summaryrefslogtreecommitdiff
path: root/server/db
diff options
context:
space:
mode:
Diffstat (limited to 'server/db')
-rw-r--r--server/db/sysdb.c13
-rw-r--r--server/db/sysdb.h109
-rw-r--r--server/db/sysdb_ops.c938
-rw-r--r--server/db/sysdb_private.h12
-rw-r--r--server/db/sysdb_req.c11
-rw-r--r--server/db/sysdb_search.c40
-rw-r--r--server/db/sysdb_sync.c880
7 files changed, 1041 insertions, 962 deletions
diff --git a/server/db/sysdb.c b/server/db/sysdb.c
index 1c91f122..84d580a8 100644
--- a/server/db/sysdb.c
+++ b/server/db/sysdb.c
@@ -24,6 +24,19 @@
#include "confdb/confdb.h"
#include <time.h>
+struct ldb_dn *sysdb_user_dn(struct sysdb_ctx *ctx, void *memctx,
+ const char *domain, const char *name)
+{
+ return ldb_dn_new_fmt(memctx, ctx->ldb, SYSDB_TMPL_USER, name, domain);
+}
+
+struct ldb_dn *sysdb_group_dn(struct sysdb_ctx *ctx, void *memctx,
+ const char *domain, const char *name)
+{
+ return ldb_dn_new_fmt(memctx, ctx->ldb, SYSDB_TMPL_GROUP, name, domain);
+}
+
+
/************************************************
* Initialiazation stuff
*/
diff --git a/server/db/sysdb.h b/server/db/sysdb.h
index c0ef361b..b8393ffe 100644
--- a/server/db/sysdb.h
+++ b/server/db/sysdb.h
@@ -32,18 +32,8 @@
#define SYSDB_TMPL_USER_BASE "cn=users,cn=%s,"SYSDB_BASE
#define SYSDB_TMPL_GROUP_BASE "cn=groups,cn=%s,"SYSDB_BASE
-#define SYSDB_PWNAM_FILTER "(&(objectclass=user)(uid=%s))"
-#define SYSDB_PWUID_FILTER "(&(objectclass=user)(uidNumber=%lu))"
-#define SYSDB_PWENT_FILTER "(objectclass=user)"
-
-#define SYSDB_GRNAM_FILTER "(&(objectclass=group)(gid=%s))"
-#define SYSDB_GRNA2_FILTER "(&(objectclass=user)(memberof=%s))"
-#define SYSDB_GRGID_FILTER "(&(objectclass=group)(gidNumber=%lu))"
-#define SYSDB_GRENT_FILTER "(objectclass=group)"
-
-#define SYSDB_INITGR_FILTER "(&(objectclass=group)(gidNumber=*))"
-
-#define SYSDB_INITGR_LEGACY_FILTER "(&(objectclass=group)(memberUid=%s))"
+#define SYSDB_USER_CLASS "user"
+#define SYSDB_GROUP_CLASS "group"
#define SYSDB_PW_NAME "uid"
#define SYSDB_PW_PWD "userPassword"
@@ -61,6 +51,19 @@
#define SYSDB_LAST_UPDATE "lastUpdate"
+#define SYSDB_PWNAM_FILTER "(&(objectclass="SYSDB_USER_CLASS")("SYSDB_PW_NAME"=%s))"
+#define SYSDB_PWUID_FILTER "(&(objectclass="SYSDB_USER_CLASS")("SYSDB_PW_UIDNUM"=%lu))"
+#define SYSDB_PWENT_FILTER "(objectclass="SYSDB_USER_CLASS")"
+
+#define SYSDB_GRNAM_FILTER "(&(objectclass="SYSDB_GROUP_CLASS")("SYSDB_GR_NAME"=%s))"
+#define SYSDB_GRNA2_FILTER "(&(objectclass="SYSDB_USER_CLASS")("SYSDB_PW_MEMBEROF"=%s))"
+#define SYSDB_GRGID_FILTER "(&(objectclass="SYSDB_GROUP_CLASS")("SYSDB_GR_GIDNUM"=%lu))"
+#define SYSDB_GRENT_FILTER "(objectclass="SYSDB_GROUP_CLASS")"
+
+#define SYSDB_INITGR_FILTER "(&(objectclass="SYSDB_GROUP_CLASS")("SYSDB_GR_GIDNUM"=*))"
+
+#define SYSDB_INITGR_LEGACY_FILTER "(&(objectclass="SYSDB_GROUP_CLASS")("SYSDB_LEGACY_MEMBER"=%s))"
+
#define SYSDB_PW_ATTRS {SYSDB_PW_NAME, SYSDB_PW_UIDNUM, \
SYSDB_PW_GIDNUM, SYSDB_PW_FULLNAME, \
SYSDB_PW_HOMEDIR, SYSDB_PW_SHELL, \
@@ -76,10 +79,15 @@
#define SYSDB_INITGR_ATTRS {SYSDB_GR_GIDNUM, SYSDB_LAST_UPDATE, \
NULL}
+#define SYSDB_TMPL_USER SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE
+#define SYSDB_TMPL_GROUP SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE
+
struct confdb_ctx;
struct sysdb_ctx;
+struct sysdb_req;
typedef void (*sysdb_callback_t)(void *, int, struct ldb_result *);
+typedef void (*sysdb_req_fn_t)(struct sysdb_req *, void *pvt);
int sysdb_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
@@ -135,60 +143,59 @@ int sysdb_initgroups(TALLOC_CTX *mem_ctx,
sysdb_callback_t fn, void *ptr);
-/* the following are all SYNCHRONOUS calls
- * TODO: make these asynchronous */
+struct sysdb_ctx *sysdb_req_get_ctx(struct sysdb_req *req);
-int sysdb_add_group_member(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- struct ldb_dn *member_dn,
- struct ldb_dn *group_dn);
+int sysdb_transaction(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *ctx,
+ sysdb_req_fn_t fn, void *pvt);
+void sysdb_transaction_done(struct sysdb_req *req, int status);
-int sysdb_remove_group_member(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- struct ldb_dn *member_dn,
- struct ldb_dn *group_dn);
+int sysdb_operation(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *ctx,
+ sysdb_req_fn_t fn, void *pvt);
+void sysdb_operation_done(struct sysdb_req *req);
-int sysdb_delete_user(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, const char *name);
+struct ldb_dn *sysdb_user_dn(struct sysdb_ctx *ctx, void *memctx,
+ const char *domain, const char *name);
-int sysdb_delete_user_by_uid(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, uid_t uid);
+struct ldb_dn *sysdb_group_dn(struct sysdb_ctx *ctx, void *memctx,
+ const char *domain, const char *name);
-int sysdb_add_user_to_group(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *group,
- const char *username);
+int sysdb_add_group_member(struct sysdb_req *sysreq,
+ struct ldb_dn *member_dn,
+ struct ldb_dn *group_dn,
+ sysdb_callback_t fn, void *pvt);
+
+int sysdb_remove_group_member(struct sysdb_req *sysreq,
+ struct ldb_dn *member_dn,
+ struct ldb_dn *group_dn,
+ sysdb_callback_t fn, void *pvt);
-int sysdb_remove_user_from_group(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *group,
- const char *username);
+int sysdb_delete_entry(struct sysdb_req *sysreq,
+ struct ldb_dn *dn,
+ sysdb_callback_t fn, void *pvt);
-int sysdb_delete_group(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, const char *name);
+int sysdb_delete_user_by_uid(struct sysdb_req *sysreq,
+ const char *domain, uid_t uid,
+ sysdb_callback_t fn, void *pvt);
-int sysdb_delete_group_by_gid(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, gid_t gid);
+int sysdb_delete_group_by_gid(struct sysdb_req *sysreq,
+ const char *domain, gid_t gid,
+ sysdb_callback_t fn, void *pvt);
-/* legacy synchronous functions for proxy providers */
+/* legacy functions for proxy providers */
-int sysdb_legacy_store_user(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
+int sysdb_legacy_store_user(struct sysdb_req *sysreq,
const char *domain,
const char *name, const char *pwd,
uid_t uid, gid_t gid, const char *gecos,
- const char *homedir, const char *shell);
