|
 |
ca1eb8 |
From ba23021935fcc984b1000bc007fcd3e52fa752cd Mon Sep 17 00:00:00 2001
|
|
|
ca1eb8 |
From: Jakub Hrozek <jhrozek@redhat.com>
|
|
|
ca1eb8 |
Date: Sat, 30 Jun 2018 12:31:13 +0200
|
|
|
ca1eb8 |
Subject: [PATCH] LDAP/AD: Remove the legacy POSIX check from user, group and
|
|
|
ca1eb8 |
enumeration searches
|
|
|
ca1eb8 |
MIME-Version: 1.0
|
|
|
ca1eb8 |
Content-Type: text/plain; charset=UTF-8
|
|
|
ca1eb8 |
Content-Transfer-Encoding: 8bit
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
This code is superseded by the POSIX check in the subdomains provider.
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
Related:
|
|
|
ca1eb8 |
https://pagure.io/SSSD/sssd/issue/3755
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
|
|
|
ca1eb8 |
(cherry picked from commit 8d78119811e2572bb1a05da5abb7c5a2d43d1f97)
|
|
|
ca1eb8 |
---
|
|
|
ca1eb8 |
src/providers/ad/ad_id.c | 43 +---------
|
|
|
ca1eb8 |
src/providers/ldap/ldap_id.c | 121 ---------------------------
|
|
|
ca1eb8 |
src/providers/ldap/sdap_async_enum.c | 105 +----------------------
|
|
|
ca1eb8 |
3 files changed, 4 insertions(+), 265 deletions(-)
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
diff --git a/src/providers/ad/ad_id.c b/src/providers/ad/ad_id.c
|
|
|
ca1eb8 |
index 782d9bc402e71d6b20976367f6afbae82bd25750..96c5677c681e40419172c2e5aa3c32b8403147b1 100644
|
|
|
ca1eb8 |
--- a/src/providers/ad/ad_id.c
|
|
|
ca1eb8 |
+++ b/src/providers/ad/ad_id.c
|
|
|
ca1eb8 |
@@ -29,28 +29,6 @@
|
|
|
ca1eb8 |
#include "providers/ldap/sdap_idmap.h"
|
|
|
ca1eb8 |
#include "providers/ldap/sdap_async.h"
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
-static void
|
|
|
ca1eb8 |
-disable_gc(struct ad_options *ad_options)
|
|
|
ca1eb8 |
-{
|
|
|
ca1eb8 |
- errno_t ret;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- if (dp_opt_get_bool(ad_options->basic, AD_ENABLE_GC) == false) {
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- DEBUG(SSSDBG_IMPORTANT_INFO, "POSIX attributes were requested "
|
|
|
ca1eb8 |
- "but are not present on the server side. Global Catalog "
|
|
|
ca1eb8 |
- "lookups will be disabled\n");
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = dp_opt_set_bool(ad_options->basic,
|
|
|
ca1eb8 |
- AD_ENABLE_GC, false);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- DEBUG(SSSDBG_MINOR_FAILURE,
|
|
|
ca1eb8 |
- "Could not turn off GC support\n");
|
|
|
ca1eb8 |
- /* Not fatal */
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-}
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
static bool ad_account_can_shortcut(struct sdap_idmap_ctx *idmap_ctx,
|
|
|
ca1eb8 |
struct sss_domain_info *domain,
|
|
|
ca1eb8 |
int filter_type,
|
|
|
ca1eb8 |
@@ -296,14 +274,12 @@ ad_handle_acct_info_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
if (sdap_err == EOK) {
|
|
|
ca1eb8 |
tevent_req_done(req);
|
|
|
ca1eb8 |
return;
|
|
|
ca1eb8 |
- } else if (sdap_err == ERR_NO_POSIX) {
|
|
|
ca1eb8 |
- disable_gc(state->ad_options);
|
|
|
ca1eb8 |
} else if (sdap_err != ENOENT) {
|
|
|
ca1eb8 |
ret = EIO;
|
|
|
ca1eb8 |
goto fail;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
- /* Ret is only ENOENT or ERR_NO_POSIX now. Try the next connection */
|
|
|
ca1eb8 |
+ /* Ret is only ENOENT now. Try the next connection */
|
|
|
ca1eb8 |
state->cindex++;
|
|
|
ca1eb8 |
ret = ad_handle_acct_info_step(req);
|
|
|
ca1eb8 |
if (ret != EAGAIN) {
