diff options
-rw-r--r-- | src/db/sysdb.h | 6 | ||||
-rw-r--r-- | src/db/sysdb_ops.c | 11 | ||||
-rw-r--r-- | src/db/sysdb_selinux.c | 4 | ||||
-rw-r--r-- | src/db/sysdb_subdomains.c | 11 | ||||
-rw-r--r-- | src/db/sysdb_sudo.c | 4 | ||||
-rw-r--r-- | src/providers/ipa/ipa_auth.c | 1 | ||||
-rw-r--r-- | src/providers/ipa/ipa_hbac_common.c | 9 | ||||
-rw-r--r-- | src/providers/ipa/ipa_selinux.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async.h | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_groups.c | 2 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups.c | 32 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_initgroups_ad.c | 14 | ||||
-rw-r--r-- | src/providers/ldap/sdap_async_private.h | 1 | ||||
-rw-r--r-- | src/providers/proxy/proxy_id.c | 8 | ||||
-rw-r--r-- | src/providers/simple/simple_access.c | 2 | ||||
-rw-r--r-- | src/tests/sysdb-tests.c | 7 | ||||
-rw-r--r-- | src/tools/sss_groupshow.c | 2 | ||||
-rw-r--r-- | src/util/sss_selinux.c | 3 | ||||
-rw-r--r-- | src/util/sss_selinux.h | 1 |
19 files changed, 70 insertions, 52 deletions
diff --git a/src/db/sysdb.h b/src/db/sysdb.h index 097e0a1a..b744ac24 100644 --- a/src/db/sysdb.h +++ b/src/db/sysdb.h @@ -385,11 +385,6 @@ errno_t sysdb_master_domain_add_info(struct sysdb_ctx *sysdb, struct sysdb_subdom *domain_info); -errno_t sysdb_search_domuser_by_name(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain, - const char *name, - const char **attrs, - struct ldb_message **msg); errno_t sysdb_search_domuser_by_uid(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, uid_t uid, @@ -552,6 +547,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx, /* Search User (by uid or name) */ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char **attrs, struct ldb_message **msg); diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c index 08d7734d..76f19878 100644 --- a/src/db/sysdb_ops.c +++ b/src/db/sysdb_ops.c @@ -233,6 +233,7 @@ int sysdb_search_entry(TALLOC_CTX *mem_ctx, int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, const char **attrs, struct ldb_message **msg) @@ -249,7 +250,7 @@ int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx, return ENOMEM; } - basedn = sysdb_user_dn(sysdb, tmp_ctx, sysdb->domain, name); + basedn = sysdb_user_dn(sysdb, tmp_ctx, domain, name); if (!basedn) { ret = ENOMEM; goto done; @@ -1295,7 +1296,7 @@ int sysdb_add_group(struct sysdb_ctx *sysdb, * Don't worry about users, if we try to add a user with the same * name the operation will fail */ - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, name, NULL, &msg); if (ret != ENOENT) { if (ret == EOK) ret = EEXIST; @@ -1640,7 +1641,7 @@ int sysdb_store_user(struct sysdb_ctx *sysdb, in_transaction = true; - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain, name, NULL, &msg); if (ret && ret != ENOENT) { goto fail; @@ -2393,7 +2394,7 @@ int sysdb_delete_user(struct sysdb_ctx *sysdb, } if (name) { - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain, name, NULL, &msg); } else { ret = sysdb_search_user_by_uid(tmp_ctx, sysdb, @@ -2817,7 +2818,7 @@ int sysdb_cache_auth(struct sysdb_ctx *sysdb, return ret; } - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain, name, attrs, &ldb_msg); if (ret != EOK) { DEBUG(1, ("sysdb_search_user_by_name failed [%d][%s].