+ const char *homedir, const char *shell,
+ sysdb_callback_t fn, void *pvt);
-int sysdb_legacy_store_group(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
+int sysdb_legacy_store_group(struct sysdb_req *sysreq,
const char *domain,
const char *name, gid_t gid,
- char **members);
+ const char **members,
+ sysdb_callback_t fn, void *pvt);
#endif /* __SYS_DB_H__ */
diff --git a/server/db/sysdb_ops.c b/server/db/sysdb_ops.c
new file mode 100644
index 00000000..267771b5
--- /dev/null
+++ b/server/db/sysdb_ops.c
@@ -0,0 +1,938 @@
+/*
+ SSSD
+
+ System Database
+
+ Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "util/util.h"
+#include "db/sysdb_private.h"
+#include <time.h>
+
+#define return_error(ctx, ret) ctx->fn(ctx->pvt, ret, NULL)
+#define return_done(ctx) ctx->fn(ctx->pvt, EOK, NULL)
+
+static int add_string(struct ldb_message *msg, int flags,
+ const char *attr, const char *value)
+{
+ int ret;
+
+ ret = ldb_msg_add_empty(msg, attr, flags, NULL);
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_msg_add_string(msg, attr, value);
+ }
+ return ret;
+}
+
+static int add_ulong(struct ldb_message *msg, int flags,
+ const char *attr, unsigned long value)
+{
+ int ret;
+
+ ret = ldb_msg_add_empty(msg, attr, flags, NULL);
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_msg_add_fmt(msg, attr, "%lu", value);
+ }
+ return ret;
+}
+
+/* the following are all SYNCHRONOUS calls
+ * TODO: make these asynchronous */
+
+struct sysdb_cb_ctx {
+ sysdb_callback_t fn;
+ void *pvt;
+
+ bool ignore_not_found;
+};
+
+static int sysdb_op_callback(struct ldb_request *req, struct ldb_reply *rep)
+{
+ struct sysdb_cb_ctx *cbctx;
+
+ cbctx = talloc_get_type(req->context, struct sysdb_cb_ctx);
+
+ if (!rep) {
+ return_error(cbctx, EIO);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if (rep->error != LDB_SUCCESS) {
+ if (! (cbctx->ignore_not_found &&
+ rep->error == LDB_ERR_NO_SUCH_OBJECT)) {
+ return_error(cbctx, sysdb_error_to_errno(rep->error));
+ return rep->error;
+ }
+ }
+
+ talloc_free(rep);
+
+ if (rep->type != LDB_REPLY_DONE) {
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ return_done(cbctx);
+ return LDB_SUCCESS;
+}
+
+int sysdb_add_group_member(struct sysdb_req *sysreq,
+ struct ldb_dn *member_dn,
+ struct ldb_dn *group_dn,
+ sysdb_callback_t fn, void *pvt)
+{
+ struct sysdb_ctx *ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct ldb_request *req;
+ struct ldb_message *msg;
+ const char *dn;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ cbctx = talloc_zero(sysreq, struct sysdb_cb_ctx);
+ if (!cbctx) return ENOMEM;
+
+ cbctx->fn = fn;
+ cbctx->pvt = pvt;
+
+ /* Add the member_dn as a member of the group */
+ msg = ldb_msg_new(cbctx);
+ if(msg == NULL) return ENOMEM;
+
+ msg->dn = group_dn;
+ ret = ldb_msg_add_empty(msg, SYSDB_GR_MEMBER,
+ LDB_FLAG_MOD_ADD, NULL);
+ if (ret != LDB_SUCCESS) return ENOMEM;
+
+ dn = ldb_dn_get_linearized(member_dn);
+ if (!dn) return EINVAL;
+
+ ret = ldb_msg_add_fmt(msg, SYSDB_GR_MEMBER, "%s", dn);
+ if (ret != LDB_SUCCESS) return EINVAL;
+
+ ret = ldb_build_mod_req(&req, ctx->ldb, cbctx, msg,
+ NULL, cbctx, sysdb_op_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build modify request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+int sysdb_remove_group_member(struct sysdb_req *sysreq,
+ struct ldb_dn *member_dn,
+ struct ldb_dn *group_dn,
+ sysdb_callback_t fn, void *pvt)
+{
+ struct sysdb_ctx *ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct ldb_request *req;
+ struct ldb_message *msg;
+ const char *dn;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ cbctx = talloc_zero(sysreq, struct sysdb_cb_ctx);
+ if (!cbctx) return ENOMEM;
+
+ cbctx->fn = fn;
+ cbctx->pvt = pvt;
+
+ /* Add the member_dn as a member of the group */
+ msg = ldb_msg_new(cbctx);
+ if(msg == NULL) return ENOMEM;
+
+ msg->dn = group_dn;
+ ret = ldb_msg_add_empty(msg, SYSDB_GR_MEMBER,
+ LDB_FLAG_MOD_DELETE, NULL);
+ if (ret != LDB_SUCCESS) return ENOMEM;
+
+ dn = ldb_dn_get_linearized(member_dn);
+ if (!dn) return EINVAL;
+
+ ret = ldb_msg_add_fmt(msg, SYSDB_GR_MEMBER, "%s", dn);
+ if (ret != LDB_SUCCESS) return EINVAL;
+
+ ret = ldb_build_mod_req(&req, ctx->ldb, cbctx, msg,
+ NULL, cbctx, sysdb_op_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build modify request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+int sysdb_delete_entry(struct sysdb_req *sysreq,
+ struct ldb_dn *dn,
+ sysdb_callback_t fn, void *pvt)
+{
+ struct sysdb_ctx *ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct ldb_request *req;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ cbctx = talloc_zero(sysreq, struct sysdb_cb_ctx);
+ if (!cbctx) return ENOMEM;
+
+ cbctx->fn = fn;
+ cbctx->pvt = pvt;
+ cbctx->ignore_not_found = true;
+
+ ret = ldb_build_del_req(&req, ctx->ldb, cbctx, dn, NULL,
+ cbctx, sysdb_op_callback, NULL);
+
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("LDB Error: %s(%d)\nError Message: [%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+struct delete_ctx {
+ struct sysdb_req *sysreq;
+ struct sysdb_cb_ctx *cbctx;
+
+ struct ldb_result *res;
+};
+
+static int delete_callback(struct ldb_request *req, struct ldb_reply *rep)
+{
+ struct delete_ctx *del_ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_request *delreq;
+ struct ldb_result *res;
+ struct ldb_dn *dn;
+ int ret;
+
+ del_ctx = talloc_get_type(req->context, struct delete_ctx);
+ ctx = sysdb_req_get_ctx(del_ctx->sysreq);
+ cbctx = del_ctx->cbctx;
+ res = del_ctx->res;
+
+ if (!rep) {
+ return_error(cbctx, EIO);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if (rep->error != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(rep->error));
+ return rep->error;
+ }
+
+ switch (rep->type) {
+ case LDB_REPLY_ENTRY:
+ res->msgs = talloc_realloc(res, res->msgs,
+ struct ldb_message *,
+ res->count + 2);
+ if (!res->msgs) {
+ ret = LDB_ERR_OPERATIONS_ERROR;
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return ret;
+ }
+
+ res->msgs[res->count + 1] = NULL;
+
+ res->msgs[res->count] = talloc_steal(res->msgs, rep->message);
+ res->count++;
+
+ break;
+
+ case LDB_REPLY_DONE:
+
+ if (res->count == 0) {
+ DEBUG(7, ("Base search returned no results\n"));
+ return_done(cbctx);
+ break;
+ }
+ if (res->count > 1) {
+ DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
+ res->count));
+ return_error(cbctx, EFAULT);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ dn = ldb_dn_copy(del_ctx, res->msgs[0]->dn);
+ if (!dn) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(res);
+ del_ctx->res = res = NULL;
+
+ ret = ldb_build_del_req(&delreq, ctx->ldb, cbctx, dn, NULL,
+ cbctx, sysdb_op_callback, NULL);
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_request(ctx->ldb, delreq);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ break;
+
+ default:
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(rep);
+ return LDB_SUCCESS;
+}
+
+int sysdb_delete_user_by_uid(struct sysdb_req *sysreq,
+ const char *domain, uid_t uid,
+ sysdb_callback_t fn, void *pvt)
+{
+ static const char *attrs[] = { SYSDB_PW_NAME, SYSDB_PW_UIDNUM, NULL };
+ struct delete_ctx *del_ctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_dn *base_dn;
+ struct ldb_request *req;
+ char *filter;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ del_ctx = talloc_zero(sysreq, struct delete_ctx);
+ if (!del_ctx) return ENOMEM;
+
+ del_ctx->cbctx = talloc_zero(del_ctx, struct sysdb_cb_ctx);
+ if (!del_ctx->cbctx) return ENOMEM;
+
+ del_ctx->sysreq = sysreq;
+ del_ctx->cbctx->fn = fn;
+ del_ctx->cbctx->pvt = pvt;
+ del_ctx->cbctx->ignore_not_found = true;
+
+ del_ctx->res = talloc_zero(del_ctx, struct ldb_result);
+ if (!del_ctx->res) return ENOMEM;
+
+ base_dn = ldb_dn_new_fmt(del_ctx, ctx->ldb, SYSDB_TMPL_USER_BASE, domain);
+ if (!base_dn) return ENOMEM;
+
+ filter = talloc_asprintf(del_ctx, SYSDB_PWUID_FILTER, (unsigned long)uid);
+ if (!filter) return ENOMEM;
+
+ ret = ldb_build_search_req(&req, ctx->ldb, del_ctx,
+ base_dn, LDB_SCOPE_ONELEVEL,
+ filter, attrs, NULL,
+ del_ctx, delete_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build search request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+int sysdb_delete_group_by_gid(struct sysdb_req *sysreq,
+ const char *domain, gid_t gid,
+ sysdb_callback_t fn, void *pvt)
+{
+ static const char *attrs[] = { SYSDB_GR_NAME, SYSDB_GR_GIDNUM, NULL };
+ struct delete_ctx *del_ctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_dn *base_dn;
+ struct ldb_request *req;
+ char *filter;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ del_ctx = talloc_zero(sysreq, struct delete_ctx);
+ if (!del_ctx) return ENOMEM;
+
+ del_ctx->cbctx = talloc_zero(del_ctx, struct sysdb_cb_ctx);
+ if (!del_ctx->cbctx) return ENOMEM;
+
+ del_ctx->sysreq = sysreq;
+ del_ctx->cbctx->fn = fn;
+ del_ctx->cbctx->pvt = pvt;
+ del_ctx->cbctx->ignore_not_found = true;
+
+ del_ctx->res = talloc_zero(del_ctx, struct ldb_result);
+ if (!del_ctx->res) return ENOMEM;
+
+ base_dn = ldb_dn_new_fmt(del_ctx, ctx->ldb, SYSDB_TMPL_GROUP_BASE, domain);
+ if (!base_dn) return ENOMEM;
+
+ filter = talloc_asprintf(del_ctx, SYSDB_GRGID_FILTER, (unsigned long)gid);
+ if (!filter) return ENOMEM;
+
+ ret = ldb_build_search_req(&req, ctx->ldb, del_ctx,
+ base_dn, LDB_SCOPE_ONELEVEL,
+ filter, attrs, NULL,
+ del_ctx, delete_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build search request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+/* "sysdb_legacy_" functions
+ * the set of functions named sysdb_legacy_* are used by modules
+ * that only have access to strictly posix like databases where
+ * user and groups names are retrieved as strings, groups can't
+ * be nested and can't reference foreign sources */
+
+struct legacy_user_ctx {
+ struct sysdb_req *sysreq;
+ struct sysdb_cb_ctx *cbctx;
+
+ struct ldb_dn *dn;
+
+ const char *domain;
+ const char *name;
+ const char *pwd;
+ uid_t uid;
+ gid_t gid;
+ const char *gecos;
+ const char *homedir;
+ const char *shell;
+
+ struct ldb_result *res;
+};
+
+static int legacy_user_callback(struct ldb_request *req,
+ struct ldb_reply *rep);
+
+int sysdb_legacy_store_user(struct sysdb_req *sysreq,
+ const char *domain,
+ const char *name, const char *pwd,
+ uid_t uid, gid_t gid, const char *gecos,
+ const char *homedir, const char *shell,
+ sysdb_callback_t fn, void *pvt)
+{
+ static const char *attrs[] = { SYSDB_PW_NAME, NULL };
+ struct legacy_user_ctx *user_ctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_request *req;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ user_ctx = talloc(sysreq, struct legacy_user_ctx);
+ if (!user_ctx) return ENOMEM;
+
+ user_ctx->cbctx = talloc_zero(user_ctx, struct sysdb_cb_ctx);
+ if (!user_ctx->cbctx) return ENOMEM;
+
+ user_ctx->dn = sysdb_user_dn(ctx, user_ctx, domain, name);
+ if (!user_ctx->dn) return ENOMEM;
+
+ user_ctx->sysreq = sysreq;
+ user_ctx->cbctx->fn = fn;
+ user_ctx->cbctx->pvt = pvt;
+ user_ctx->domain = domain;
+ user_ctx->name = name;
+ user_ctx->pwd = pwd;
+ user_ctx->uid = uid;
+ user_ctx->gid = gid;
+ user_ctx->gecos = gecos;
+ user_ctx->homedir = homedir;
+ user_ctx->shell = shell;
+
+ user_ctx->res = talloc_zero(user_ctx, struct ldb_result);
+ if (!user_ctx->res) return ENOMEM;
+
+ ret = ldb_build_search_req(&req, ctx->ldb, user_ctx,
+ user_ctx->dn, LDB_SCOPE_BASE,
+ SYSDB_PWENT_FILTER, attrs, NULL,
+ user_ctx, legacy_user_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build search request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+static int legacy_user_callback(struct ldb_request *req,
+ struct ldb_reply *rep)
+{
+ struct legacy_user_ctx *user_ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_message *msg;
+ struct ldb_request *ureq;
+ struct ldb_result *res;
+ int flags;
+ int ret;
+
+ user_ctx = talloc_get_type(req->context, struct legacy_user_ctx);
+ ctx = sysdb_req_get_ctx(user_ctx->sysreq);
+ cbctx = user_ctx->cbctx;
+ res = user_ctx->res;
+
+ if (!rep) {
+ return_error(cbctx, EIO);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if (rep->error != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(rep->error));
+ return rep->error;
+ }
+
+ switch (rep->type) {
+ case LDB_REPLY_ENTRY:
+ res->msgs = talloc_realloc(res, res->msgs,
+ struct ldb_message *,
+ res->count + 2);
+ if (!res->msgs) {
+ ret = LDB_ERR_OPERATIONS_ERROR;
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return ret;
+ }
+
+ res->msgs[res->count + 1] = NULL;
+
+ res->msgs[res->count] = talloc_steal(res->msgs, rep->message);