|
|
|
ca1eb8 |
@@ -710,22 +686,7 @@ ad_enumeration_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
ret = sdap_dom_enum_ex_recv(subreq);
|
|
|
ca1eb8 |
talloc_zfree(subreq);
|
|
|
ca1eb8 |
- if (ret == ERR_NO_POSIX) {
|
|
|
ca1eb8 |
- /* Retry enumerating the same domain again, this time w/o
|
|
|
ca1eb8 |
- * connecting to GC
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- disable_gc(state->id_ctx->ad_options);
|
|
|
ca1eb8 |
- ret = ad_enum_sdom(req, state->sditer, state->id_ctx);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- DEBUG(SSSDBG_OP_FAILURE,
|
|
|
ca1eb8 |
- "Could not retry domain %s\n", state->sditer->dom->name);
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- /* Execution will resume in ad_enumeration_done */
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- } else if (ret != EOK) {
|
|
|
ca1eb8 |
+ if (ret != EOK) {
|
|
|
ca1eb8 |
DEBUG(SSSDBG_OP_FAILURE,
|
|
|
ca1eb8 |
"Could not enumerate domain %s\n", state->sditer->dom->name);
|
|
|
ca1eb8 |
tevent_req_error(req, ret);
|
|
|
ca1eb8 |
diff --git a/src/providers/ldap/ldap_id.c b/src/providers/ldap/ldap_id.c
|
|
|
ca1eb8 |
index ebf5d9cb2e2d1cc4b356d431965a00588a876444..9e8289904e60512e088aae77666bcd765bfe3392 100644
|
|
|
ca1eb8 |
--- a/src/providers/ldap/ldap_id.c
|
|
|
ca1eb8 |
+++ b/src/providers/ldap/ldap_id.c
|
|
|
ca1eb8 |
@@ -66,7 +66,6 @@ struct users_get_state {
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
static int users_get_retry(struct tevent_req *req);
|
|
|
ca1eb8 |
static void users_get_connect_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
-static void users_get_posix_check_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static void users_get_search(struct tevent_req *req);
|
|
|
ca1eb8 |
static void users_get_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
@@ -408,66 +407,6 @@ static void users_get_connect_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
return;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
- /* If POSIX attributes have been requested with an AD server and we
|
|
|
ca1eb8 |
- * have no idea about POSIX attributes support, run a one-time check
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (should_run_posix_check(state->ctx,
|
|
|
ca1eb8 |
- state->conn,
|
|
|
ca1eb8 |
- state->use_id_mapping,
|
|
|
ca1eb8 |
- !state->non_posix)) {
|
|
|
ca1eb8 |
- subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
|
|
|
ca1eb8 |
- sdap_id_op_handle(state->op),
|
|
|
ca1eb8 |
- dp_opt_get_int(state->ctx->opts->basic,
|
|
|
ca1eb8 |
- SDAP_SEARCH_TIMEOUT));
|
|
|
ca1eb8 |
- if (subreq == NULL) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ENOMEM);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- tevent_req_set_callback(subreq, users_get_posix_check_done, req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- users_get_search(req);
|
|
|
ca1eb8 |
-}
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-static void users_get_posix_check_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
-{
|
|
|
ca1eb8 |
- errno_t ret;
|
|
|
ca1eb8 |
- errno_t ret2;
|
|
|
ca1eb8 |
- bool has_posix;
|
|
|
ca1eb8 |
- int dp_error;
|
|
|
ca1eb8 |
- struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
ca1eb8 |
- struct tevent_req);
|
|
|
ca1eb8 |
- struct users_get_state *state = tevent_req_data(req,
|
|
|
ca1eb8 |
- struct users_get_state);
