summaryrefslogtreecommitdiff
path: root/src/lib/idmap/sss_idmap.h
diff options
context:
space:
mode:
Diffstat (limited to 'src/lib/idmap/sss_idmap.h')
-rw-r--r--src/lib/idmap/sss_idmap.h22
1 files changed, 20 insertions, 2 deletions
diff --git a/src/lib/idmap/sss_idmap.h b/src/lib/idmap/sss_idmap.h
index 5536aeb7..824a7c62 100644
--- a/src/lib/idmap/sss_idmap.h
+++ b/src/lib/idmap/sss_idmap.h
@@ -77,7 +77,10 @@ enum idmap_error_code {
IDMAP_OUT_OF_SLICES,
/** New domain collides with existing one */
- IDMAP_COLLISION
+ IDMAP_COLLISION,
+
+ /** External source should be consulted for idmapping */
+ IDMAP_EXTERNAL
};
/**
@@ -260,6 +263,13 @@ enum idmap_error_code sss_idmap_add_domain(struct sss_idmap_ctx *ctx,
* to allow updates at runtime
* @param[in] rid The RID that should be mapped to the first ID of the
* given range.
+ * @param[in] external_mapping If set to true the ID will not be mapped
+ * algorithmically, but the *_to_unix and *_unix_to_*
+ * calls will return IDMAP_EXTERNAL to instruct the
+ * caller to check external sources. For a single
+ * domain all ranges must be of the same type. It is
+ * not possible to mix algorithmic and external
+ * mapping.
*
* @return
* - #IDMAP_OUT_OF_MEMORY: Insufficient memory to store the data in the idmap
@@ -273,7 +283,8 @@ enum idmap_error_code sss_idmap_add_domain_ex(struct sss_idmap_ctx *ctx,
const char *domain_sid,
struct sss_idmap_range *range,
const char *range_id,
- uint32_t rid);
+ uint32_t rid,
+ bool external_mapping);
/**
* @brief Translate SID to a unix UID or GID
*
@@ -286,6 +297,7 @@ enum idmap_error_code sss_idmap_add_domain_ex(struct sss_idmap_ctx *ctx,
* - #IDMAP_SID_INVALID: Invalid SID provided
* - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
* idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_sid_to_unix(struct sss_idmap_ctx *ctx,
const char *sid,
@@ -303,6 +315,7 @@ enum idmap_error_code sss_idmap_sid_to_unix(struct sss_idmap_ctx *ctx,
* - #IDMAP_SID_INVALID: Invalid SID provided
* - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
* idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx,
struct sss_dom_sid *dom_sid,
@@ -321,6 +334,7 @@ enum idmap_error_code sss_idmap_dom_sid_to_unix(struct sss_idmap_ctx *ctx,
* - #IDMAP_SID_INVALID: Invalid SID provided
* - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
* idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx,
uint8_t *bin_sid,
@@ -339,6 +353,7 @@ enum idmap_error_code sss_idmap_bin_sid_to_unix(struct sss_idmap_ctx *ctx,
* - #IDMAP_SID_INVALID: Invalid SID provided
* - #IDMAP_SID_UNKNOWN: SID cannot be found in the domains added to the
* idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_smb_sid_to_unix(struct sss_idmap_ctx *ctx,
struct dom_sid *smb_sid,
@@ -356,6 +371,7 @@ enum idmap_error_code sss_idmap_smb_sid_to_unix(struct sss_idmap_ctx *ctx,
* - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
* - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
* to the idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx,
uint32_t id,
@@ -372,6 +388,7 @@ enum idmap_error_code sss_idmap_unix_to_sid(struct sss_idmap_ctx *ctx,
* - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
* - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
* to the idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx,
uint32_t id,
@@ -390,6 +407,7 @@ enum idmap_error_code sss_idmap_unix_to_dom_sid(struct sss_idmap_ctx *ctx,
* - #IDMAP_NO_DOMAIN: No domains are added to the idmap context
* - #IDMAP_NO_RANGE: The provided ID cannot be found in the domains added
* to the idmap context
+ * - #IDMAP_EXTERNAL: external source is authoritative for mapping
*/
enum idmap_error_code sss_idmap_unix_to_bin_sid(struct sss_idmap_ctx *ctx,
uint32_t id,