+ res->count++;
+
+ break;
+
+ case LDB_REPLY_DONE:
+
+ msg = ldb_msg_new(cbctx);
+ if (!msg) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ msg->dn = user_ctx->dn;
+
+ switch (res->count) {
+ case 0:
+ flags = LDB_FLAG_MOD_ADD;
+ break;
+ case 1:
+ flags = LDB_FLAG_MOD_REPLACE;
+ break;
+ default:
+ DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
+ res->count));
+
+ return_error(cbctx, EFAULT);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(res);
+ user_ctx->res = res = NULL;
+
+ if (flags == LDB_FLAG_MOD_ADD) {
+ ret = add_string(msg, flags, "objectClass", SYSDB_USER_CLASS);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ ret = add_string(msg, flags, SYSDB_PW_NAME, user_ctx->name);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ }
+
+ if (user_ctx->pwd && *user_ctx->pwd) {
+ ret = add_string(msg, flags, SYSDB_PW_PWD, user_ctx->pwd);
+ } else {
+ ret = ldb_msg_add_empty(msg, SYSDB_PW_PWD,
+ LDB_FLAG_MOD_DELETE, NULL);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (user_ctx->uid) {
+ ret = add_ulong(msg, flags, SYSDB_PW_UIDNUM,
+ (unsigned long)(user_ctx->uid));
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ } else {
+ DEBUG(0, ("Cached users can't have UID == 0\n"));
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (user_ctx->gid) {
+ ret = add_ulong(msg, flags, SYSDB_PW_GIDNUM,
+ (unsigned long)(user_ctx->gid));
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ } else {
+ DEBUG(0, ("Cached users can't have GID == 0\n"));
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (user_ctx->gecos && *user_ctx->gecos) {
+ ret = add_string(msg, flags, SYSDB_PW_FULLNAME, user_ctx->gecos);
+ } else {
+ ret = ldb_msg_add_empty(msg, SYSDB_PW_FULLNAME,
+ LDB_FLAG_MOD_DELETE, NULL);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (user_ctx->homedir && *user_ctx->homedir) {
+ ret = add_string(msg, flags, SYSDB_PW_HOMEDIR, user_ctx->homedir);
+ } else {
+ ret = ldb_msg_add_empty(msg, SYSDB_PW_HOMEDIR,
+ LDB_FLAG_MOD_DELETE, NULL);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (user_ctx->shell && *user_ctx->shell) {
+ ret = add_string(msg, flags, SYSDB_PW_SHELL, user_ctx->shell);
+ } else {
+ ret = ldb_msg_add_empty(msg, SYSDB_PW_SHELL,
+ LDB_FLAG_MOD_DELETE, NULL);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ /* modification time */
+ ret = add_ulong(msg, flags, SYSDB_LAST_UPDATE,
+ (unsigned long)time(NULL));
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (flags == LDB_FLAG_MOD_ADD) {
+ ret = ldb_build_add_req(&ureq, ctx->ldb, cbctx, msg, NULL,
+ cbctx, sysdb_op_callback, NULL);
+ } else {
+ ret = ldb_build_mod_req(&ureq, ctx->ldb, cbctx, msg, NULL,
+ cbctx, sysdb_op_callback, NULL);
+ }
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_request(ctx->ldb, ureq);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ break;
+
+ default:
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(rep);
+ return LDB_SUCCESS;
+}
+
+
+
+/* this function does not check that all user members are actually present */
+
+struct legacy_group_ctx {
+ struct sysdb_req *sysreq;
+ struct sysdb_cb_ctx *cbctx;
+
+ struct ldb_dn *dn;
+
+ const char *domain;
+ const char *name;
+ gid_t gid;
+ const char **members;
+
+ struct ldb_result *res;
+};
+
+static int legacy_group_callback(struct ldb_request *req,
+ struct ldb_reply *rep);
+
+int sysdb_legacy_store_group(struct sysdb_req *sysreq,
+ const char *domain,
+ const char *name, gid_t gid,
+ const char **members,
+ sysdb_callback_t fn, void *pvt)
+{
+ static const char *attrs[] = { SYSDB_GR_NAME, NULL };
+ struct legacy_group_ctx *group_ctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_request *req;
+ int ret;
+
+ if (!sysdb_req_check_running(sysreq)) {
+ DEBUG(2, ("Invalid request! Not running at this time.\n"));
+ return EINVAL;
+ }
+
+ ctx = sysdb_req_get_ctx(sysreq);
+
+ group_ctx = talloc(sysreq, struct legacy_group_ctx);
+ if (!group_ctx) return ENOMEM;
+
+ group_ctx->cbctx = talloc_zero(group_ctx, struct sysdb_cb_ctx);
+ if (!group_ctx->cbctx) return ENOMEM;
+
+ group_ctx->dn = sysdb_group_dn(ctx, group_ctx, domain, name);
+ if (!group_ctx->dn) return ENOMEM;
+
+ group_ctx->sysreq = sysreq;
+ group_ctx->cbctx->fn = fn;
+ group_ctx->cbctx->pvt = pvt;
+ group_ctx->domain = domain;
+ group_ctx->name = name;
+ group_ctx->gid = gid;
+ group_ctx->members = members;
+
+ group_ctx->res = talloc_zero(group_ctx, struct ldb_result);
+ if (!group_ctx->res) return ENOMEM;
+
+ ret = ldb_build_search_req(&req, ctx->ldb, group_ctx,
+ group_ctx->dn, LDB_SCOPE_BASE,
+ SYSDB_GRENT_FILTER, attrs, NULL,
+ group_ctx, legacy_group_callback, NULL);
+ if (ret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to build search request: %s(%d)[%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(ctx->ldb)));
+ return sysdb_error_to_errno(ret);
+ }
+
+ ret = ldb_request(ctx->ldb, req);
+ if (ret != LDB_SUCCESS) return sysdb_error_to_errno(ret);
+
+ return EOK;
+}
+
+static int legacy_group_callback(struct ldb_request *req,
+ struct ldb_reply *rep)
+{
+ struct legacy_group_ctx *group_ctx;
+ struct sysdb_cb_ctx *cbctx;
+ struct sysdb_ctx *ctx;
+ struct ldb_message *msg;
+ struct ldb_request *greq;
+ struct ldb_result *res;
+ int flags;
+ int i, ret;
+
+ group_ctx = talloc_get_type(req->context, struct legacy_group_ctx);
+ ctx = sysdb_req_get_ctx(group_ctx->sysreq);
+ cbctx = group_ctx->cbctx;
+ res = group_ctx->res;
+
+ if (!rep) {
+ return_error(cbctx, EIO);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ if (rep->error != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(rep->error));
+ return rep->error;
+ }
+
+ switch (rep->type) {
+ case LDB_REPLY_ENTRY:
+ res->msgs = talloc_realloc(res, res->msgs,
+ struct ldb_message *,
+ res->count + 2);
+ if (!res->msgs) {
+ ret = LDB_ERR_OPERATIONS_ERROR;
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return ret;
+ }
+
+ res->msgs[res->count + 1] = NULL;
+
+ res->msgs[res->count] = talloc_steal(res->msgs, rep->message);
+ res->count++;
+
+ break;
+
+ case LDB_REPLY_DONE:
+
+ msg = ldb_msg_new(cbctx);
+ if (!msg) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ msg->dn = group_ctx->dn;
+
+ switch (res->count) {
+ case 0:
+ flags = LDB_FLAG_MOD_ADD;
+ break;
+ case 1:
