diff options
-rw-r--r-- | src/db/sysdb_selinux.c | 66 | ||||
-rw-r--r-- | src/db/sysdb_selinux.h | 6 |
2 files changed, 49 insertions, 23 deletions
diff --git a/src/db/sysdb_selinux.c b/src/db/sysdb_selinux.c index 857b17d9..a6b4809f 100644 --- a/src/db/sysdb_selinux.c +++ b/src/db/sysdb_selinux.c @@ -292,12 +292,53 @@ done: return ret; } +errno_t +sysdb_get_selinux_usermaps(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + const char **attrs, + size_t *count, + struct ldb_message ***messages) +{ + errno_t ret; + char *filter; + struct ldb_dn *basedn; + struct sss_domain_info *domain; + + domain = sysdb_ctx_get_domain(sysdb); + basedn = ldb_dn_new_fmt(mem_ctx, sysdb_ctx_get_ldb(sysdb), + SYSDB_TMPL_SELINUX_BASE, domain->name); + if (!basedn) { + return ENOMEM; + } + + filter = talloc_asprintf(mem_ctx, "(%s=%s)", + SYSDB_OBJECTCLASS, SYSDB_SELINUX_USERMAP_CLASS); + if (filter == NULL) { + talloc_free(basedn); + return ENOMEM; + } + + ret = sysdb_search_entry(mem_ctx, sysdb, basedn, LDB_SCOPE_SUBTREE, filter, + attrs, count, messages); + talloc_free(basedn); + talloc_free(filter); + if (ret == ENOENT) { + *count = 0; + *messages = NULL; + } else if (ret) { + return ret; + } + + return EOK; +} + errno_t sysdb_search_selinux_usermap_by_username(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, const char *username, struct ldb_message ***_usermaps) { TALLOC_CTX *tmp_ctx; + struct ldb_message **msgs = NULL; const char *attrs[] = { SYSDB_NAME, SYSDB_USER_CATEGORY, SYSDB_HOST_CATEGORY, @@ -306,18 +347,14 @@ errno_t sysdb_search_selinux_usermap_by_username(TALLOC_CTX *mem_ctx, SYSDB_SELINUX_HOST_PRIORITY, SYSDB_SELINUX_USER, NULL }; - struct ldb_message **msgs = NULL; struct sysdb_attrs *user; struct sysdb_attrs *tmp_attrs; struct ldb_message **usermaps = NULL; - struct sss_domain_info *domain; - struct ldb_dn *basedn; size_t msgs_count = 0; size_t usermaps_cnt; uint32_t priority = 0; uint32_t host_priority = 0; uint32_t top_priority = 0; - char *filter; errno_t ret; int i; @@ -333,25 +370,8 @@ errno_t sysdb_search_selinux_usermap_by_username(TALLOC_CTX *mem_ctx, } /* Now extract all SELinux user maps */ - domain = sysdb_ctx_get_domain(sysdb); - basedn = ldb_dn_new_fmt(tmp_ctx, sysdb_ctx_get_ldb(sysdb), - SYSDB_TMPL_SELINUX_BASE, domain->name); - if (!basedn) { - ret = ENOMEM; - goto done; - } - - filter = talloc_asprintf(tmp_ctx, "(objectclass=%s)", SYSDB_SELINUX_USERMAP_CLASS); - if (filter == NULL) { - ret = ENOMEM; - goto done; - } - - ret = sysdb_search_entry(tmp_ctx, sysdb, basedn, LDB_SCOPE_SUBTREE, filter, - attrs, &msgs_count, &msgs); - if (ret == ENOENT) { - msgs_count = 0; - } else if (ret) { + ret = sysdb_get_selinux_usermaps(tmp_ctx, sysdb, attrs, &msgs_count, &msgs); + if (ret) { goto done; } diff --git a/src/db/sysdb_selinux.h b/src/db/sysdb_selinux.h index c7dbbe98..5fcbb56e 100644 --- a/src/db/sysdb_selinux.h +++ b/src/db/sysdb_selinux.h @@ -48,6 +48,12 @@ errno_t sysdb_store_selinux_config(struct sysdb_ctx *sysdb, const char *default_map, const char *order); +errno_t sysdb_get_selinux_usermaps(TALLOC_CTX *mem_ctx, + struct sysdb_ctx *sysdb, + const char **attrs, + size_t *count, + struct ldb_message ***messages); + errno_t sysdb_search_selinux_usermap_by_mapname(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, const char *name, |