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = sdap_gc_posix_check_recv(subreq, &has_posix);
|
|
|
ca1eb8 |
- talloc_zfree(subreq);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- /* We can only finish the id_op on error as the connection
|
|
|
ca1eb8 |
- * is re-used by the user search
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- ret2 = sdap_id_op_done(state->op, ret, &dp_error);
|
|
|
ca1eb8 |
- if (dp_error == DP_ERR_OK && ret2 != EOK) {
|
|
|
ca1eb8 |
- /* retry */
|
|
|
ca1eb8 |
- ret = users_get_retry(req);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- state->ctx->srv_opts->posix_checked = true;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- /* If the check ran to completion, we know for certain about the attributes
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (ret == EOK && has_posix == false) {
|
|
|
ca1eb8 |
- state->sdap_ret = ERR_NO_POSIX;
|
|
|
ca1eb8 |
- tevent_req_done(req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
users_get_search(req);
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
@@ -691,7 +630,6 @@ struct groups_get_state {
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
static int groups_get_retry(struct tevent_req *req);
|
|
|
ca1eb8 |
static void groups_get_connect_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
-static void groups_get_posix_check_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static void groups_get_mpg_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static errno_t groups_get_handle_no_group(struct tevent_req *req);
|
|
|
ca1eb8 |
static void groups_get_search(struct tevent_req *req);
|
|
|
ca1eb8 |
@@ -953,65 +891,6 @@ static void groups_get_connect_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
return;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
- /* If POSIX attributes have been requested with an AD server and we
|
|
|
ca1eb8 |
- * have no idea about POSIX attributes support, run a one-time check
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (should_run_posix_check(state->ctx,
|
|
|
ca1eb8 |
- state->conn,
|
|
|
ca1eb8 |
- state->use_id_mapping,
|
|
|
ca1eb8 |
- !state->non_posix)) {
|
|
|
ca1eb8 |
- subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
|
|
|
ca1eb8 |
- sdap_id_op_handle(state->op),
|
|
|
ca1eb8 |
- dp_opt_get_int(state->ctx->opts->basic,
|
|
|
ca1eb8 |
- SDAP_SEARCH_TIMEOUT));
|
|
|
ca1eb8 |
- if (subreq == NULL) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ENOMEM);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- tevent_req_set_callback(subreq, groups_get_posix_check_done, req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- groups_get_search(req);
|
|
|
ca1eb8 |
-}
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-static void groups_get_posix_check_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
-{
|
|
|
ca1eb8 |
- errno_t ret;
|
|
|
ca1eb8 |
- bool has_posix;
|
|
|
ca1eb8 |
- int dp_error;
|
|
|
ca1eb8 |
- struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
ca1eb8 |
- struct tevent_req);
|
|
|
ca1eb8 |
- struct groups_get_state *state = tevent_req_data(req,
|
|
|
ca1eb8 |
- struct groups_get_state);
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = sdap_gc_posix_check_recv(subreq, &has_posix);
|
|
|
ca1eb8 |
- talloc_zfree(subreq);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- /* We can only finish the id_op on error as the connection
|
|
|
ca1eb8 |
