diff options
author | Simo Sorce <ssorce@redhat.com> | 2009-03-19 21:28:41 -0400 |
---|---|---|
committer | Simo Sorce <ssorce@redhat.com> | 2009-03-20 11:14:56 -0400 |
commit | 7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0 (patch) | |
tree | 529b945482192d47f230f9ddc42a4b91ea4c5e0c /server/confdb | |
parent | 3efbdeae89d67fac737ac7500616054b92693685 (diff) | |
download | sssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.tar.gz sssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.tar.bz2 sssd-7d5bf9a11d60e5330e12d5d94ebba8d6a4606eb0.zip |
Simplify default configuration
Make confdb load a base ldif like sysdb to initialize the db,
makes it simpler to understand at first sight what is the default
configuration.
Make the parameter "command" optional. Derive the default command
from available information.
Make the debug level a global by default so that enabling debug for
all components is as easy as passing just -d X to the sssd binary.
Diffstat (limited to 'server/confdb')
-rw-r--r-- | server/confdb/confdb.c | 146 | ||||
-rw-r--r-- | server/confdb/confdb.h | 2 | ||||
-rw-r--r-- | server/confdb/confdb_private.h | 55 |
3 files changed, 92 insertions, 111 deletions
diff --git a/server/confdb/confdb.c b/server/confdb/confdb.c index dd5c1bd6..0154c140 100644 --- a/server/confdb/confdb.c +++ b/server/confdb/confdb.c @@ -24,12 +24,14 @@ #include "ldb_errors.h" #include "util/util.h" #include "confdb/confdb.h" +#include "confdb/confdb_private.h" #include "util/btreemap.h" #include "db/sysdb.h" #define CONFDB_VERSION "0.1" #define CONFDB_DOMAIN_BASEDN "cn=domains,cn=config" #define CONFDB_DOMAIN_ATTR "cn" #define CONFDB_MPG "magicPrivateGroups" +#define CONFDB_FQ "useFullyQualifiedNames" #define CONFDB_ZERO_CHECK_OR_JUMP(var, ret, err, label) do { \ if (!var) { \ @@ -522,6 +524,8 @@ static int confdb_test(struct confdb_ctx *cdb) static int confdb_init_db(struct confdb_ctx *cdb) { + const char *base_ldif; + struct ldb_ldif *ldif; const char *val[2]; int ret; TALLOC_CTX *tmp_ctx; @@ -529,88 +533,18 @@ static int confdb_init_db(struct confdb_ctx *cdb) tmp_ctx = talloc_new(cdb); if(tmp_ctx == NULL) return ENOMEM; - val[0] = CONFDB_VERSION; - val[1] = NULL; - - /* Add the confdb version */ - ret = confdb_add_param(cdb, - false, - "config", - "version", - val); - if (ret != EOK) goto done; - - /* Set up default monitored services */ - val[0] = "Local service configuration"; - ret = confdb_add_param(cdb, false, "config/services", "description", val); - if (ret != EOK) goto done; - -/* PAM */ - /* set the sssd_pam description */ - val[0] = "PAM Responder Configuration"; - ret = confdb_add_param(cdb, false, "config/services/pam", "description", val); - if (ret != EOK) goto done; - - /* Set the sssd_pam command path */ - val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_pam", SSSD_LIBEXEC_PATH); - CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/pam", "command", val); - if (ret != EOK) goto done; - -#if 0 /* for future use */ - /* Set the sssd_pam socket path */ - val[0] = talloc_asprintf(tmp_ctx, "%s/pam", PIPE_PATH); - CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/pam", "unixSocket", val); - if (ret != EOK) goto done; -#endif /* for future use */ - - /* Add PAM to the list of active services */ - val[0] = "pam"; - ret = confdb_add_param(cdb, false, "config/services", "activeServices", val); - if (ret != EOK) goto done; - -/* NSS */ - /* set the sssd_nss description */ - val[0] = "NSS Responder Configuration"; - ret = confdb_add_param(cdb, false, "config/services/nss", "description", val); - if (ret != EOK) goto done; - - /* Set the sssd_nss command path */ - val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_nss", SSSD_LIBEXEC_PATH); - CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/nss", "command", val); - if (ret != EOK) goto done; - -#if 0 /* for future use */ - /* Set the sssd_nss socket path */ - val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_nss", PIPE_PATH); - CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/nss", "unixSocket", val); - if (ret != EOK) goto done; -#endif /* for future use */ - - /* Add NSS to the list of active services */ - val[0] = "nss"; - ret = confdb_add_param(cdb, false, "config/services", "activeServices", val); - if (ret != EOK) goto done; - -/* Data Provider */ - /* Set the sssd_dp description */ - val[0] = "Data Provider Configuration"; - ret = confdb_add_param(cdb, false, "config/services/dp", "description", val); - if (ret != EOK) goto done; - - /* Set the sssd_dp command path */ - val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_dp", SSSD_LIBEXEC_PATH); - CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/dp", "command", val); - if (ret != EOK) goto done; - - /* Add the Data Provider to the list of active services */ - val[0] = "dp"; - ret = confdb_add_param(cdb, false, "config/services", "activeServices", val); - if (ret != EOK) goto done; + /* cn=confdb does not exists, means db is empty, populate */ + base_ldif = CONFDB_BASE_LDIF; + while ((ldif = ldb_ldif_read_string(cdb->ldb, &base_ldif))) { + ret = ldb_add(cdb->ldb, ldif->msg); + if (ret != LDB_SUCCESS) { + DEBUG(0, ("Failed to inizialiaze DB (%d,[%s]), aborting!\n", + ret, ldb_errstring(cdb->ldb))); + ret = EIO; + goto done; + } + ldb_ldif_read_free(cdb->ldb, ldif); + } /* InfoPipe */ #ifdef HAVE_INFOPIPE @@ -635,47 +569,21 @@ static int confdb_init_db(struct confdb_ctx *cdb) #ifdef HAVE_POLICYKIT /* Set the sssd_pk description */ val[0] = "PolicyKit Backend Configuration"; - ret = confdb_add_param(cdb, false, "config/services/spk", "description", val); + ret = confdb_add_param(cdb, false, "config/services/pk", "description", val); if (ret != EOK) goto done; /* Set the sssd_info command path */ val[0] = talloc_asprintf(tmp_ctx, "%s/sssd_pk", SSSD_LIBEXEC_PATH); CONFDB_ZERO_CHECK_OR_JUMP(val[0], ret, ENOMEM, done); - ret = confdb_add_param(cdb, false, "config/services/spk", "command", val); + ret = confdb_add_param(cdb, false, "config/services/pk", "command", val); if (ret != EOK) goto done; /* Add the InfoPipe to the list of active services */ - val[0] = "spk"; + val[0] = "pk"; ret = confdb_add_param(cdb, false, "config/services", "activeServices", val); if (ret != EOK) goto done; #endif -/* Domains */ - val[0] = "Domains served by SSSD"; - ret = confdb_add_param(cdb, false, "config/domains", "description", val); - if (ret != EOK) goto done; - - /* Default LOCAL domain */ - val[0] = "Reserved domain for local configurations"; - ret = confdb_add_param(cdb, false, "config/domains/LOCAL", "description", val); - if (ret != EOK) goto done; - - val[0] = "LOCAL"; - ret = confdb_add_param(cdb, false, "config/domains", "default", val); - if(ret != EOK) goto done; - - /* Set enumeration of LOCAL domain to allow user and groups - * (mask 1: users, 2: groups) - */ - val[0] = "3"; - ret = confdb_add_param(cdb, false, "config/domains/LOCAL", "enumerate", val); - if (ret != EOK) goto done; - - /* LOCAL uses Magic Private Groups by default */ - val[0] = "TRUE"; - ret = confdb_add_param(cdb, false, "config/domains/LOCAL", CONFDB_MPG, val); - if (ret != EOK) goto done; - done: talloc_free(tmp_ctx); return ret; @@ -795,6 +703,15 @@ int confdb_get_domains(struct confdb_ctx *cdb, goto done; } + tmp = ldb_msg_find_attr_as_string(res->msgs[i], "provider", NULL); + if (tmp) { + domain->provider = talloc_strdup(domain, tmp); + if (!domain->provider) { + ret = ENOMEM; + goto done; + } + } + domain->timeout = ldb_msg_find_attr_as_int(res->msgs[i], "timeout", 0); @@ -815,6 +732,13 @@ int confdb_get_domains(struct confdb_ctx *cdb, domain->mpg = true; } + /* Determine if user/group names will be Fully Qualified + * in NSS interfaces */ + if (ldb_msg_find_attr_as_bool(res->msgs[i], CONFDB_FQ, 0)) { + domain->fqnames = true; + } + + domain->id_min = ldb_msg_find_attr_as_uint(res->msgs[i], "minId", SSSD_MIN_ID); domain->id_max = ldb_msg_find_attr_as_uint(res->msgs[i], diff --git a/server/confdb/confdb.h b/server/confdb/confdb.h index 4767a78e..6d385443 100644 --- a/server/confdb/confdb.h +++ b/server/confdb/confdb.h @@ -32,8 +32,10 @@ struct sss_domain_info { char *name; + char *provider; int timeout; int enumerate; + bool fqnames; bool legacy; bool mpg; uint32_t id_min; diff --git a/server/confdb/confdb_private.h b/server/confdb/confdb_private.h new file mode 100644 index 00000000..a911e9c4 --- /dev/null +++ b/server/confdb/confdb_private.h @@ -0,0 +1,55 @@ + +#define CONFDB_BASE_LDIF \ + "dn: @ATTRIBUTES\n" \ + "cn: CASE_INSENSITIVE\n" \ + "dc: CASE_INSENSITIVE\n" \ + "dn: CASE_INSENSITIVE\n" \ + "name: CASE_INSENSITIVE\n" \ + "objectclass: CASE_INSENSITIVE\n" \ + "\n" \ + "dn: @INDEXLIST\n" \ + "@IDXATTR: cn\n" \ + "\n" \ + "dn: @MODULES\n" \ + "@LIST: server_sort\n" \ + "\n" \ + "dn: cn=config\n" \ + "cn: config\n" \ + "version: 0.1\n" \ + "description: base object\n" \ + "\n" \ + "dn: cn=services,cn=config\n" \ + "cn: services\n" \ + "description: Local service configuration\n" \ + "activeServices: dp\n" \ + "activeServices: nss\n" \ + "activeServices: pam\n" \ + "activeServices: info\n" \ + "\n" \ + "dn: cn=monitor,cn=services,cn=config\n" \ + "cn: monitor\n" \ + "description: Monitor Configuration\n" \ + "\n" \ + "dn: cn=dp,cn=services,cn=config\n" \ + "cn: dp\n" \ + "description: Data Provider Configuration\n" \ + "\n" \ + "dn: cn=nss,cn=services,cn=config\n" \ + "cn: nss\n" \ + "description: NSS Responder Configuration\n" \ + "\n" \ + "dn: cn=pam,cn=services,cn=config\n" \ + "cn: pam\n" \ + "description: PAM Responder Configuration\n" \ + "\n" \ + "dn: cn=domains,cn=config\n" \ + "cn: domains\n" \ + "description: Domains served by SSSD\n" \ + "default: LOCAL\n" \ + "\n" \ + "dn: cn=LOCAL,cn=domains,cn=config\n" \ + "cn: LOCAL\n" \ + "description: LOCAL domain\n" \ + "enumerate: 3\n" \ + "magicPrivateGroups: TRUE\n" \ + "\n" |