summaryrefslogtreecommitdiff
path: root/server/confdb
diff options
context:
space:
mode:
authorSimo Sorce <ssorce@redhat.com>2009-03-19 21:28:41 -0400
committerSimo Sorce <ssorce@redhat.com>2009-03-20 11:14:56 -0400
commit7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0 (patch)
tree529b945482192d47f230f9ddc42a4b91ea4c5e0c /server/confdb
parent3efbdeae89d67fac737ac7500616054b92693685 (diff)
downloadsssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.tar.gz
sssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.tar.bz2
sssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.zip
Simplify default configuration
Make confdb load a base ldif like sysdb to initialize the db, makes it simpler to understand at first sight what is the default configuration. Make the parameter "command" optional. Derive the default command from available information. Make the debug level a global by default so that enabling debug for all components is as easy as passing just -d X to the sssd binary.
Diffstat (limited to 'server/confdb')
-rw-r--r--server/confdb/confdb.c146
-rw-r--r--server/confdb/confdb.h2
-rw-r--r--server/confdb/confdb_private.h55
3 files changed, 92 insertions, 111 deletions
diff --git a/server/confdb/confdb.c b/server/confdb/confdb.c
index dd5c1bd6..0154c140 100644
--- a/server/confdb/confdb.c
+++ b/server/confdb/confdb.c
@@ -24,12 +24,14 @@
#include "ldb_errors.h"
#include "util/util.h"
#include "confdb/confdb.h"
+#include "confdb/confdb_private.h"
#include "util/btreemap.h"
#include "db/sysdb.h"
#define CONFDB_VERSION "0.1"
#define CONFDB_DOMAIN_BASEDN "cn=domains,cn=config"
#define CONFDB_DOMAIN_ATTR "cn"
#define CONFDB_MPG "magicPrivateGroups"
+#define CONFDB_FQ "useFullyQualifiedNames"
#define CONFDB_ZERO_CHECK_OR_JUMP(var, ret, err, label) do { \
if (!var) { \
@@ -522,6 +524,8 @@ static int confdb_test(struct confdb_ctx *cdb)
static int confdb_init_db(struct confdb_ctx *cdb)
{
+ const char *base_ldif;
+ struct ldb_ldif *ldif;
const char *val[2];
int ret;
TALLOC_CTX *tmp_ctx;
@@ -529,88 +533,18 @@ static int confdb_init_db(struct confdb_ctx *cdb)
tmp_ctx = talloc_new(cdb);
if(tmp_ctx == NULL) return ENOMEM;
- val[0] = CONFDB_VERSION;
- val[1] = NULL;
-
- /* Add the confdb version */
- ret = confdb_add_param(cdb,
- false,
- "config",
- "version",
- val);
- if (ret != EOK) goto done;
-
- /* Set up default monitored services */
- val[0] = "Local service configuration";
- ret = confdb_add_param(cdb, false, "config/services", "description", val);
- if (ret != EOK) goto done;
-
-/* PAM */
- /* set the sssd_pam description */
- val[0] = "PAM Responder Configuration";
- ret = confdb_add_param(cdb, false, "config/services/pam", "description", val);
- if (ret != EOK) goto done;
-
- /* Set the sssd_pam command path */
- val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_pam", SSSD_LIBEXEC_PATH);
- CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/pam", "command", val);
- if (ret != EOK) goto done;
-
-#if 0 /* for future use */
- /* Set the sssd_pam socket path */
- val[0] = talloc_asprintf(tmp_ctx, "%s/pam", PIPE_PATH);
- CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/pam", "unixSocket", val);
- if (ret != EOK) goto done;
-#endif /* for future use */
-
- /* Add PAM to the list of active services */
- val[0] = "pam";
