summaryrefslogtreecommitdiff
path: root/server
diff options
context:
space:
mode:
Diffstat (limited to 'server')
-rw-r--r--server/db/sysdb.c135
-rw-r--r--server/db/sysdb.h8
-rw-r--r--server/tests/sysdb-tests.c129
3 files changed, 253 insertions, 19 deletions
diff --git a/server/db/sysdb.c b/server/db/sysdb.c
index 31233e58..ab338746 100644
--- a/server/db/sysdb.c
+++ b/server/db/sysdb.c
@@ -755,7 +755,7 @@ int sysdb_store_account_posix(TALLOC_CTX *memctx,
}
account_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- "uid=%s,"SYSDB_TMPL_USER_BASE,
+ SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
name, domain);
if (!account_dn) {
talloc_free(tmp_ctx);
@@ -988,7 +988,7 @@ int sysdb_remove_account_posix(TALLOC_CTX *memctx,
}
account_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
- "uid=%s,"SYSDB_TMPL_USER_BASE,
+ SYSDB_PW_NAME"=%s,"SYSDB_TMPL_USER_BASE,
name, domain);
if (!account_dn) {
talloc_free(tmp_ctx);
@@ -1038,7 +1038,7 @@ int sysdb_remove_account_posix_by_uid(TALLOC_CTX *memctx,
}
lret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
- LDB_SCOPE_BASE, attrs,
+ LDB_SCOPE_ONELEVEL, attrs,
SYSDB_PWUID_FILTER,
(unsigned long)uid);
if (lret != LDB_SUCCESS) {
@@ -1049,6 +1049,8 @@ int sysdb_remove_account_posix_by_uid(TALLOC_CTX *memctx,
}
if (res->count == 0) {
+ DEBUG(0, ("Base search returned %d results\n",
+ res->count));
ret = EOK;
goto done;
}
@@ -1097,6 +1099,7 @@ done:
talloc_free(tmp_ctx);
return ret;
}
+
int sysdb_store_group_posix(TALLOC_CTX *memctx,
struct sysdb_ctx *sysdb,
const char *domain,
@@ -1458,6 +1461,132 @@ done:
return ret;
}
+int sysdb_remove_group_posix(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ const char *domain, const char *name)
+{
+ TALLOC_CTX *tmp_ctx;
+ struct ldb_dn *group_dn;
+ int ret;
+
+ tmp_ctx = talloc_new(memctx);
+ if (!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ group_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
+ SYSDB_GR_NAME"=%s,"SYSDB_TMPL_GROUP_BASE,
+ name, domain);
+ if (!group_dn) {
+ talloc_free(tmp_ctx);
+ return ENOMEM;
+ }
+
+ ret = ldb_delete(sysdb->ldb, group_dn);
+
+ if (ret != LDB_SUCCESS) {
+ DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
+ ret = EIO;
+ }
+
+ talloc_free(tmp_ctx);
+ return ret;
+}
+
+int sysdb_remove_group_posix_by_gid(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ const char *domain, gid_t gid)
+{
+ TALLOC_CTX *tmp_ctx;
+ const char *attrs[] = { SYSDB_GR_NAME, SYSDB_GR_GIDNUM, NULL };
+ struct ldb_dn *base_dn;
+ struct ldb_dn *group_dn;
+ struct ldb_result *res;
+ int lret, ret;
+
+ tmp_ctx = talloc_new(memctx);
+ if (!tmp_ctx) {
+ return ENOMEM;
+ }
+
+ base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
+ SYSDB_TMPL_GROUP_BASE, domain);
+ if (!base_dn) {
+ talloc_free(tmp_ctx);
+ return ENOMEM;
+ }
+
+ lret = ldb_transaction_start(sysdb->ldb);
+ if (lret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed ldb transaction start !? (%d)\n", lret));
+ ret = EIO;
+ goto done;
+ }
+
+ lret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
+ LDB_SCOPE_ONELEVEL, attrs,
+ SYSDB_GRGID_FILTER,
+ (unsigned long)gid);
+ if (lret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to make search request: %s(%d)[%s]\n",
+ ldb_strerror(lret), lret, ldb_errstring(sysdb->ldb)));
+ ret = EIO;
+ goto done;
+ }
+
+ if (res->count == 0) {
+ DEBUG(0, ("Base search returned %d results\n",
+ res->count));
+ ret = EOK;
+ goto done;
+ }
+ if (res->count > 1) {
+ DEBUG(0, ("Cache DB corrupted, base search returned %d results\n",
+ res->count));
+ ret = EOK;
+ goto done;
+ }
+
+ group_dn = ldb_dn_copy(tmp_ctx, res->msgs[0]->dn);
+ if (!group_dn) {
+ ret = ENOMEM;
+ goto done;
+ }
+
+ talloc_free(res);
+ res = NULL;
+
+ ret = ldb_delete(sysdb->ldb, group_dn);
+
+ if (ret != LDB_SUCCESS) {
+ DEBUG(2, ("LDB Error: %s(%d)\nError Message: [%s]\n",
+ ldb_strerror(ret), ret, ldb_errstring(sysdb->ldb)));
+ ret = EIO;
+ goto done;
+ }
+
+ lret = ldb_transaction_commit(sysdb->ldb);
+ if (lret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed ldb transaction commit !! (%d)\n", lret));
+ ret = EIO;
+ goto done;
+ }
+
+ ret = EOK;
+
+done:
+ if (ret != EOK) {
+ lret = ldb_transaction_cancel(sysdb->ldb);
+ if (lret != LDB_SUCCESS) {
+ DEBUG(1, ("Failed to cancel ldb transaction (%d)\n", lret));
+ }
+ }
+
+ talloc_free(tmp_ctx);
+ return ret;
+}
+
int sysdb_init(TALLOC_CTX *mem_ctx,
struct event_context *ev,
struct confdb_ctx *cdb,
diff --git a/server/db/sysdb.h b/server/db/sysdb.h
index 656cb8fe..4af6323a 100644
--- a/server/db/sysdb.h
+++ b/server/db/sysdb.h
@@ -182,4 +182,12 @@ int sysdb_add_remove_posix_group_member(TALLOC_CTX *mem_ctx,
int flag,
struct ldb_dn *member_dn,
struct ldb_dn *group_dn);
+
+int sysdb_remove_group_posix(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ const char *domain, const char *name);
+
+int sysdb_remove_group_posix_by_gid(TALLOC_CTX *memctx,
+ struct sysdb_ctx *sysdb,
+ const char *domain, gid_t gid);