+ flags = LDB_FLAG_MOD_REPLACE;
+ break;
+ default:
+ DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
+ res->count));
+
+ return_error(cbctx, EFAULT);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(res);
+ group_ctx->res = res = NULL;
+
+ if (flags == LDB_FLAG_MOD_ADD) {
+ ret = add_string(msg, flags, "objectClass", SYSDB_GROUP_CLASS);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ ret = add_string(msg, flags, SYSDB_GR_NAME, group_ctx->name);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ }
+
+ if (group_ctx->gid) {
+ ret = add_ulong(msg, flags, SYSDB_GR_GIDNUM,
+ (unsigned long)(group_ctx->gid));
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ } else {
+ DEBUG(0, ("Cached groups can't have GID == 0\n"));
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ /* members */
+ if (group_ctx->members && group_ctx->members[0]) {
+ ret = ldb_msg_add_empty(msg, SYSDB_LEGACY_MEMBER, flags, NULL);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ for (i = 0; group_ctx->members[i]; i++) {
+ ret = ldb_msg_add_string(msg, SYSDB_LEGACY_MEMBER,
+ group_ctx->members[i]);
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ }
+ }
+
+ /* modification time */
+ ret = add_ulong(msg, flags, SYSDB_LAST_UPDATE,
+ (unsigned long)time(NULL));
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, ENOMEM);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ if (flags == LDB_FLAG_MOD_ADD) {
+ ret = ldb_build_add_req(&greq, ctx->ldb, cbctx, msg, NULL,
+ cbctx, sysdb_op_callback, NULL);
+ } else {
+ ret = ldb_build_mod_req(&greq, ctx->ldb, cbctx, msg, NULL,
+ cbctx, sysdb_op_callback, NULL);
+ }
+ if (ret == LDB_SUCCESS) {
+ ret = ldb_request(ctx->ldb, greq);
+ }
+ if (ret != LDB_SUCCESS) {
+ return_error(cbctx, sysdb_error_to_errno(ret));
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+ break;
+
+ default:
+ return_error(cbctx, EINVAL);
+ return LDB_ERR_OPERATIONS_ERROR;
+ }
+
+ talloc_free(rep);
+ return LDB_SUCCESS;
+}
+
diff --git a/server/db/sysdb_private.h b/server/db/sysdb_private.h
index c649af4a..35cafb0d 100644
--- a/server/db/sysdb_private.h
+++ b/server/db/sysdb_private.h
@@ -78,18 +78,8 @@ struct sysdb_ctx {
struct sysdb_req *queue;
};
-typedef void (*sysdb_req_fn_t)(struct sysdb_req *, void *pvt);
-
int sysdb_error_to_errno(int ldberr);
-int sysdb_transaction(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *ctx,
- sysdb_req_fn_t fn, void *pvt);
-void sysdb_transaction_done(struct sysdb_req *req, int status);
-
-int sysdb_operation(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *ctx,
- sysdb_req_fn_t fn, void *pvt);
-void sysdb_operation_done(struct sysdb_req *req);
+bool sysdb_req_check_running(struct sysdb_req *req);
#endif /* __INT_SYS_DB_H__ */
diff --git a/server/db/sysdb_req.c b/server/db/sysdb_req.c
index fcbd17b8..161431cc 100644
--- a/server/db/sysdb_req.c
+++ b/server/db/sysdb_req.c
@@ -34,6 +34,17 @@ struct sysdb_req {
bool transaction_active;
};
+bool sysdb_req_check_running(struct sysdb_req *req)
+{
+ if (req->ctx->queue == req) return true;
+ return false;
+}
+
+struct sysdb_ctx *sysdb_req_get_ctx(struct sysdb_req *req)
+{
+ return req->ctx;
+}
+
static void sysdb_req_run(struct tevent_context *ev,
struct tevent_timer *te,
struct timeval tv, void *ptr)
diff --git a/server/db/sysdb_search.c b/server/db/sysdb_search.c
index 5a355a0f..bb71079b 100644
--- a/server/db/sysdb_search.c
+++ b/server/db/sysdb_search.c
@@ -102,7 +102,7 @@ static void request_done(struct sysdb_search_ctx *sctx)
}
static int get_gen_callback(struct ldb_request *req,
- struct ldb_reply *ares)
+ struct ldb_reply *rep)
{
struct sysdb_search_ctx *sctx;
struct ldb_result *res;
@@ -111,16 +111,16 @@ static int get_gen_callback(struct ldb_request *req,
sctx = talloc_get_type(req->context, struct sysdb_search_ctx);
res = sctx->res;
- if (!ares) {
+ if (!rep) {
request_ldberror(sctx, LDB_ERR_OPERATIONS_ERROR);
return LDB_ERR_OPERATIONS_ERROR;
}
- if (ares->error != LDB_SUCCESS) {
- request_ldberror(sctx, ares->error);
- return ares->error;
+ if (rep->error != LDB_SUCCESS) {
+ request_ldberror(sctx, rep->error);
+ return rep->error;
}
- switch (ares->type) {
+ switch (rep->type) {
case LDB_REPLY_ENTRY:
res->msgs = talloc_realloc(res, res->msgs,
struct ldb_message *,
@@ -132,7 +132,7 @@ static int get_gen_callback(struct ldb_request *req,
res->msgs[res->count + 1] = NULL;
- res->msgs[res->count] = talloc_steal(res->msgs, ares->message);
+ res->msgs[res->count] = talloc_steal(res->msgs, rep->message);
res->count++;
break;
@@ -149,12 +149,12 @@ static int get_gen_callback(struct ldb_request *req,
return LDB_ERR_OPERATIONS_ERROR;
}
- res->refs[n] = talloc_steal(res->refs, ares->referral);
+ res->refs[n] = talloc_steal(res->refs, rep->referral);
res->refs[n + 1] = NULL;
break;
case LDB_REPLY_DONE:
- res->controls = talloc_steal(res, ares->controls);
+ res->controls = talloc_steal(res, rep->controls);
/* check if we need to call any aux function */
if (sctx->gen_aux_fn) {
@@ -166,7 +166,7 @@ static int get_gen_callback(struct ldb_request *req,
return LDB_SUCCESS;
}
- talloc_free(ares);
+ talloc_free(rep);
return LDB_SUCCESS;
}
@@ -351,7 +351,7 @@ static void get_members(struct sysdb_search_ctx *sctx)
}
static int get_grp_callback(struct ldb_request *req,
- struct ldb_reply *ares)
+ struct ldb_reply *rep)
{
struct sysdb_search_ctx *sctx;
struct sysdb_ctx *ctx;
@@ -362,16 +362,16 @@ static int get_grp_callback(struct ldb_request *req,
ctx = sctx->ctx;
res = sctx->res;
- if (!ares) {
+ if (!rep) {
request_ldberror(sctx, LDB_ERR_OPERATIONS_ERROR);
return LDB_ERR_OPERATIONS_ERROR;
}
- if (ares->error != LDB_SUCCESS) {
- request_ldberror(sctx, ares->error);
- return ares->error;
+ if (rep->error != LDB_SUCCESS) {
+ request_ldberror(sctx, rep->error);
+ return rep->error;
}
- switch (ares->type) {
+ switch (rep->type) {
case LDB_REPLY_ENTRY:
res->msgs = talloc_realloc(res, res->msgs,
struct ldb_message *,
@@ -383,7 +383,7 @@ static int get_grp_callback(struct ldb_request *req,
res->msgs[res->count + 1] = NULL;
- res->msgs[res->count] = talloc_steal(res->msgs, ares->message);
+ res->msgs[res->count] = talloc_steal(res->msgs, rep->message);
res->count++;
break;
@@ -400,12 +400,12 @@ static int get_grp_callback(struct ldb_request *req,
