diff options
-rw-r--r-- | src/providers/ipa/ipa_access.c | 17 | ||||
-rw-r--r-- | src/providers/ipa/ipa_hbac_common.c | 38 | ||||
-rw-r--r-- | src/providers/ipa/ipa_hbac_private.h | 6 |
3 files changed, 25 insertions, 36 deletions
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c index 3f84d6c5..a0158f53 100644 --- a/src/providers/ipa/ipa_access.c +++ b/src/providers/ipa/ipa_access.c @@ -463,7 +463,6 @@ static void hbac_sysdb_save(struct tevent_req *req) struct hbac_ctx *hbac_ctx = tevent_req_callback_data(req, struct hbac_ctx); struct sss_domain_info *domain = hbac_ctx_be(hbac_ctx)->domain; - struct sysdb_ctx *sysdb = hbac_ctx_sysdb(hbac_ctx); struct ldb_dn *base_dn; struct be_ctx *be_ctx = hbac_ctx_be(hbac_ctx); struct ipa_access_ctx *access_ctx = @@ -488,7 +487,7 @@ static void hbac_sysdb_save(struct tevent_req *req) /* Delete any rules in the sysdb so offline logins * are also denied. */ - base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, + base_dn = sysdb_custom_subtree_dn(domain->sysdb, tmp_ctx, domain, HBAC_RULES_SUBDIR); if (base_dn == NULL) { talloc_free(tmp_ctx); @@ -496,7 +495,7 @@ static void hbac_sysdb_save(struct tevent_req *req) return; } - ret = sysdb_delete_recursive(sysdb, base_dn, true); + ret = sysdb_delete_recursive(domain->sysdb, base_dn, true); talloc_free(tmp_ctx); if (ret != EOK) { DEBUG(1, ("sysdb_delete_recursive failed.\n")); @@ -513,7 +512,7 @@ static void hbac_sysdb_save(struct tevent_req *req) return; } - ret = sysdb_transaction_start(sysdb); + ret = sysdb_transaction_start(domain->sysdb); if (ret != EOK) { DEBUG(0, ("Could not start transaction\n")); goto fail; @@ -521,7 +520,7 @@ static void hbac_sysdb_save(struct tevent_req *req) in_transaction = true; /* Save the hosts */ - ret = ipa_hbac_sysdb_save(sysdb, domain, + ret = ipa_hbac_sysdb_save(domain, HBAC_HOSTS_SUBDIR, SYSDB_FQDN, hbac_ctx->host_count, hbac_ctx->hosts, HBAC_HOSTGROUPS_SUBDIR, SYSDB_NAME, @@ -534,7 +533,7 @@ static void hbac_sysdb_save(struct tevent_req *req) } /* Save the services */ - ret = ipa_hbac_sysdb_save(sysdb, domain, + ret = ipa_hbac_sysdb_save(domain, HBAC_SERVICES_SUBDIR, IPA_CN, hbac_ctx->service_count, hbac_ctx->services, HBAC_SERVICEGROUPS_SUBDIR, IPA_CN, @@ -546,7 +545,7 @@ static void hbac_sysdb_save(struct tevent_req *req) goto fail; } /* Save the rules */ - ret = ipa_hbac_sysdb_save(sysdb, domain, + ret = ipa_hbac_sysdb_save(domain, HBAC_RULES_SUBDIR, IPA_UNIQUE_ID, hbac_ctx->rule_count, hbac_ctx->rules, @@ -557,7 +556,7 @@ static void hbac_sysdb_save(struct tevent_req *req) goto fail; } - ret = sysdb_transaction_commit(sysdb); + ret = sysdb_transaction_commit(domain->sysdb); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction\n")); goto fail; @@ -580,7 +579,7 @@ static void hbac_sysdb_save(struct tevent_req *req) fail: if (in_transaction) { - ret = sysdb_transaction_cancel(sysdb); + ret = sysdb_transaction_cancel(domain->sysdb); if (ret != EOK) { DEBUG(0, ("Could not cancel transaction\n")); } diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c index 8f921f82..c8fb1aa1 100644 --- a/src/providers/ipa/ipa_hbac_common.c +++ b/src/providers/ipa/ipa_hbac_common.c @@ -24,9 +24,9 @@ #include "providers/ipa/ipa_hbac.h" #include "providers/ipa/ipa_common.h" -errno_t -ipa_hbac_save_list(struct sysdb_ctx *sysdb, bool delete_subdir, - const char *subdir, struct sss_domain_info *domain, +static errno_t +ipa_hbac_save_list(struct sss_domain_info *domain, + bool delete_subdir, const char *subdir, const char *naming_attribute, size_t count, struct sysdb_attrs **list) { @@ -44,13 +44,14 @@ ipa_hbac_save_list(struct sysdb_ctx *sysdb, bool delete_subdir, } if (delete_subdir) { - base_dn = sysdb_custom_subtree_dn(sysdb, tmp_ctx, domain, subdir); + base_dn = sysdb_custom_subtree_dn(domain->sysdb, tmp_ctx, + domain, subdir); if (base_dn == NULL) { ret = ENOMEM; goto done; } - ret = sysdb_delete_recursive(sysdb, base_dn, true); + ret = sysdb_delete_recursive(domain->sysdb, base_dn, true); if (ret != EOK) { DEBUG(1, ("sysdb_delete_recursive failed.