
struct sdap_options *opts;
struct sysdb_ctx *sysdb;
+ struct sss_domain_info *domain;
struct sdap_handle *sh;
const char *username;
};
@@ -309,6 +313,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct sdap_options *opts,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sdap_handle *sh,
const char *name,
const char *orig_dn,
@@ -326,6 +331,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx,
state->ev = ev;
state->opts = opts;
state->sysdb = sysdb;
+ state->domain = domain;
state->sh = sh;
state->username = name;
@@ -515,8 +521,8 @@ sdap_get_ad_tokengroups_initgroups_lookup_done(struct tevent_req *subreq)
/* Get the current sysdb group list for this user
* so we can update it.
*/
- ret = get_sysdb_grouplist(state, state->sysdb, state->username,
- &sysdb_grouplist);
+ ret = get_sysdb_grouplist(state, state->sysdb, state->domain,
+ state->username, &sysdb_grouplist);
if (ret != EOK) {
DEBUG(SSSDBG_MINOR_FAILURE,
("Could not get the list of groups for [%s] in the sysdb: "
diff --git a/src/providers/ldap/sdap_async_private.h b/src/providers/ldap/sdap_async_private.h
index c0faab50..871cce4e 100644
--- a/src/providers/ldap/sdap_async_private.h
+++ b/src/providers/ldap/sdap_async_private.h
@@ -116,6 +116,7 @@ int sdap_initgr_common_store(struct sysdb_ctx *sysdb,
errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *name,
char ***grouplist);
#endif /* _SDAP_ASYNC_PRIVATE_H_ */
diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c
index 76f27955..57449417 100644
--- a/src/providers/proxy/proxy_id.c
+++ b/src/providers/proxy/proxy_id.c
@@ -515,6 +515,7 @@ done:
static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sysdb_attrs *group_attrs,
struct group *grp,
time_t now);
@@ -561,7 +562,7 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom,
}
/* Create ghost users */
- ret = proxy_process_missing_users(sysdb, attrs, grp, now);
+ ret = proxy_process_missing_users(sysdb, dom, attrs, grp, now);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("Could not add missing members\n"));
goto done;
@@ -642,6 +643,7 @@ done:
}
static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
struct sysdb_attrs *group_attrs,
struct group *grp,
time_t now)
@@ -657,8 +659,8 @@ static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb,
if (!tmp_ctx) return ENOMEM;
for (i = 0; grp->gr_mem[i]; i++) {
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb, grp->gr_mem[i],
- NULL, &msg);
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain,
+ grp->gr_mem[i], NULL, &msg);
if (ret == EOK) {
/* Member already exists in the cache */
DEBUG(SSSDBG_TRACE_INTERNAL,
diff --git a/src/providers/simple/simple_access.c b/src/providers/simple/simple_access.c
index 70d1f072..05388af4 100644
--- a/src/providers/simple/simple_access.c
+++ b/src/providers/simple/simple_access.c
@@ -107,7 +107,7 @@ errno_t simple_access_check(struct simple_ctx *ctx, const char *username,
goto done;
}
- ret = sysdb_search_user_by_name(tmp_ctx, ctx->sysdb,
+ ret = sysdb_search_user_by_name(tmp_ctx, ctx->sysdb, ctx->domain,
username, user_attrs, &msg);
if (ret != EOK) {
DEBUG(1, ("Could not look up username [%s]: [%d][%s]\n",
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
index c0ea6401..236c41aa 100644
--- a/src/tests/sysdb-tests.c
+++ b/src/tests/sysdb-tests.c
@@ -3722,7 +3722,8 @@ START_TEST(test_odd_characters)
ret, strerror(ret));
/* Retrieve */
- ret = sysdb_search_user_by_name(test_ctx, test_ctx->sysdb,
+ ret = sysdb_search_user_by_name(test_ctx,
+ test_ctx->sysdb, test_ctx->domain,
odd_username, NULL, &msg);
fail_unless(ret == EOK, "sysdb_search_user_by_name error [%d][%s]",
ret, strerror(ret));
@@ -4394,8 +4395,8 @@ START_TEST(test_sysdb_subdomain_user_ops)
"name=subdomuser,cn=users,cn=test.sub,cn=sysdb");
fail_unless(check_dn != NULL);
- ret = sysdb_search_domuser_by_name(test_ctx, subdomain, "subdomuser", NULL,
- &msg);
+ ret = sysdb_search_user_by_name(test_ctx, subdomain->sysdb, subdomain,
+ "subdomuser", NULL, &msg);
fail_unless(ret == EOK, "sysdb_search_domuser_by_name failed with [%d][%s].",
ret, strerror(ret));
fail_unless(ldb_dn_compare(msg->dn, check_dn) == 0,
diff --git a/src/tools/sss_groupshow.c b/src/tools/sss_groupshow.c
index 42076fe8..f79df935 100644
--- a/src/tools/sss_groupshow.c
+++ b/src/tools/sss_groupshow.c
@@ -559,7 +559,7 @@ static int group_show_mpg(TALLOC_CTX *mem_ctx,
goto fail;
}
- ret = sysdb_search_user_by_name(info, sysdb, name, attrs, &msg);
+ ret = sysdb_search_user_by_name(info, sysdb, domain, name, attrs, &msg);
if (ret) {
DEBUG(2, ("Search failed: %s (%d)\n", strerror(ret), ret));
goto fail;
diff --git a/src/util/sss_selinux.c b/src/util/sss_selinux.c
index b933d9fc..ee5ddab6 100644
--- a/src/util/sss_selinux.c
+++ b/src/util/sss_selinux.c
@@ -189,6 +189,7 @@ bool sss_selinux_match(struct sysdb_attrs *usermap,
errno_t sss_selinux_extract_user(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
struct sysdb_attrs **_user_attrs)
{
@@ -215,7 +216,7 @@ errno_t sss_selinux_extract_user(TALLOC_CTX *mem_ctx,
attrs[1] = SYSDB_ORIG_MEMBEROF;
attrs[2] = NULL;
- ret = sysdb_search_user_by_name(tmp_ctx, sysdb, username,
+ ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, username,
attrs, &user_msg);
if (ret != EOK) {
DEBUG(SSSDBG_OP_FAILURE, ("sysdb_search_user_by_name failed.\n"));
diff --git a/src/util/sss_selinux.h b/src/util/sss_selinux.h
index def38940..5dae5dd3 100644
--- a/src/util/sss_selinux.h
+++ b/src/util/sss_selinux.h
@@ -41,6 +41,7 @@
errno_t
sss_selinux_extract_user(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
const char *username,
struct sysdb_attrs **_user_attrs);