return LDB_ERR_OPERATIONS_ERROR;
}
- res->refs[n] = talloc_steal(res->refs, ares->referral);
+ res->refs[n] = talloc_steal(res->refs, rep->referral);
res->refs[n + 1] = NULL;
break;
case LDB_REPLY_DONE:
- res->controls = talloc_steal(res, ares->controls);
+ res->controls = talloc_steal(res, rep->controls);
/* no results, return */
if (res->count == 0) {
@@ -434,7 +434,7 @@ static int get_grp_callback(struct ldb_request *req,
return LDB_ERR_OPERATIONS_ERROR;
}
- talloc_free(ares);
+ talloc_free(rep);
return LDB_SUCCESS;
}
diff --git a/server/db/sysdb_sync.c b/server/db/sysdb_sync.c
deleted file mode 100644
index 1910e9fc..00000000
--- a/server/db/sysdb_sync.c
+++ /dev/null
@@ -1,880 +0,0 @@
-/*
- SSSD
-
- System Database
-
- Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
- the Free Software Foundation; either version 3 of the License, or
- (at your option) any later version.
-
- This program is distributed in the hope that it will be useful,
- but WITHOUT ANY WARRANTY; without even the implied warranty of
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- GNU General Public License for more details.
-
- You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>.
-*/
-
-#include "util/util.h"
-#include "db/sysdb_private.h"
-#include <time.h>
-
-/* the following are all SYNCHRONOUS calls
- * TODO: make these asynchronous */
-
-int sysdb_add_group_member(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- struct ldb_dn *member_dn,
- struct ldb_dn *group_dn)
-{
- TALLOC_CTX *tmp_ctx;
- int ret, lret;
- struct ldb_message *msg;
-
- tmp_ctx = talloc_new(mem_ctx);
- if (!tmp_ctx) return ENOMEM;
-
- /* Add the member_dn as a member of the group */
- msg = ldb_msg_new(tmp_ctx);
- if(msg == NULL) {
- ret = ENOMEM;
- goto done;
- }
- msg->dn = group_dn;
- lret = ldb_msg_add_empty(msg, SYSDB_GR_MEMBER,
- LDB_FLAG_MOD_ADD, NULL);
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- lret = ldb_msg_add_fmt(msg, SYSDB_GR_MEMBER, "%s",
- ldb_dn_get_linearized(member_dn));
- if (lret != LDB_SUCCESS) {
- ret = EINVAL;
- goto done;
- }
-
- lret = ldb_modify(sysdb->ldb, msg);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make modify request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int sysdb_remove_group_member(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- struct ldb_dn *member_dn,
- struct ldb_dn *group_dn)
-{
- TALLOC_CTX *tmp_ctx;
- int ret, lret;
- struct ldb_message *msg;
-
- tmp_ctx = talloc_new(mem_ctx);
- if (!tmp_ctx) return ENOMEM;
-
- /* Add the member_dn as a member of the group */
- msg = ldb_msg_new(tmp_ctx);
- if(msg == NULL) {
- ret = ENOMEM;
- goto done;
- }
- msg->dn = group_dn;
- lret = ldb_msg_add_empty(msg, SYSDB_GR_MEMBER,
- LDB_FLAG_MOD_DELETE, NULL);
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- lret = ldb_msg_add_fmt(msg, SYSDB_GR_MEMBER, "%s",
- ldb_dn_get_linearized(member_dn));
- if (lret != LDB_SUCCESS) {
- ret = EINVAL;
- goto done;
- }
-
- lret = ldb_modify(sysdb->ldb, msg);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make modify request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-/* "sysdb_legacy_" functions
- * the set of functions named sysdb_legacy_* are used by modules
- * that only have access to strictly posix like databases where
- * user and groups names are retrieved as strings, groups can't
- * be nested and can't reference foreign sources */
-
-int sysdb_legacy_store_user(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *name, const char *pwd,
- uid_t uid, gid_t gid, const char *gecos,
- const char *homedir, const char *shell)
-{
- TALLOC_CTX *tmp_ctx;
- const char *attrs[] = { SYSDB_PW_NAME, NULL };
- struct ldb_dn *user_dn;
- struct ldb_message *msg;
- struct ldb_request *req;
- struct ldb_result *res;
- int lret, ret;
- int flags;
-
- tmp_ctx = talloc_new(memctx);
- if (!tmp_ctx) {
- return ENOMEM;
- }
-
- user_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
- name, domain);
- if (!user_dn) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- lret = ldb_transaction_start(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- ret = EIO;
- goto done;
- }
-
- lret = ldb_search(sysdb->ldb, tmp_ctx, &res, user_dn,
- LDB_SCOPE_BASE, attrs, SYSDB_PWENT_FILTER);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make search request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- req = NULL;
-
- msg = ldb_msg_new(tmp_ctx);
- if (!msg) {
- ret = ENOMEM;
- goto done;
- }
- msg->dn = user_dn;
-
- switch (res->count) {
- case 0:
- flags = LDB_FLAG_MOD_ADD;
- break;
- case 1:
- flags = LDB_FLAG_MOD_REPLACE;
- break;
- default:
- DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
- res->count));
- ret = EIO;
- goto done;
- }
-
- talloc_free(res);
- res = NULL;
-
- if (flags == LDB_FLAG_MOD_ADD) {
- /* TODO: retrieve user objectclass list from configuration */
- lret = ldb_msg_add_empty(msg, "objectClass", flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, "objectClass", "user");
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* TODO: retrieve user name attribute from configuration */
- lret = ldb_msg_add_empty(msg, SYSDB_PW_NAME, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_PW_NAME, name);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- }
-
- /* TODO: retrieve attribute name mappings from configuration */
-
- /* pwd */
- if (pwd && *pwd) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_PWD, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_PW_PWD, pwd);
- }
- } else {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_PWD,
- LDB_FLAG_MOD_DELETE, NULL);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* uid */
- if (uid) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_UIDNUM, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_fmt(msg, SYSDB_PW_UIDNUM,
- "%lu", (unsigned long)uid);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- } else {
- DEBUG(0, ("Cached users can't have UID == 0\n"));
- ret = EINVAL;
- goto done;
- }
-
- /* gid */
- if (gid) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_GIDNUM, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_fmt(msg, SYSDB_PW_GIDNUM,
- "%lu", (unsigned long)gid);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- } else {