- * is re-used by the group search
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- ret = sdap_id_op_done(state->op, ret, &dp_error);
|
|
|
ca1eb8 |
- if (dp_error == DP_ERR_OK && ret != EOK) {
|
|
|
ca1eb8 |
- /* retry */
|
|
|
ca1eb8 |
- ret = groups_get_retry(req);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- state->ctx->srv_opts->posix_checked = true;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- /* If the check ran to completion, we know for certain about the attributes
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (has_posix == false) {
|
|
|
ca1eb8 |
- state->sdap_ret = ERR_NO_POSIX;
|
|
|
ca1eb8 |
- tevent_req_done(req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
groups_get_search(req);
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
diff --git a/src/providers/ldap/sdap_async_enum.c b/src/providers/ldap/sdap_async_enum.c
|
|
|
ca1eb8 |
index ea9d51adc7f94145cd7e689893bf7fd81028c5bb..899d59d3831bf473a98b44a7bf4d2007fac84c5e 100644
|
|
|
ca1eb8 |
--- a/src/providers/ldap/sdap_async_enum.c
|
|
|
ca1eb8 |
+++ b/src/providers/ldap/sdap_async_enum.c
|
|
|
ca1eb8 |
@@ -69,8 +69,6 @@ static errno_t sdap_dom_enum_ex_retry(struct tevent_req *req,
|
|
|
ca1eb8 |
tevent_req_fn tcb);
|
|
|
ca1eb8 |
static bool sdap_dom_enum_ex_connected(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static void sdap_dom_enum_ex_get_users(struct tevent_req *subreq);
|
|
|
ca1eb8 |
-static void sdap_dom_enum_ex_posix_check_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
-static errno_t sdap_dom_enum_search_users(struct tevent_req *req);
|
|
|
ca1eb8 |
static void sdap_dom_enum_ex_users_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static void sdap_dom_enum_ex_get_groups(struct tevent_req *subreq);
|
|
|
ca1eb8 |
static void sdap_dom_enum_ex_groups_done(struct tevent_req *subreq);
|
|
|
ca1eb8 |
@@ -181,118 +179,19 @@ static void sdap_dom_enum_ex_get_users(struct tevent_req *subreq)
|
|
|
ca1eb8 |
struct tevent_req);
|
|
|
ca1eb8 |
struct sdap_dom_enum_ex_state *state = tevent_req_data(req,
|
|
|
ca1eb8 |
struct sdap_dom_enum_ex_state);
|
|
|
ca1eb8 |
- bool use_id_mapping;
|
|
|
ca1eb8 |
- errno_t ret;
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
if (sdap_dom_enum_ex_connected(subreq) == false) {
|
|
|
ca1eb8 |
return;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
- use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(
|
|
|
ca1eb8 |
- state->ctx->opts->idmap_ctx,
|
|
|
ca1eb8 |
- state->sdom->dom->name,
|
|
|
ca1eb8 |
- state->sdom->dom->domain_id);
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- /* If POSIX attributes have been requested with an AD server and we
|
|
|
ca1eb8 |
- * have no idea about POSIX attributes support, run a one-time check
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (should_run_posix_check(state->ctx,
|
|
|
ca1eb8 |
- state->user_conn,
|
|
|
ca1eb8 |
- use_id_mapping,
|
|
|
ca1eb8 |
- true)) {
|
|
|
ca1eb8 |
- subreq = sdap_gc_posix_check_send(state, state->ev, state->ctx->opts,
|
|
|
ca1eb8 |
- sdap_id_op_handle(state->user_op),
|
|
|
ca1eb8 |
- dp_opt_get_int(state->ctx->opts->basic,
|
|
|
ca1eb8 |
- SDAP_SEARCH_TIMEOUT));
|
|
|
ca1eb8 |
- if (subreq == NULL) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ENOMEM);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- tevent_req_set_callback(subreq,
|
|
|
ca1eb8 |