- ret = confdb_add_param(cdb, false, "config/services", "activeServices", val);
- if (ret != EOK) goto done;
-
-/* NSS */
- /* set the sssd_nss description */
- val[0] = "NSS Responder Configuration";
- ret = confdb_add_param(cdb, false, "config/services/nss", "description", val);
- if (ret != EOK) goto done;
-
- /* Set the sssd_nss command path */
- val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_nss", SSSD_LIBEXEC_PATH);
- CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/nss", "command", val);
- if (ret != EOK) goto done;
-
-#if 0 /* for future use */
- /* Set the sssd_nss socket path */
- val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_nss", PIPE_PATH);
- CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/nss", "unixSocket", val);
- if (ret != EOK) goto done;
-#endif /* for future use */
-
- /* Add NSS to the list of active services */
- val[0] = "nss";
- ret = confdb_add_param(cdb, false, "config/services", "activeServices", val);
- if (ret != EOK) goto done;
-
-/* Data Provider */
- /* Set the sssd_dp description */
- val[0] = "Data Provider Configuration";
- ret = confdb_add_param(cdb, false, "config/services/dp", "description", val);
- if (ret != EOK) goto done;
-
- /* Set the sssd_dp command path */
- val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_dp", SSSD_LIBEXEC_PATH);
- CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/dp", "command", val);
- if (ret != EOK) goto done;
-
- /* Add the Data Provider to the list of active services */
- val[0] = "dp";
- ret = confdb_add_param(cdb, false, "config/services", "activeServices", val);
- if (ret != EOK) goto done;
+ /* cn=confdb does not exists, means db is empty, populate */
+ base_ldif = CONFDB_BASE_LDIF;
+ while ((ldif = ldb_ldif_read_string(cdb->ldb, &base_ldif))) {
+ ret = ldb_add(cdb->ldb, ldif->msg);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(0, ("Failed to inizialiaze DB (%d,[%s]), aborting!\n",
+ ret, ldb_errstring(cdb->ldb)));
+ ret = EIO;
+ goto done;
+ }
+ ldb_ldif_read_free(cdb->ldb, ldif);
+ }
/* InfoPipe */
#ifdef HAVE_INFOPIPE
@@ -635,47 +569,21 @@ static int confdb_init_db(struct confdb_ctx *cdb)
#ifdef HAVE_POLICYKIT
/* Set the sssd_pk description */
val[0] = "PolicyKit Backend Configuration";
- ret = confdb_add_param(cdb, false, "config/services/spk", "description", val);
+ ret = confdb_add_param(cdb, false, "config/services/pk", "description", val);
if (ret != EOK) goto done;
/* Set the sssd_info command path */
val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_pk", SSSD_LIBEXEC_PATH);
CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done);
- ret = confdb_add_param(cdb, false, "config/services/spk", "command", val);
+ ret = confdb_add_param(cdb, false, "config/services/pk", "command", val);
if (ret != EOK) goto done;
/* Add the InfoPipe to the list of active services */
- val[0] = "spk";
+ val[0] = "pk";
ret = confdb_add_param(cdb, false, "config/services", "activeServices", val);
if (ret != EOK) goto done;
#endif
-/* Domains */
- val[0] = "Domains served by SSSD";
- ret = confdb_add_param(cdb, false, "config/domains", "description", val);
- if (ret != EOK) goto done;
-
- /* Default LOCAL domain */
- val[0] = "Reserved domain for local configurations";
- ret = confdb_add_param(cdb, false, "config/domains/LOCAL", "description", val);
