diff options
-rw-r--r-- | Makefile.am | 4 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo_cache.c | 92 | ||||
-rw-r--r-- | src/providers/ldap/sdap_sudo_cache.h | 33 |
3 files changed, 129 insertions, 0 deletions
diff --git a/Makefile.am b/Makefile.am index 5fd492e7..2ac93ab9 100644 --- a/Makefile.am +++ b/Makefile.am @@ -333,6 +333,7 @@ dist_noinst_HEADERS = \ src/providers/ldap/sdap_access.h \ src/providers/ldap/sdap_async.h \ src/providers/ldap/sdap_async_private.h \ + src/providers/ldap/sdap_sudo_cache.h \ src/providers/ldap/sdap_id_op.h \ src/providers/ipa/ipa_common.h \ src/providers/ipa/ipa_access.h \ @@ -870,6 +871,9 @@ libsss_ldap_la_LIBADD = \ libsss_ldap_la_LDFLAGS = \ -avoid-version \ -module +if BUILD_SUDO +libsss_ldap_la_SOURCES += src/providers/ldap/sdap_sudo_cache.c +endif libsss_proxy_la_SOURCES = \ src/providers/proxy/proxy_common.c \ diff --git a/src/providers/ldap/sdap_sudo_cache.c b/src/providers/ldap/sdap_sudo_cache.c new file mode 100644 index 00000000..c58fa1c3 --- /dev/null +++ b/src/providers/ldap/sdap_sudo_cache.c @@ -0,0 +1,92 @@ +/* + Authors: + Jakub Hrozek <jhrozek@redhat.com> + + Copyright (C) 2011 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#include "db/sysdb.h" +#include "db/sysdb_sudo.h" +#include "providers/ldap/sdap_sudo_cache.h" + +/* ========== Functions specific for the native sudo LDAP schema ========== */ +static errno_t +sdap_save_native_sudorule(struct sysdb_ctx *sysdb_ctx, + struct sdap_attr_map *map, + struct sysdb_attrs *attrs) +{ + errno_t ret; + const char *rule_name; + + ret = sysdb_attrs_get_string(attrs, map[SDAP_AT_SUDO_NAME].sys_name, + &rule_name); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("Could not get rule name [%d]: %s\n", + ret, strerror(ret))); + return ret; + } + + ret = sysdb_save_sudorule(sysdb_ctx, rule_name, attrs); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, ("Could not save sudorule %s\n", rule_name)); + return ret; + } + + return ret; +} + +errno_t +sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx, + struct sdap_attr_map *map, + struct sysdb_attrs **replies, + size_t replies_count) +{ + errno_t ret, tret; + bool in_transaction = false; + size_t i; + + ret = sysdb_transaction_start(sysdb_ctx); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Could not start transaction\n")); + goto fail; + } + in_transaction = true; + + for (i=0; i<replies_count; i++) { + ret = sdap_save_native_sudorule(sysdb_ctx, map, replies[i]); + if (ret != EOK) { + goto fail; + } + } + + ret = sysdb_transaction_commit(sysdb_ctx); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction\n")); + goto fail; + } + in_transaction = false; + + ret = EOK; +fail: + if (in_transaction) { + tret = sysdb_transaction_cancel(sysdb_ctx); + if (tret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Could not cancel transaction\n")); + } + } + + return ret; +} diff --git a/src/providers/ldap/sdap_sudo_cache.h b/src/providers/ldap/sdap_sudo_cache.h new file mode 100644 index 00000000..6bd94235 --- /dev/null +++ b/src/providers/ldap/sdap_sudo_cache.h @@ -0,0 +1,33 @@ +/* + Authors: + Jakub Hrozek <jhrozek@redhat.com> + + Copyright (C) 2011 Red Hat + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 3 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program. If not, see <http://www.gnu.org/licenses/>. +*/ + +#ifndef _SDAP_SUDO_CACHE_H_ +#define _SDAP_SUDO_CACHE_H_ + +#include "src/providers/ldap/sdap.h" + +/* Cache functions specific for the native sudo LDAP schema */ +errno_t +sdap_save_native_sudorule_list(struct sysdb_ctx *sysdb_ctx, + struct sdap_attr_map *map, + struct sysdb_attrs **replies, + size_t replies_count); + +#endif /* _SDAP_SUDO_CACHE_H_ */ |