summaryrefslogtreecommitdiff
path: root/src/providers/ldap
diff options
context:
space:
mode:
authorJakub Hrozek <jhrozek@redhat.com>2011-12-08 12:20:50 +0100
committerStephen Gallagher <sgallagh@redhat.com>2011-12-16 14:46:17 -0500
commit4af1d1869d659fec84c518c26844132fa1df8f64 (patch)
treeef93d70afed50ab99737b1b04d6e3b4209d1010e /src/providers/ldap
parent10b6b1fc57bb7c2edb4cfd0a0038303bd33722bc (diff)
downloadsssd-4af1d1869d659fec84c518c26844132fa1df8f64.tar.gz
sssd-4af1d1869d659fec84c518c26844132fa1df8f64.tar.bz2
sssd-4af1d1869d659fec84c518c26844132fa1df8f64.zip
SUDO Integration - LDAP provider - save sudo rules functions
Diffstat (limited to 'src/providers/ldap')
-rw-r--r--src/providers/ldap/sdap_sudo_cache.c92
-rw-r--r--src/providers/ldap/sdap_sudo_cache.h33
2 files changed, 125 insertions, 0 deletions
diff --git a/src/providers/ldap/sdap_sudo_cache.c b/src/providers/ldap/sdap_sudo_cache.c
new file mode 100644
index 00000000..c58fa1c3
--- /dev/null
+++ b/src/providers/ldap/sdap_sudo_cache.c
@@ -0,0 +1,92 @@
+/*
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) 2011 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "db/sysdb.h"
+#include "db/sysdb_sudo.h"
+#include "providers/ldap/sdap_sudo_cache.h"
+
+/* ========== Functions specific for the native sudo LDAP schema ========== */
+static errno_t
+sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx,
+ struct sdap_attr_map *map,
+ struct sysdb_attrs *attrs)
+{
+ errno_t ret;
+ const char *rule_name;
+
+ ret = sysdb_attrs_get_string(attrs, map[SDAP_AT_SUDO_NAME].sys_name,
+ &rule_name);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Could not get rule name [%d]: %s\n",
+ ret, strerror(ret)));
+ return ret;
+ }
+
+ ret = sysdb_save_sudorule(sysdb_ctx, rule_name, attrs);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, ("Could not save sudorule %s\n", rule_name));
+ return ret;
+ }
+
+ return ret;
+}
+
+errno_t
+sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx,
+ struct sdap_attr_map *map,
+ struct sysdb_attrs **replies,
+ size_t replies_count)
+{
+ errno_t ret, tret;
+ bool in_transaction = false;
+ size_t i;
+
+ ret = sysdb_transaction_start(sysdb_ctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Could not start transaction\n"));
+ goto fail;
+ }
+ in_transaction = true;
+
+ for (i=0; i<replies_count; i++) {
+ ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i]);
+ if (ret != EOK) {
+ goto fail;
+ }
+ }
+
+ ret = sysdb_transaction_commit(sysdb_ctx);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction\n"));
+ goto fail;
+ }
+ in_transaction = false;
+
+ ret = EOK;
+fail:
+ if (in_transaction) {
+ tret = sysdb_transaction_cancel(sysdb_ctx);
+ if (tret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE, ("Could not cancel transaction\n"));
+ }
+ }
+
+ return ret;
+}
diff --git a/src/providers/ldap/sdap_sudo_cache.h b/src/providers/ldap/sdap_sudo_cache.h
new file mode 100644
index 00000000..6bd94235
--- /dev/null
+++ b/src/providers/ldap/sdap_sudo_cache.h
@@ -0,0 +1,33 @@
+/*
+ Authors:
+ Jakub Hrozek <jhrozek@redhat.com>
+
+ Copyright (C) 2011 Red Hat
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#ifndef _SDAP_SUDO_CACHE_H_
+#define _SDAP_SUDO_CACHE_H_
+
+#include "src/providers/ldap/sdap.h"
+
+/* Cache functions specific for the native sudo LDAP schema */
+errno_t
+sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx,
+ struct sdap_attr_map *map,
+ struct sysdb_attrs **replies,
+ size_t replies_count);
+
+#endif /* _SDAP_SUDO_CACHE_H_ */