#endif /* __SYS_DB_H__ */
diff --git a/server/tests/sysdb-tests.c b/server/tests/sysdb-tests.c
index 9d8ebffa..95e347af 100644
--- a/server/tests/sysdb-tests.c
+++ b/server/tests/sysdb-tests.c
@@ -553,46 +553,143 @@ START_TEST (test_sysdb_remove_group_from_posix_group)
}
END_TEST
+START_TEST (test_sysdb_remove_local_acct_posix)
+{
+ int ret;
+ struct sysdb_test_ctx *test_ctx;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ /* Store a user account with username, password,
+ * uid, gid, gecos, homedir and shell
+ */
+ const char *username = talloc_asprintf(test_ctx, "testuser%d", _i);
+
+ ret = sysdb_remove_account_posix(test_ctx, test_ctx->sysdb,
+ "LOCAL", username);
+ fail_if(ret != EOK, "Could not remove POSIX user %s", username);
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST (test_sysdb_remove_local_acct_posix_by_uid)
+{
+ int ret;
+ struct sysdb_test_ctx *test_ctx;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ ret = sysdb_remove_account_posix_by_uid(test_ctx, test_ctx->sysdb,
+ "LOCAL", _i);
+ fail_if(ret != EOK, "Could not remove POSIX group");
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST (test_sysdb_remove_local_group_posix)
+{
+ int ret;
+ struct sysdb_test_ctx *test_ctx;
+ char *group_name;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ group_name = talloc_asprintf(test_ctx, "%s%d", SYSDB_POSIX_TEST_GROUP, _i);
+ fail_if(group_name == NULL, "Could not allocate group name");
+
+ ret = sysdb_remove_group_posix(test_ctx, test_ctx->sysdb,
+ "LOCAL", group_name);
+ fail_if(ret != EOK, "Could not remove POSIX group");
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
+START_TEST (test_sysdb_remove_local_group_posix_by_gid)
+{
+ int ret;
+ struct sysdb_test_ctx *test_ctx;
+
+ /* Setup */
+ ret = setup_sysdb_tests(&test_ctx);
+ if (ret != EOK) {
+ fail("Could not set up the test");
+ return;
+ }
+
+ ret = sysdb_remove_group_posix_by_gid(test_ctx, test_ctx->sysdb,
+ "LOCAL", _i);
+ fail_if(ret != EOK, "Could not remove POSIX group");
+
+ talloc_free(test_ctx);
+}
+END_TEST
+
Suite *create_sysdb_suite(void)
{
Suite *s = suite_create("sysdb");
-/* POSIX User test case */
- TCase *tc_posix_users = tcase_create("\tPOSIX Users");
+ TCase *tc_sysdb = tcase_create("SYSDB Tests");
/* Create a new user */
- tcase_add_loop_test(tc_posix_users, test_sysdb_store_local_account_posix,27000,27010);
-
-/* POSIX Group test case */
- TCase *tc_posix_gr = tcase_create("\tPOSIX Groups");
+ tcase_add_loop_test(tc_sysdb, test_sysdb_store_local_account_posix,27000,27010);
/* Create a new group */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_store_local_group_posix,27000,27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_store_local_group_posix,27000,27010);
/* Verify that the new group exists */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_get_local_group_posix,27000,27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_get_local_group_posix,27000,27010);
/* Add users to the group */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_add_acct_to_posix_group, 27000, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_add_acct_to_posix_group, 27000, 27010);
/* Verify member and memberOf */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_verify_posix_group_members, 27000, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_verify_posix_group_members, 27000, 27010);
/* A negative test: add nonexistent users as members of a group */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_add_invalid_member, 27000, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_add_invalid_member, 27000, 27010);
/* Add groups as members of groups */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_add_group_to_posix_group, 27001, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_add_group_to_posix_group, 27001, 27010);
/* Remove groups from their groups */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_remove_group_from_posix_group, 27001, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_group_from_posix_group, 27001, 27010);
/* Remove users from their groups */
- tcase_add_loop_test(tc_posix_gr, test_sysdb_remove_acct_from_posix_group, 27000, 27010);
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_acct_from_posix_group, 27000, 27010);
+
+ /* Remove half of the groups by name */
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_local_group_posix, 27000, 27005);
+
+ /* Remove the other half by gid */
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_local_group_posix_by_gid, 27005, 27010);
+
+
+ /* Remove half of the users by name */
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_local_acct_posix, 27000, 27005);
+
+ /* Remove the other half by uid */
+ tcase_add_loop_test(tc_sysdb, test_sysdb_remove_local_acct_posix_by_uid, 27005, 27010);
/* Add all test cases to the test suite */
- suite_add_tcase(s, tc_posix_users);
- suite_add_tcase(s, tc_posix_gr);
+ suite_add_tcase(s, tc_sysdb);
return s;
}