- DEBUG(0, ("Cached users can't have GID == 0\n"));
- ret = EINVAL;
- goto done;
- }
-
- /* gecos */
- if (gecos && *gecos) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_FULLNAME, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_PW_FULLNAME, gecos);
- }
- } else {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_FULLNAME,
- LDB_FLAG_MOD_DELETE, NULL);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* homedir */
- if (homedir && *homedir) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_HOMEDIR, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_PW_HOMEDIR, homedir);
- }
- } else {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_HOMEDIR,
- LDB_FLAG_MOD_DELETE, NULL);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* shell */
- if (shell && *shell) {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_SHELL, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_PW_SHELL, shell);
- }
- } else {
- lret = ldb_msg_add_empty(msg, SYSDB_PW_SHELL,
- LDB_FLAG_MOD_DELETE, NULL);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* modification time */
- lret = ldb_msg_add_empty(msg, SYSDB_LAST_UPDATE, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_fmt(msg, SYSDB_LAST_UPDATE,
- "%ld", (long int)time(NULL));
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- if (flags == LDB_FLAG_MOD_ADD) {
- lret = ldb_build_add_req(&req, sysdb->ldb, tmp_ctx, msg, NULL,
- NULL, ldb_op_default_callback, NULL);
- } else {
- lret = ldb_build_mod_req(&req, sysdb->ldb, tmp_ctx, msg, NULL,
- NULL, ldb_op_default_callback, NULL);
- }
- if (lret == LDB_SUCCESS) {
- lret = ldb_request(sysdb->ldb, req);
- if (lret == LDB_SUCCESS) {
- lret = ldb_wait(req->handle, LDB_WAIT_ALL);
- }
- }
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make modify request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- if (ret == EOK) {
- lret = ldb_transaction_commit(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- ret = EIO;
- }
- } else {
- lret = ldb_transaction_cancel(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to cancel ldb transaction (%d)\n", lret));
- ret = EIO;
- }
- }
-
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int sysdb_delete_user(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, const char *name)
-{
- TALLOC_CTX *tmp_ctx;
- struct ldb_dn *user_dn;
- int lret, ret = EOK;
-
- tmp_ctx = talloc_new(memctx);
- if (!tmp_ctx) {
- return ENOMEM;
- }
-
- user_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
- name, domain);
- if (!user_dn) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- lret = ldb_delete(sysdb->ldb, user_dn);
-
- if (lret != LDB_SUCCESS && lret != LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
- ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- }
-
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int sysdb_delete_user_by_uid(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, uid_t uid)
-{
- TALLOC_CTX *tmp_ctx;
- const char *attrs[] = { SYSDB_PW_NAME, SYSDB_PW_UIDNUM, NULL };
- struct ldb_dn *base_dn;
- struct ldb_dn *user_dn;
- struct ldb_result *res;
- int lret, ret;
-
- tmp_ctx = talloc_new(memctx);
- if (!tmp_ctx) {
- return ENOMEM;
- }
-
- base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_USER_BASE, domain);
- if (!base_dn) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- lret = ldb_transaction_start(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- ret = EIO;
- goto done;
- }
-
- lret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
- LDB_SCOPE_ONELEVEL, attrs,
- SYSDB_PWUID_FILTER,
- (unsigned long)uid);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make search request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- if (res->count == 0) {
- DEBUG(7, ("Base search returned no results\n"));
- ret = EOK;
- goto done;
- }
- if (res->count > 1) {
- DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
- res->count));
- ret = EIO;
- goto done;
- }
-
- user_dn = ldb_dn_copy(tmp_ctx, res->msgs[0]->dn);
- if (!user_dn) {
- ret = ENOMEM;
- goto done;
- }
-
- talloc_free(res);
- res = NULL;
-
- lret = ldb_delete(sysdb->ldb, user_dn);
-
- if (lret != LDB_SUCCESS && lret != LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
- ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- if (ret == EOK) {
- lret = ldb_transaction_commit(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction commit !! (%d)\n", lret));
- ret = EIO;
- }
- } else {
- lret = ldb_transaction_cancel(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to cancel ldb transaction (%d)\n", lret));
- ret = EIO;
- }
- }
-
- talloc_free(tmp_ctx);
- return ret;
-}
-
-/* this function does not check that all user members are actually present */
-
-int sysdb_legacy_store_group(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *name, gid_t gid,
- char **members)
-{
- TALLOC_CTX *tmp_ctx;
- const char *attrs[] = { SYSDB_GR_NAME, NULL };
- struct ldb_dn *group_dn;
- struct ldb_result *res;
- struct ldb_message *msg;
- int i, ret, lret;
- int flags;
-
- tmp_ctx = talloc_new(memctx);
- if (tmp_ctx == NULL) {
- return ENOMEM;
- }
-
- group_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE,
- name, domain);
- if (group_dn == NULL) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- /* Start a transaction to ensure that nothing changes
- * underneath us while we're working
- */
- lret = ldb_transaction_start(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- talloc_free(tmp_ctx);
- return EIO;
- }
-
- /* Determine if the group already exists */
- lret = ldb_search(sysdb->ldb, tmp_ctx, &res, group_dn,
- LDB_SCOPE_BASE, attrs, SYSDB_GRENT_FILTER);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make search request: %s(%d)[%s]\b",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- switch(res->count) {
- case 0:
- flags = LDB_FLAG_MOD_ADD;
- DEBUG(7, ("Adding new entry\n"));
- break;
- case 1:
- flags = LDB_FLAG_MOD_REPLACE;
- DEBUG(7, ("Replacing existing entry\n"));
- break;
- default:
- DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
- res->count));
- ret = EIO;
- goto done;
- }
- talloc_free(res);
- res = NULL;
-
- /* Set up the add/replace request */
- msg = ldb_msg_new(tmp_ctx);
- if (msg == NULL) {
- ret = ENOMEM;