\n", diff --git a/src/db/sysdb_selinux.c b/src/db/sysdb_selinux.c index 44e87024..c1fb07fb 100644 --- a/src/db/sysdb_selinux.c +++ b/src/db/sysdb_selinux.c @@ -363,8 +363,10 @@ errno_t sysdb_search_selinux_usermap_by_username(TALLOC_CTX *mem_ctx, return ENOMEM; } + domain = sysdb->domain; + /* Now extract user attributes */ - ret = sss_selinux_extract_user(tmp_ctx, sysdb, username, &user); + ret = sss_selinux_extract_user(tmp_ctx, sysdb, domain, username, &user); if (ret != EOK) { goto done; } diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c index 9f20ed59..de5a6ac1 100644 --- a/src/db/sysdb_subdomains.c +++ b/src/db/sysdb_subdomains.c @@ -577,17 +577,6 @@ errno_t sysdb_get_subdomain_context(TALLOC_CTX *mem_ctx, } \ } while(0) -errno_t sysdb_search_domuser_by_name(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain, - const char *name, - const char **attrs, - struct ldb_message **msg) -{ - CHECK_DOMAIN_INFO(domain); - - return sysdb_search_user_by_name(mem_ctx, domain->sysdb, name, attrs, msg); -} - errno_t sysdb_search_domuser_by_uid(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, uid_t uid, diff --git a/src/db/sysdb_sudo.c b/src/db/sysdb_sudo.c index 9a8e76aa..43c17bd6 100644 --- a/src/db/sysdb_sudo.c +++ b/src/db/sysdb_sudo.c @@ -332,8 +332,8 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx, const char *username, tmp_ctx = talloc_new(NULL); NULL_CHECK(tmp_ctx, ret, done); - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, username, - attrs, &msg); + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, sysdb->domain, + username, attrs, &msg); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, ("Error looking up user %s\n", username)); goto done; diff --git a/src/providers/ipa/ipa_auth.c b/src/providers/ipa/ipa_auth.c index ee15afa5..b409542d 100644 --- a/src/providers/ipa/ipa_auth.c +++ b/src/providers/ipa/ipa_auth.c @@ -358,6 +358,7 @@ static void ipa_migration_flag_connect_done(struct tevent_req *req) attrs[1] = NULL; ret = sysdb_search_user_by_name(state, state->be_req->be_ctx->sysdb, + state->be_req->be_ctx->domain, state->pd->user, attrs, &user_msg); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_search_user_by_name failed.\n")); diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c index 73789bd1..9ccab784 100644 --- a/src/providers/ipa/ipa_hbac_common.c +++ b/src/providers/ipa/ipa_hbac_common.c @@ -410,6 +410,7 @@ done: static errno_t hbac_eval_user_element(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *username, struct hbac_request_element **user_element); @@ -462,10 +463,10 @@ hbac_ctx_to_eval_request(TALLOC_CTX *mem_ctx, ret = ENOMEM; goto done; } - ret = hbac_eval_user_element(eval_req, user_dom->sysdb, + ret = hbac_eval_user_element(eval_req, user_dom->sysdb, user_dom, pd->user, &eval_req->user); } else { - ret = hbac_eval_user_element(eval_req, sysdb, + ret = hbac_eval_user_element(eval_req, sysdb, domain, pd->user, &eval_req->user); } if (ret != EOK) goto done; @@ -515,6 +516,7 @@ done: static errno_t hbac_eval_user_element(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *username, struct hbac_request_element **user_element) { @@ -543,7 +545,8 @@ hbac_eval_user_element(TALLOC_CTX *mem_ctx, * This will give us the list of both POSIX and * non-POSIX groups that this user belongs to. */ - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, users->name, attrs, &msg); + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, + users->name, attrs, &msg); if (ret != EOK) { DEBUG(1, ("Could not determine user memberships for [%s]\n", users->name)); diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c index 7a615677..744dc46c 100644 --- a/src/providers/ipa/ipa_selinux.c +++ b/src/providers/ipa/ipa_selinux.c @@ -141,7 +141,7 @@ ipa_selinux_create_op_ctx(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, } op_ctx->be_req = be_req; - ret = sss_selinux_extract_user(op_ctx, sysdb, username, &op_ctx->user); + ret = sss_selinux_extract_user(op_ctx, sysdb, domain, username, &op_ctx->user); if (ret != EOK) { goto fail; } diff --git a/src/providers/ldap/sdap_async.h b/src/providers/ldap/sdap_async.h index c5dc1703..69590b9e 100644 --- a/src/providers/ldap/sdap_async.h +++ b/src/providers/ldap/sdap_async.h @@ -268,6 +268,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct sdap_options *opts, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_handle *sh, const char *name, const char *orig_dn, @@ -282,6 +283,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct sdap_options *opts, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_handle *sh, const char *name, const char *orig_dn, diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c index fe540e8c..c4957fb1 100644 --- a/src/providers/ldap/sdap_async_groups.c +++ b/src/providers/ldap/sdap_async_groups.c @@ -1262,7 +1262,7 @@ sdap_process_group_members_2307(struct sdap_process_group_state *state, /* We need to skip over zero-length usernames */ if (member_name[0] == '\0') continue; - ret = sysdb_search_user_by_name(state, state->sysdb, + ret = sysdb_search_user_by_name(state, state->sysdb, state->dom, member_name, NULL, &msg); if (ret == EOK) { /* diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c index 66be76e6..ad794b8d 100644 --- a/src/providers/ldap/sdap_async_initgroups.c +++ b/src/providers/ldap/sdap_async_initgroups.c @@ -300,6 +300,7 @@ done: struct sdap_initgr_rfc2307_state { struct tevent_context *ev; struct sysdb_ctx *sysdb; + struct sss_domain_info *domain; struct sdap_options *opts; struct sdap_handle *sh; const char **attrs; @@ -324,6 +325,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, struct tevent_context *ev, struct sdap_options *opts, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_handle *sh, const char *name) { @@ -339,6 +341,7 @@ struct tevent_req *sdap_initgr_rfc2307_send(TALLOC_CTX *memctx, state->ev = ev; state->opts = opts; state->sysdb = sysdb; + state->domain = domain; state->sh = sh; state->op = NULL; state->timeout = dp_opt_get_int(state->opts->basic, SDAP_SEARCH_TIMEOUT); @@ -502,8 +505,8 @@ static void sdap_initgr_rfc2307_process(struct tevent_req *subreq) } /* Search for all groups for which this user is a member */ - ret = get_sysdb_grouplist(state, state->sysdb, state->name, - &sysdb_grouplist); + ret = get_sysdb_grouplist(state, state->sysdb, state->domain, + state->name, &sysdb_grouplist); if (ret != EOK) { tevent_req_error(req, ret); return; @@ -2712,7 +2715,7 @@ static void sdap_get_initgr_user(struct tevent_req *subreq) switch (state->opts->schema_type) { case SDAP_SCHEMA_RFC2307: subreq = sdap_initgr_rfc2307_send(state, state->ev, state->opts, - state->sysdb, state->sh, + state->sysdb, state->dom, state->sh, cname); if (!subreq) { tevent_req_error(req, ENOMEM); @@ -2736,18 +2739,26 @@ static void sdap_get_initgr_user(struct tevent_req *subreq) /* Take advantage of AD's tokenGroups mechanism to look up all * parent groups in a single request. */ - subreq = sdap_get_ad_tokengroups_initgroups_send( - state, state->ev, state->opts, state->sysdb, - state->sh, cname, orig_dn, state->timeout); + subreq = sdap_get_ad_tokengroups_initgroups_send(state, state->ev, + state->opts, + state->sysdb, + state->dom, + state->sh, + cname, orig_dn, + state->timeout); } else if (state->opts->support_matching_rule && dp_opt_get_bool(state->opts->basic, SDAP_AD_MATCHING_RULE_INITGROUPS)) { /* Take advantage of AD's extensibleMatch filter to look up * all parent groups in a single request. */ - subreq = sdap_get_ad_match_rule_initgroups_send( - state, state->ev, state->opts, state->sysdb, - state->sh, cname, orig_dn, state->timeout); + subreq = sdap_get_ad_match_rule_initgroups_send(state, state->ev, + state->opts, + state->sysdb, + state->dom, + state->sh, + cname, orig_dn, + state->timeout); } else { subreq = sdap_initgr_rfc2307bis_send( state, state->ev, state->opts, state->sysdb, @@ -2965,6 +2976,7 @@ int sdap_get_initgr_recv(struct tevent_req *req) errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, char ***grouplist) { @@ -2982,7 +2994,7 @@ errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx, tmp_ctx = talloc_new(NULL); if (!tmp_ctx) return ENOMEM; - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, name, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, name, attrs, &msg); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c index 8c0e7062..9b1acd6a 100644 --- a/src/providers/ldap/sdap_async_initgroups_ad.c +++ b/src/providers/ldap/sdap_async_initgroups_ad.c @@ -31,6 +31,7 @@ struct sdap_ad_match_rule_initgr_state { struct tevent_context *ev; struct sdap_options *opts; struct sysdb_ctx *sysdb; + struct sss_domain_info *domain; struct sdap_handle *sh; const char *name; const char *orig_dn; @@ -57,6 +58,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct sdap_options *opts, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_handle *sh, const char *name, const char *orig_dn, @@ -75,6 +77,7 @@ sdap_get_ad_match_rule_initgroups_send(TALLOC_CTX *mem_ctx, state->ev = ev; state->opts = opts; state->sysdb = sysdb; + state->domain = domain; state->sh = sh; state->name = name; state->orig_dn = orig_dn; @@ -252,8 +255,8 @@ sdap_get_ad_match_rule_initgroups_step(struct tevent_req *subreq) /* Get the current sysdb group list for this user * so we can update it. */ - ret = get_sysdb_grouplist(state, state->sysdb, state->name, - &sysdb_grouplist); + ret = get_sysdb_grouplist(state, state->sysdb, state->domain, + state->name, &sysdb_grouplist); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Could not get the list of groups for [%s] in the sysdb: " @@ -297,6 +300,7 @@ struct sdap_ad_tokengroups_initgr_state { struct tevent_context *ev; struct sdap_options *opts; struct sysdb_ctx *sysdb; + struct sss_domain_info *domain; struct sdap_handle *sh; const char *username; }; @@ -309,6 +313,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx, struct tevent_context *ev, struct sdap_options *opts, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sdap_handle *sh, const char *name, const char *orig_dn, @@ -326,6 +331,7 @@ sdap_get_ad_tokengroups_initgroups_send(TALLOC_CTX *mem_ctx, state->ev = ev; state->opts = opts; state->sysdb = sysdb; + state->domain = domain; state->sh = sh; state->username = name; @@ -515,8 +521,8 @@ sdap_get_ad_tokengroups_initgroups_lookup_done(struct tevent_req *subreq) /* Get the current sysdb group list for this user * so we can update it. */ - ret = get_sysdb_grouplist(state, state->sysdb, state->username, - &sysdb_grouplist); + ret = get_sysdb_grouplist(state, state->sysdb, state->domain, + state->username, &sysdb_grouplist); if (ret != EOK) { DEBUG(SSSDBG_MINOR_FAILURE, ("Could not get the list of groups for [%s] in the sysdb: " diff --git a/src/providers/ldap/sdap_async_private.h b/src/providers/ldap/sdap_async_private.h index c0faab50..871cce4e 100644 --- a/src/providers/ldap/sdap_async_private.h +++ b/src/providers/ldap/sdap_async_private.h @@ -116,6 +116,7 @@ int sdap_initgr_common_store(struct sysdb_ctx *sysdb, errno_t get_sysdb_grouplist(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *name, char ***grouplist); #endif /* _SDAP_ASYNC_PRIVATE_H_ */ diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c index 76f27955..57449417 100644 --- a/src/providers/proxy/proxy_id.c +++ b/src/providers/proxy/proxy_id.c @@ -515,6 +515,7 @@ done: static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sysdb_attrs *group_attrs, struct group *grp, time_t now); @@ -561,7 +562,7 @@ static int save_group(struct sysdb_ctx *sysdb, struct sss_domain_info *dom, } /* Create ghost users */ - ret = proxy_process_missing_users(sysdb, attrs, grp, now); + ret = proxy_process_missing_users(sysdb, dom, attrs, grp, now); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Could not add missing members\n")); goto done; @@ -642,6 +643,7 @@ done: } static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, struct sysdb_attrs *group_attrs, struct group *grp, time_t now) @@ -657,8 +659,8 @@ static errno_t proxy_process_missing_users(struct sysdb_ctx *sysdb, if (!tmp_ctx) return ENOMEM; for (i = 0; grp->gr_mem[i]; i++) { - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, grp->gr_mem[i], - NULL, &msg); + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, + grp->gr_mem[i], NULL, &msg); if (ret == EOK) { /* Member already exists in the cache */ DEBUG(SSSDBG_TRACE_INTERNAL, diff --git a/src/providers/simple/simple_access.c b/src/providers/simple/simple_access.c index 70d1f072..05388af4 100644 --- a/src/providers/simple/simple_access.c +++ b/src/providers/simple/simple_access.c @@ -107,7 +107,7 @@ errno_t simple_access_check(struct simple_ctx *ctx, const char *username, goto done; } - ret = sysdb_search_user_by_name(tmp_ctx, ctx->sysdb, + ret = sysdb_search_user_by_name(tmp_ctx, ctx->sysdb, ctx->domain, username, user_attrs, &msg); if (ret != EOK) { DEBUG(1, ("Could not look up username [%s]: [%d][%s]\n", diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c index c0ea6401..236c41aa 100644 --- a/src/tests/sysdb-tests.c +++ b/src/tests/sysdb-tests.c @@ -3722,7 +3722,8 @@ START_TEST(test_odd_characters) ret, strerror(ret)); /* Retrieve */ - ret = sysdb_search_user_by_name(test_ctx, test_ctx->sysdb, + ret = sysdb_search_user_by_name(test_ctx, + test_ctx->sysdb, test_ctx->domain, odd_username, NULL, &msg); fail_unless(ret == EOK, "sysdb_search_user_by_name error [%d][%s]", ret, strerror(ret)); @@ -4394,8 +4395,8 @@ START_TEST(test_sysdb_subdomain_user_ops) "name=subdomuser,cn=users,cn=test.sub,cn=sysdb"); fail_unless(check_dn != NULL); - ret = sysdb_search_domuser_by_name(test_ctx, subdomain, "subdomuser", NULL, - &msg); + ret = sysdb_search_user_by_name(test_ctx, subdomain->sysdb, subdomain, + "subdomuser", NULL, &msg); fail_unless(ret == EOK, "sysdb_search_domuser_by_name failed with [%d][%s].", ret, strerror(ret)); fail_unless(ldb_dn_compare(msg->dn, check_dn) == 0, diff --git a/src/tools/sss_groupshow.c b/src/tools/sss_groupshow.c index 42076fe8..f79df935 100644 --- a/src/tools/sss_groupshow.c +++ b/src/tools/sss_groupshow.c @@ -559,7 +559,7 @@ static int group_show_mpg(TALLOC_CTX *mem_ctx, goto fail; } - ret = sysdb_search_user_by_name(info, sysdb, name, attrs, &msg); + ret = sysdb_search_user_by_name(info, sysdb, domain, name, attrs, &msg); if (ret) { DEBUG(2, ("Search failed: %s (%d)\n", strerror(ret), ret)); goto fail; diff --git a/src/util/sss_selinux.c b/src/util/sss_selinux.c index b933d9fc..ee5ddab6 100644 --- a/src/util/sss_selinux.c +++ b/src/util/sss_selinux.c @@ -189,6 +189,7 @@ bool sss_selinux_match(struct sysdb_attrs *usermap, errno_t sss_selinux_extract_user(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *username, struct sysdb_attrs **_user_attrs) { @@ -215,7 +216,7 @@ errno_t sss_selinux_extract_user(TALLOC_CTX *mem_ctx, attrs[1] = SYSDB_ORIG_MEMBEROF; attrs[2] = NULL; - ret = sysdb_search_user_by_name(tmp_ctx, sysdb, username, + ret = sysdb_search_user_by_name(tmp_ctx, sysdb, domain, username, attrs, &user_msg); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("sysdb_search_user_by_name failed.\n")); diff --git a/src/util/sss_selinux.h b/src/util/sss_selinux.h index def38940..5dae5dd3 100644 --- a/src/util/sss_selinux.h +++ b/src/util/sss_selinux.h @@ -41,6 +41,7 @@ errno_t sss_selinux_extract_user(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb, + struct sss_domain_info *domain, const char *username, struct sysdb_attrs **_user_attrs); |