- if (ret != EOK) goto done;
-
- val[0] = "LOCAL";
- ret = confdb_add_param(cdb, false, "config/domains", "default", val);
- if(ret != EOK) goto done;
-
- /* Set enumeration of LOCAL domain to allow user and groups
- * (mask 1: users, 2: groups)
- */
- val[0] = "3";
- ret = confdb_add_param(cdb, false, "config/domains/LOCAL", "enumerate", val);
- if (ret != EOK) goto done;
-
- /* LOCAL uses Magic Private Groups by default */
- val[0] = "TRUE";
- ret = confdb_add_param(cdb, false, "config/domains/LOCAL", CONFDB_MPG, val);
- if (ret != EOK) goto done;
-
done:
talloc_free(tmp_ctx);
return ret;
@@ -795,6 +703,15 @@ int confdb_get_domains(struct confdb_ctx *cdb,
goto done;
}
+ tmp = ldb_msg_find_attr_as_string(res->msgs[i], "provider", NULL);
+ if (tmp) {
+ domain->provider = talloc_strdup(domain, tmp);
+ if (!domain->provider) {
+ ret = ENOMEM;
+ goto done;
+ }
+ }
+
domain->timeout = ldb_msg_find_attr_as_int(res->msgs[i],
"timeout", 0);
@@ -815,6 +732,13 @@ int confdb_get_domains(struct confdb_ctx *cdb,
domain->mpg = true;
}
+ /* Determine if user/group names will be Fully Qualified
+ * in NSS interfaces */
+ if (ldb_msg_find_attr_as_bool(res->msgs[i], CONFDB_FQ, 0)) {
+ domain->fqnames = true;
+ }
+
+
domain->id_min = ldb_msg_find_attr_as_uint(res->msgs[i],
"minId", SSSD_MIN_ID);
domain->id_max = ldb_msg_find_attr_as_uint(res->msgs[i],
diff --git a/server/confdb/confdb.h b/server/confdb/confdb.h
index 4767a78e..6d385443 100644
--- a/server/confdb/confdb.h
+++ b/server/confdb/confdb.h
@@ -32,8 +32,10 @@
struct sss_domain_info {
char *name;
+ char *provider;
int timeout;
int enumerate;
+ bool fqnames;
bool legacy;
bool mpg;
uint32_t id_min;
diff --git a/server/confdb/confdb_private.h b/server/confdb/confdb_private.h
new file mode 100644
index 00000000..a911e9c4
--- /dev/null
+++ b/server/confdb/confdb_private.h
@@ -0,0 +1,55 @@
+
+#define CONFDB_BASE_LDIF \
+ "dn: @ATTRIBUTES\n" \
+ "cn: CASE_INSENSITIVE\n" \
+ "dc: CASE_INSENSITIVE\n" \
+ "dn: CASE_INSENSITIVE\n" \
+ "name: CASE_INSENSITIVE\n" \
+ "objectclass: CASE_INSENSITIVE\n" \
+ "\n" \
+ "dn: @INDEXLIST\n" \
+ "@IDXATTR: cn\n" \
+ "\n" \
+ "dn: @MODULES\n" \
+ "@LIST: server_sort\n" \
+ "\n" \
+ "dn: cn=config\n" \
+ "cn: config\n" \
+ "version: 0.1\n" \
+ "description: base object\n" \
+ "\n" \
+ "dn: cn=services,cn=config\n" \
+ "cn: services\n" \
+ "description: Local service configuration\n" \
+ "activeServices: dp\n" \
+ "activeServices: nss\n" \
+ "activeServices: pam\n" \
+ "activeServices: info\n" \
+ "\n" \
+ "dn: cn=monitor,cn=services,cn=config\n" \
+ "cn: monitor\n" \
+ "description: Monitor Configuration\n" \
+ "\n" \
+ "dn: cn=dp,cn=services,cn=config\n" \
+ "cn: dp\n" \
+ "description: Data Provider Configuration\n" \
+ "\n" \
+ "dn: cn=nss,cn=services,cn=config\n" \
+ "cn: nss\n" \
+ "description: NSS Responder Configuration\n" \
+ "\n" \
+ "dn: cn=pam,cn=services,cn=config\n" \
+ "cn: pam\n" \
+ "description: PAM Responder Configuration\n" \
+ "\n" \
+ "dn: cn=domains,cn=config\n" \
+ "cn: domains\n" \
+ "description: Domains served by SSSD\n" \
+ "default: LOCAL\n" \
+ "\n" \
+ "dn: cn=LOCAL,cn=domains,cn=config\n" \
+ "cn: LOCAL\n" \
+ "description: LOCAL domain\n" \
+ "enumerate: 3\n" \
+ "magicPrivateGroups: TRUE\n" \
+ "\n"