- goto done;
- }
- msg->dn = group_dn;
-
- if (flags == LDB_FLAG_MOD_ADD) {
- lret = ldb_msg_add_empty(msg, "objectClass", flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, "objectClass", "group");
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- lret = ldb_msg_add_empty(msg, SYSDB_GR_NAME, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_string(msg, SYSDB_GR_NAME, name);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- }
-
- /* gid */
- if (gid) {
- lret = ldb_msg_add_empty(msg, SYSDB_GR_GIDNUM, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_fmt(msg, SYSDB_GR_GIDNUM,
- "%lu", (unsigned long)gid);
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- } else {
- DEBUG(0, ("Cached groups can't have GID == 0\n"));
- ret = EINVAL;
- goto done;
- }
-
- /* modification time */
- lret = ldb_msg_add_empty(msg, SYSDB_LAST_UPDATE, flags, NULL);
- if (lret == LDB_SUCCESS) {
- lret = ldb_msg_add_fmt(msg, SYSDB_LAST_UPDATE,
- "%ld", (long int)time(NULL));
- }
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
-
- /* members */
- if (members && members[0]) {
- lret = ldb_msg_add_empty(msg, SYSDB_LEGACY_MEMBER, flags, NULL);
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- for (i = 0; members[i]; i++) {
- lret = ldb_msg_add_string(msg, SYSDB_LEGACY_MEMBER, members[i]);
- if (lret != LDB_SUCCESS) {
- ret = ENOMEM;
- goto done;
- }
- }
- }
-
- if (flags == LDB_FLAG_MOD_ADD) {
- lret = ldb_add(sysdb->ldb, msg);
- } else {
- lret = ldb_modify(sysdb->ldb, msg);
- }
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make modify request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- if (ret == EOK) {
- lret = ldb_transaction_commit(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- ret = EIO;
- }
- } else {
- lret = ldb_transaction_cancel(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to cancel ldb transaction (%d)\n", lret));
- ret = EIO;
- }
- }
- talloc_free(tmp_ctx);
- return ret;
-}
-
-/* Wrapper around adding a user to a POSIX group */
-int sysdb_add_user_to_group(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *group,
- const char *username)
-{
- TALLOC_CTX *tmp_ctx;
- int ret;
- struct ldb_dn *user_dn;
- struct ldb_dn *group_dn;
-
-
- if (!sysdb || !domain || !group || !username) {
- return EINVAL;
- }
-
- tmp_ctx = talloc_new(mem_ctx);
- if (tmp_ctx == NULL) {
- return ENOMEM;
- }
-
- user_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
- username, domain);
- if (!user_dn) {
- ret = ENOMEM;
- goto done;
- }
-
- group_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE,
- group, domain);
- if (group_dn == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- ret = sysdb_add_group_member(tmp_ctx, sysdb, user_dn, group_dn);
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-/* Wrapper around adding a user to a POSIX group */
-int sysdb_remove_user_from_group(TALLOC_CTX *mem_ctx,
- struct sysdb_ctx *sysdb,
- const char *domain,
- const char *group,
- const char *username)
-{
- TALLOC_CTX *tmp_ctx;
- int ret;
- struct ldb_dn *user_dn;
- struct ldb_dn *group_dn;
-
-
- if (!sysdb || !domain || !group || !username) {
- return EINVAL;
- }
-
- tmp_ctx = talloc_new(mem_ctx);
- if (tmp_ctx == NULL) {
- return ENOMEM;
- }
-
- user_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
- username, domain);
- if (!user_dn) {
- ret = ENOMEM;
- goto done;
- }
-
- group_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE,
- group, domain);
- if (group_dn == NULL) {
- ret = ENOMEM;
- goto done;
- }
-
- ret = sysdb_remove_group_member(tmp_ctx, sysdb, user_dn, group_dn);
-
-done:
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int sysdb_delete_group(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, const char *name)
-{
- TALLOC_CTX *tmp_ctx;
- struct ldb_dn *group_dn;
- int lret, ret = EOK;
-
- tmp_ctx = talloc_new(memctx);
- if (!tmp_ctx) {
- return ENOMEM;
- }
-
- group_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE,
- name, domain);
- if (!group_dn) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- lret = ldb_delete(sysdb->ldb, group_dn);
-
- if (lret != LDB_SUCCESS && lret != LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
- ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- }
-
- talloc_free(tmp_ctx);
- return ret;
-}
-
-int sysdb_delete_group_by_gid(TALLOC_CTX *memctx,
- struct sysdb_ctx *sysdb,
- const char *domain, gid_t gid)
-{
- TALLOC_CTX *tmp_ctx;
- const char *attrs[] = { SYSDB_GR_NAME, SYSDB_GR_GIDNUM, NULL };
- struct ldb_dn *base_dn;
- struct ldb_dn *group_dn;
- struct ldb_result *res;
- int lret, ret;
-
- tmp_ctx = talloc_new(memctx);
- if (!tmp_ctx) {
- return ENOMEM;
- }
-
- base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- SYSDB_TMPL_GROUP_BASE, domain);
- if (!base_dn) {
- talloc_free(tmp_ctx);
- return ENOMEM;
- }
-
- lret = ldb_transaction_start(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
- ret = EIO;
- goto done;
- }
-
- lret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
- LDB_SCOPE_ONELEVEL, attrs,
- SYSDB_GRGID_FILTER,
- (unsigned long)gid);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to make search request: %s(%d)[%s]\n",
- ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- if (res->count == 0) {
- DEBUG(7, ("Base search returned no results\n"));
- ret = EOK;
- goto done;
- }
- if (res->count > 1) {
- DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
- res->count));
- ret = EIO;
- goto done;
- }
-
- group_dn = ldb_dn_copy(tmp_ctx, res->msgs[0]->dn);
- if (!group_dn) {
- ret = ENOMEM;
- goto done;
- }
-
- talloc_free(res);
- res = NULL;
-
- lret = ldb_delete(sysdb->ldb, group_dn);
-
- if (lret != LDB_SUCCESS && lret != LDB_ERR_NO_SUCH_OBJECT) {
- DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
- ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
- ret = EIO;
- goto done;
- }
-
- ret = EOK;
-
-done:
- if (ret == EOK) {
- lret = ldb_transaction_commit(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed ldb transaction commit !! (%d)\n", lret));
- ret = EIO;
- }
- } else {
- lret = ldb_transaction_cancel(sysdb->ldb);
- if (lret != LDB_SUCCESS) {
- DEBUG(1, ("Failed to cancel ldb transaction (%d)\n", lret));
- ret = EIO;
- }
- }
-
- talloc_free(tmp_ctx);
- return ret;
-}
-