diff options
-rw-r--r-- | src/db/sysdb.h | 2 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 14 | ||||
-rw-r--r-- | src/providers/ipa/ipa_netgroups.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_netgroups.c | 27 | ||||
-rw-r--r-- | src/providers/proxy/proxy_netgroup.c | 2 | ||||
-rw-r--r-- | src/tests/sysdb-tests.c | 2 |
6 files changed, 45 insertions, 4 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index a9d4b0f8..5f264c25 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -536,6 +536,7 @@ int sysdb_add_netgroup(struct sysdb_ctx *sysdb, const char *name, const char *description, struct sysdb_attrs *attrs, + char **missing, int cache_timeout, time_t now); @@ -567,6 +568,7 @@ int sysdb_store_group(struct sysdb_ctx *sysdb, enum sysdb_member_type { SYSDB_MEMBER_USER, SYSDB_MEMBER_GROUP, + SYSDB_MEMBER_NETGROUP, SYSDB_MEMBER_SERVICE, SYSDB_MEMBER_AUTOFSENTRY }; diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 7606b8f0..59b3bcae 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -1378,6 +1378,7 @@ int sysdb_add_netgroup(struct sysdb_ctx *sysdb, const char *name, const char *description, struct sysdb_attrs *attrs, + char **missing, int cache_timeout, time_t now) { @@ -1422,6 +1423,15 @@ int sysdb_add_netgroup(struct sysdb_ctx *sysdb, ret = sysdb_set_netgroup_attr(sysdb, name, attrs, SYSDB_MOD_REP); + if (missing) { + ret = sysdb_remove_attrs(sysdb, name, + SYSDB_MEMBER_NETGROUP, + missing); + if (ret != EOK) { + DEBUG(SSSDBG_MINOR_FAILURE, ("Could not remove missing attributes\n")); + } + } + done: if (ret == EOK) { ret = ldb_transaction_commit(sysdb->ldb); @@ -2956,6 +2966,10 @@ errno_t sysdb_remove_attrs(struct sysdb_ctx *sysdb, msg->dn = sysdb_group_dn(sysdb, msg, sysdb->domain->name, name); break; + case SYSDB_MEMBER_NETGROUP: + msg->dn = sysdb_netgroup_dn(sysdb, msg, sysdb->domain->name, name); + break; + case SYSDB_MEMBER_SERVICE: msg->dn = sysdb_svc_dn(sysdb, msg, sysdb->domain->name, name); break; diff --git a/src/providers/ipa/ipa_netgroups.c b/src/providers/ipa/ipa_netgroups.c index 05c7e230..a8e0d344 100644 --- a/src/providers/ipa/ipa_netgroups.c +++ b/src/providers/ipa/ipa_netgroups.c @@ -171,7 +171,7 @@ static errno_t ipa_save_netgroup(TALLOC_CTX *mem_ctx, DEBUG(6, ("Storing info for netgroup %s\n", name)); - ret = sysdb_add_netgroup(ctx, name, NULL, netgroup_attrs, + ret = sysdb_add_netgroup(ctx, name, NULL, netgroup_attrs, NULL, dom->netgroup_timeout, 0); if (ret) goto fail; diff --git a/src/providers/ldap/sdap_async_netgroups.c b/src/providers/ldap/sdap_async_netgroups.c index 931a1f86..a5f30623 100644 --- a/src/providers/ldap/sdap_async_netgroups.c +++ b/src/providers/ldap/sdap_async_netgroups.c @@ -49,6 +49,8 @@ static errno_t sdap_save_netgroup(TALLOC_CTX *memctx, const char *name = NULL; int ret; char *timestamp = NULL; + const char **ldap_attrs = NULL; + char **missing = NULL; ret = sysdb_attrs_get_el(attrs, opts->netgroup_map[SDAP_AT_NETGROUP_NAME].sys_name, @@ -127,7 +129,30 @@ static errno_t sdap_save_netgroup(TALLOC_CTX *memctx, goto fail; } - ret = sysdb_add_netgroup(ctx, name, NULL, netgroup_attrs, + ret = build_attrs_from_map(attrs, opts->netgroup_map, SDAP_OPTS_NETGROUP, + &ldap_attrs); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to retrieve attributes from map\n")); + goto fail; + } + + /* Make sure that any attributes we requested from LDAP that we + * did not receive are also removed from the sysdb + */ + ret = list_missing_attrs(attrs, opts->netgroup_map, SDAP_OPTS_NETGROUP, + ldap_attrs, attrs, &missing); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to list missing attributes\n")); + goto fail; + } + + /* Remove missing attributes */ + if (missing && !missing[0]) { + /* Nothing to remove */ + talloc_zfree(missing); + } + + ret = sysdb_add_netgroup(ctx, name, NULL, netgroup_attrs, missing, dom->netgroup_timeout, now); if (ret) goto fail; diff --git a/src/providers/proxy/proxy_netgroup.c b/src/providers/proxy/proxy_netgroup.c index 47a425b4..797f8c6b 100644 --- a/src/providers/proxy/proxy_netgroup.c +++ b/src/providers/proxy/proxy_netgroup.c @@ -87,7 +87,7 @@ static errno_t save_netgroup(struct sysdb_ctx *sysdb, } } - ret = sysdb_add_netgroup(sysdb, name, NULL, attrs, cache_timeout, 0); + ret = sysdb_add_netgroup(sysdb, name, NULL, attrs, NULL, cache_timeout, 0); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_add_netgroup failed.\n")); return ret; diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index 886491a7..b3aaa266 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -2785,7 +2785,7 @@ START_TEST(test_odd_characters) /* Add */ ret = sysdb_add_netgroup(test_ctx->sysdb, odd_netgroupname, "No description", - NULL, 30, 0); + NULL, NULL, 30, 0); fail_unless(ret == EOK, "sysdb_add_netgroup error [%d][%s]", ret, strerror(ret)); |