summaryrefslogtreecommitdiff
path: root/server/tools
diff options
context:
space:
mode:
Diffstat (limited to 'server/tools')
-rw-r--r--server/tools/sss_groupmod.c281
1 files changed, 281 insertions, 0 deletions
diff --git a/server/tools/sss_groupmod.c b/server/tools/sss_groupmod.c
new file mode 100644
index 00000000..020a1f2e
--- /dev/null
+++ b/server/tools/sss_groupmod.c
@@ -0,0 +1,281 @@
+/*
+ SSSD
+
+ sss_groupmod
+
+ Copyright (C) Jakub Hrozek <jhrozek@redhat.com> 2009
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <talloc.h>
+#include <popt.h>
+#include <errno.h>
+#include <sys/types.h>
+
+#include "util/util.h"
+#include "db/sysdb.h"
+#include "tools/tools_util.h"
+
+struct group_mod_ctx {
+ struct sysdb_req *sysreq;
+ struct sss_domain_info *domain;
+
+ struct tools_ctx *ctx;
+
+ gid_t gid;
+ const char *groupname;
+
+ char **addgroups;
+ char **rmgroups;
+ int cur;
+
+ int error;
+ bool done;
+};
+
+/* sysdb callback */
+static void mod_group_done(void *pvt, int error, struct ldb_result *ignore)
+{
+ struct group_mod_ctx *data = talloc_get_type(pvt, struct group_mod_ctx);
+
+ data->done = true;
+
+ sysdb_transaction_done(data->sysreq, error);
+
+ if (error)
+ data->error = error;
+}
+
+static void add_to_groups(void *, int, struct ldb_result *);
+
+/* sysdb_req_fn_t */
+static void mod_group(struct sysdb_req *req, void *pvt)
+{
+ struct group_mod_ctx *group_ctx;
+ int ret;
+
+ group_ctx = talloc_get_type(pvt, struct group_mod_ctx);
+ group_ctx->sysreq = req;
+
+ if(group_ctx->gid == 0) {
+ add_to_groups(group_ctx, EOK, NULL);
+ } else {
+ ret = sysdb_set_group_gid(req,
+ group_ctx->domain,
+ group_ctx->groupname,
+ group_ctx->gid,
+ mod_group_done,
+ group_ctx);
+ if (ret != EOK) {
+ mod_group_done(group_ctx, ret, NULL);
+ }
+ }
+}
+
+static void remove_from_groups(void *pvt, int error, struct ldb_result *ignore)
+{
+ struct group_mod_ctx *group_ctx = talloc_get_type(pvt, struct group_mod_ctx);
+ struct ldb_dn *group_dn;
+ struct ldb_dn *parent_group_dn;
+ int ret;
+
+ if (error) {
+ mod_group_done(pvt, error, NULL);
+ return;
+ }
+
+ /* check if we removed all of them */
+ if (group_ctx->rmgroups == NULL ||
+ group_ctx->rmgroups[group_ctx->cur] == NULL) {
+ mod_group_done(group_ctx, EOK, NULL);
+ return;
+ }
+
+ group_dn = sysdb_group_dn(group_ctx->ctx->sysdb, group_ctx,
+ group_ctx->domain->name, group_ctx->groupname);
+ if (!group_dn) {
+ mod_group_done(pvt, ENOMEM, NULL);
+ return;
+ }
+
+ parent_group_dn = sysdb_group_dn(group_ctx->ctx->sysdb, group_ctx,
+ group_ctx->domain->name,
+ group_ctx->rmgroups[group_ctx->cur]);
+ if (!parent_group_dn) {
+ mod_group_done(pvt, ENOMEM, NULL);
+ return;
+ }
+
+ ret = sysdb_remove_group_member(group_ctx->sysreq,
+ group_dn, parent_group_dn,
+ remove_from_groups, group_ctx);
+ if (ret != EOK)
+ mod_group_done(group_ctx, ret, NULL);
+
+ /* go on to next group */
+ group_ctx->cur++;
+}
+
+static void add_to_groups(void *pvt, int error, struct ldb_result *ignore)
+{
+ struct group_mod_ctx *group_ctx = talloc_get_type(pvt, struct group_mod_ctx);
+ struct ldb_dn *group_dn;
+ struct ldb_dn *parent_group_dn;
+ int ret;
+
+ if (error) {
+ mod_group_done(pvt, error, NULL);
+ return;
+ }
+
+ /* check if we added all of them */