\n")); goto done; @@ -77,7 +78,8 @@ ipa_hbac_save_list(struct sysdb_ctx *sysdb, bool delete_subdir, } DEBUG(9, ("Object name: [%s].\n", object_name)); - ret = sysdb_store_custom(sysdb, domain, object_name, subdir, list[c]); + ret = sysdb_store_custom(domain->sysdb, domain, + object_name, subdir, list[c]); if (ret != EOK) { DEBUG(1, ("sysdb_store_custom failed.\n")); goto done; @@ -92,7 +94,7 @@ done: } errno_t -ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, +ipa_hbac_sysdb_save(struct sss_domain_info *domain, const char *primary_subdir, const char *attr_name, size_t primary_count, struct sysdb_attrs **primary, const char *group_subdir, const char *groupattr_name, @@ -110,7 +112,7 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, } /* Save the entries and groups to the cache */ - ret = sysdb_transaction_start(sysdb); + ret = sysdb_transaction_start(domain->sysdb); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to start transaction\n")); goto done; @@ -118,12 +120,8 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, in_transaction = true; /* First, save the specific entries */ - ret = ipa_hbac_save_list(sysdb, true, - primary_subdir, - domain, - attr_name, - primary_count, - primary); + ret = ipa_hbac_save_list(domain, true, primary_subdir, + attr_name, primary_count, primary); if (ret != EOK) { DEBUG(1, ("Could not save %s. [%d][%s]\n", primary_subdir, ret, strerror(ret))); @@ -132,12 +130,8 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, /* Second, save the groups */ if (group_count > 0) { - ret = ipa_hbac_save_list(sysdb, true, - group_subdir, - domain, - groupattr_name, - group_count, - groups); + ret = ipa_hbac_save_list(domain, true, group_subdir, + groupattr_name, group_count, groups); if (ret != EOK) { DEBUG(1, ("Could not save %s. [%d][%s]\n", group_subdir, ret, strerror(ret))); @@ -145,7 +139,7 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, } } - ret = sysdb_transaction_commit(sysdb); + ret = sysdb_transaction_commit(domain->sysdb); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to commit transaction\n")); goto done; @@ -154,7 +148,7 @@ ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, done: if (in_transaction) { - sret = sysdb_transaction_cancel(sysdb); + sret = sysdb_transaction_cancel(domain->sysdb); if (sret != EOK) { DEBUG(0, ("Could not cancel sysdb transaction\n")); } diff --git a/src/providers/ipa/ipa_hbac_private.h b/src/providers/ipa/ipa_hbac_private.h index d9d98222..c831cd5c 100644 --- a/src/providers/ipa/ipa_hbac_private.h +++ b/src/providers/ipa/ipa_hbac_private.h @@ -65,12 +65,8 @@ #define HBAC_SERVICEGROUPS_SUBDIR "hbac_servicegroups" /* From ipa_hbac_common.c */ -errno_t ipa_hbac_save_list(struct sysdb_ctx *sysdb, bool delete_subdir, - const char *subdir, struct sss_domain_info *domain, - const char *naming_attribute, size_t count, - struct sysdb_attrs **list); errno_t -ipa_hbac_sysdb_save(struct sysdb_ctx *sysdb, struct sss_domain_info *domain, +ipa_hbac_sysdb_save(struct sss_domain_info *domain, const char *primary_subdir, const char *attr_name, size_t primary_count, struct sysdb_attrs **primary, const char *group_subdir, const char *groupattr_name, |