diff options
Diffstat (limited to 'src/providers/ldap/sdap_sudo.c')
-rw-r--r-- | src/providers/ldap/sdap_sudo.c | 55 |
1 files changed, 52 insertions, 3 deletions
diff --git a/src/providers/ldap/sdap_sudo.c b/src/providers/ldap/sdap_sudo.c index 80549bfa..806c8b3a 100644 --- a/src/providers/ldap/sdap_sudo.c +++ b/src/providers/ldap/sdap_sudo.c @@ -104,6 +104,7 @@ struct bet_ops sdap_sudo_ops = { .finalize = sdap_sudo_shutdown }; +static void sdap_sudo_get_hostinfo_done(struct tevent_req *req); int sdap_sudo_setup_periodical_refresh(struct sdap_sudo_ctx *sudo_ctx); int sdap_sudo_init(struct be_ctx *be_ctx, @@ -112,6 +113,7 @@ int sdap_sudo_init(struct be_ctx *be_ctx, void **pvt_data) { struct sdap_sudo_ctx *sudo_ctx = NULL; + struct tevent_req *req = NULL; int ret; DEBUG(SSSDBG_TRACE_INTERNAL, ("Initializing sudo LDAP back end\n")); @@ -127,20 +129,67 @@ int sdap_sudo_init(struct be_ctx *be_ctx, *pvt_data = sudo_ctx; ret = ldap_get_sudo_options(id_ctx, be_ctx->cdb, - be_ctx->conf_path, id_ctx->opts); + be_ctx->conf_path, id_ctx->opts, + &sudo_ctx->use_host_filter, + &sudo_ctx->include_regexp, + &sudo_ctx->include_netgroups); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Cannot get SUDO options [%d]: %s\n", ret, strerror(ret))); return ret; } + req = sdap_sudo_get_hostinfo_send(sudo_ctx, id_ctx->opts, be_ctx); + if (req == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to retrieve host information - " + "(host filter will be disabled)\n")); + + sudo_ctx->use_host_filter = false; + + ret = sdap_sudo_setup_periodical_refresh(sudo_ctx); + if (ret != EOK) { + DEBUG(SSSDBG_OP_FAILURE, + ("Unable to setup periodical refresh" + "of sudo rules [%d]: %s\n", ret, strerror(ret))); + /* periodical updates will not work, but specific-rule update + * is no affected by this, therefore we don't have to fail here */ + } + } else { + tevent_req_set_callback(req, sdap_sudo_get_hostinfo_done, sudo_ctx); + } + + return EOK; +} + +static void sdap_sudo_get_hostinfo_done(struct tevent_req *req) +{ + struct sdap_sudo_ctx *sudo_ctx = NULL; + char **hostnames = NULL; + char **ip_addr = NULL; + int ret; + + sudo_ctx = tevent_req_callback_data(req, struct sdap_sudo_ctx); + + ret = sdap_sudo_get_hostinfo_recv(sudo_ctx, req, &hostnames, &ip_addr); + talloc_zfree(req); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to retrieve host information - " + "(host filter will be disabled) [%d]: %s\n", ret, strerror(ret))); + sudo_ctx->use_host_filter = false; + return; + } + + talloc_zfree(sudo_ctx->hostnames); + talloc_zfree(sudo_ctx->ip_addr); + + sudo_ctx->hostnames = talloc_move(sudo_ctx, &hostnames); + sudo_ctx->ip_addr = talloc_move(sudo_ctx, &ip_addr); + ret = sdap_sudo_setup_periodical_refresh(sudo_ctx); if (ret != EOK) { DEBUG(SSSDBG_OP_FAILURE, ("Unable to setup periodical refresh" "of sudo rules [%d]: %s\n", ret, strerror(ret))); } - - return EOK; } int sdap_sudo_setup_periodical_refresh(struct sdap_sudo_ctx *sudo_ctx) |