+ if (group_ctx->addgroups == NULL ||
+ group_ctx->addgroups[group_ctx->cur] == NULL) {
+ group_ctx->cur = 0;
+ remove_from_groups(group_ctx, EOK, NULL);
+ return;
+ }
+
+ group_dn = sysdb_group_dn(group_ctx->ctx->sysdb, group_ctx,
+ group_ctx->domain->name, group_ctx->groupname);
+ if (!group_dn) {
+ mod_group_done(pvt, ENOMEM, NULL);
+ return;
+ }
+
+ parent_group_dn = sysdb_group_dn(group_ctx->ctx->sysdb, group_ctx,
+ group_ctx->domain->name,
+ group_ctx->addgroups[group_ctx->cur]);
+ if (!parent_group_dn) {
+ mod_group_done(pvt, ENOMEM, NULL);
+ return;
+ }
+
+ ret = sysdb_add_group_member(group_ctx->sysreq,
+ group_dn, parent_group_dn,
+ add_to_groups, group_ctx);
+ if (ret != EOK)
+ mod_group_done(group_ctx, ret, NULL);
+
+ /* go on to next group */
+ group_ctx->cur++;
+}
+
+int main(int argc, const char **argv)
+{
+ gid_t pc_gid = 0;
+ struct poptOption long_options[] = {
+ POPT_AUTOHELP
+ { "append-group", 'a', POPT_ARG_STRING, NULL, 'a', "Groups to add this group to", NULL },
+ { "remove-group", 'r', POPT_ARG_STRING, NULL, 'r', "Groups to remove this group from", NULL },
+ { "gid", 'g', POPT_ARG_INT, &pc_gid, 0, "The GID of the group", NULL },
+ POPT_TABLEEND
+ };
+ poptContext pc = NULL;
+ struct group_mod_ctx *group_ctx = NULL;
+ struct tools_ctx *ctx = NULL;
+ char *groups;
+ int ret;
+
+ debug_prg_name = argv[0];
+
+ ret = setup_db(&ctx);
+ if (ret != EOK) {
+ DEBUG(0, ("Could not set up database\n"));
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ group_ctx = talloc_zero(ctx, struct group_mod_ctx);
+ if (group_ctx == NULL) {
+ DEBUG(0, ("Could not allocate memory for group_ctx context\n"));
+ return ENOMEM;
+ }
+ group_ctx->ctx = ctx;
+
+ /* parse group_ctx */
+ pc = poptGetContext(NULL, argc, argv, long_options, 0);
+ poptSetOtherOptionHelp(pc, "USERNAME");
+ while ((ret = poptGetNextOpt(pc)) > 0) {
+ if (ret == 'a' || ret == 'r') {
+ groups = poptGetOptArg(pc);
+ if (!groups) {
+ ret = -1;
+ break;
+ }
+
+ ret = parse_groups(ctx,
+ groups,
+ (ret == 'a') ? (&group_ctx->addgroups) : (&group_ctx->rmgroups));
+
+ free(groups);
+ if (ret != EOK) {
+ break;
+ }
+ }
+ }
+
+ if(ret != -1) {
+ usage(pc, poptStrerror(ret));
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ /* groupname is an argument without --option */
+ group_ctx->groupname = poptGetArg(pc);
+ if (group_ctx->groupname == NULL) {
+ usage(pc, "Specify group to modify\n");
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ group_ctx->gid = pc_gid;
+
+ /* arguments processed, go on to actual work */
+ group_ctx->domain = btreemap_get_value(ctx->domains, "LOCAL");
+ if (group_ctx->domain == NULL) {
+ DEBUG(0, ("Could not get the domain\n"));
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ ret = sysdb_transaction(ctx, ctx->sysdb, mod_group, group_ctx);
+ if (ret != EOK) {
+ DEBUG(0, ("Could not start transaction (%d)[%s]\n",
+ ret, strerror(ret)));
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ while (!group_ctx->done) {
+ tevent_loop_once(ctx->ev);
+ }
+
+ if (group_ctx->error) {
+ ret = group_ctx->error;
+ DEBUG(0, ("Operation failed (%d)[%s]\n", ret, strerror(ret)));
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ ret = EXIT_SUCCESS;
+
+fini:
+ poptFreeContext(pc);
+ talloc_free(ctx);
+ exit(ret);
+}