- sdap_dom_enum_ex_posix_check_done, req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = sdap_dom_enum_search_users(req);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- /* Execution resumes in sdap_dom_enum_ex_users_done */
|
|
|
ca1eb8 |
-}
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-static void sdap_dom_enum_ex_posix_check_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
-{
|
|
|
ca1eb8 |
- errno_t ret;
|
|
|
ca1eb8 |
- bool has_posix;
|
|
|
ca1eb8 |
- int dp_error;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- struct tevent_req *req = tevent_req_callback_data(subreq,
|
|
|
ca1eb8 |
- struct tevent_req);
|
|
|
ca1eb8 |
- struct sdap_dom_enum_ex_state *state = tevent_req_data(req,
|
|
|
ca1eb8 |
- struct sdap_dom_enum_ex_state);
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = sdap_gc_posix_check_recv(subreq, &has_posix);
|
|
|
ca1eb8 |
- talloc_zfree(subreq);
|
|
|
ca1eb8 |
- if (ret != EOK && ret != ERR_NO_POSIX) {
|
|
|
ca1eb8 |
- /* We can only finish the id_op on error as the connection
|
|
|
ca1eb8 |
- * is re-used by the user search
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- ret = sdap_id_op_done(state->user_op, ret, &dp_error);
|
|
|
ca1eb8 |
- if (dp_error == DP_ERR_OK && ret != EOK) {
|
|
|
ca1eb8 |
- /* retry */
|
|
|
ca1eb8 |
- ret = sdap_dom_enum_ex_retry(req, state->user_op,
|
|
|
ca1eb8 |
- sdap_dom_enum_ex_get_users);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- } else if (dp_error == DP_ERR_OFFLINE) {
|
|
|
ca1eb8 |
- DEBUG(SSSDBG_TRACE_FUNC, "Backend is offline, retrying later\n");
|
|
|
ca1eb8 |
- tevent_req_done(req);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- } else {
|
|
|
ca1eb8 |
- /* Non-recoverable error */
|
|
|
ca1eb8 |
- DEBUG(SSSDBG_OP_FAILURE,
|
|
|
ca1eb8 |
- "POSIX check failed: %d: %s\n", ret, sss_strerror(ret));
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- state->ctx->srv_opts->posix_checked = true;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- /* If the check ran to completion, we know for certain about the attributes
|
|
|
ca1eb8 |
- */
|
|
|
ca1eb8 |
- if (has_posix == false) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ERR_NO_POSIX);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
- ret = sdap_dom_enum_search_users(req);
|
|
|
ca1eb8 |
- if (ret != EOK) {
|
|
|
ca1eb8 |
- tevent_req_error(req, ret);
|
|
|
ca1eb8 |
- return;
|
|
|
ca1eb8 |
- }
|
|
|
ca1eb8 |
- /* Execution resumes in sdap_dom_enum_ex_users_done */
|
|
|
ca1eb8 |
-}
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
-static errno_t sdap_dom_enum_search_users(struct tevent_req *req)
|
|
|
ca1eb8 |
-{
|
|
|
ca1eb8 |
- struct sdap_dom_enum_ex_state *state = tevent_req_data(req,
|
|
|
ca1eb8 |
- struct sdap_dom_enum_ex_state);
|
|
|
ca1eb8 |
- struct tevent_req *subreq;
|
|
|
ca1eb8 |
-
|
|
|
ca1eb8 |
subreq = enum_users_send(state, state->ev,
|
|
|
ca1eb8 |
state->ctx, state->sdom,
|
|
|
ca1eb8 |
state->user_op, state->purge);
|
|
|
ca1eb8 |
if (subreq == NULL) {
|
|
|
ca1eb8 |
- return ENOMEM;
|
|
|
ca1eb8 |
+ tevent_req_error(req, ENOMEM);
|
|
|
ca1eb8 |
+ return;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
tevent_req_set_callback(subreq, sdap_dom_enum_ex_users_done, req);
|
|
|
ca1eb8 |
- return EOK;
|
|
|
ca1eb8 |
}
|
|
|
ca1eb8 |
|
|
|
ca1eb8 |
static void sdap_dom_enum_ex_users_done(struct tevent_req *subreq)
|
|
|
ca1eb8 |
--
|
|
|
ca1eb8 |
2.17.1
|
|
|
ca1eb8 |
|