|
 |
905b4d |
From 26ae40bd74a00a9701f732a8957c06ff8fc857a4 Mon Sep 17 00:00:00 2001
|
|
|
905b4d |
From: Sumit Bose <sbose@redhat.com>
|
|
|
905b4d |
Date: Wed, 12 Nov 2014 16:26:55 +0100
|
|
|
905b4d |
Subject: [PATCH 114/115] sysdb: add sysdb_invalidate_overrides()
|
|
|
905b4d |
|
|
|
905b4d |
---
|
|
|
905b4d |
src/db/sysdb.h | 2 +
|
|
|
905b4d |
src/db/sysdb_views.c | 123 ++++++++++++++++++++++++++++++++++++
|
|
|
905b4d |
src/tests/cmocka/test_sysdb_views.c | 69 ++++++++++++++++++++
|
|
|
905b4d |
3 files changed, 194 insertions(+)
|
|
|
905b4d |
|
|
|
905b4d |
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
|
|
|
905b4d |
index a3ffa7b759e8aa16fc8a60cb01c6f0cb49278cc0..5bd7f90acb685bbaff5c98f433c7dce8175c33ca 100644
|
|
|
905b4d |
--- a/src/db/sysdb.h
|
|
|
905b4d |
+++ b/src/db/sysdb.h
|
|
|
905b4d |
@@ -446,6 +446,8 @@ errno_t sysdb_get_view_name(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
|
|
|
905b4d |
|
|
|
905b4d |
errno_t sysdb_delete_view_tree(struct sysdb_ctx *sysdb, const char *view_name);
|
|
|
905b4d |
|
|
|
905b4d |
+errno_t sysdb_invalidate_overrides(struct sysdb_ctx *sysdb);
|
|
|
905b4d |
+
|
|
|
905b4d |
errno_t sysdb_apply_default_override(struct sss_domain_info *domain,
|
|
|
905b4d |
struct sysdb_attrs *override_attrs,
|
|
|
905b4d |
struct ldb_dn *obj_dn);
|
|
|
905b4d |
diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c
|
|
|
905b4d |
index e17321455ad2ac4e4f17094f83c482d95bb00d8b..970d83e657d4fdfb73ac0e1fcc124ec690e29d4b 100644
|
|
|
905b4d |
--- a/src/db/sysdb_views.c
|
|
|
905b4d |
+++ b/src/db/sysdb_views.c
|
|
|
905b4d |
@@ -214,6 +214,129 @@ done:
|
|
|
905b4d |
return ret;
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+errno_t sysdb_invalidate_overrides(struct sysdb_ctx *sysdb)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+ int sret;
|
|
|
905b4d |
+ TALLOC_CTX *tmp_ctx;
|
|
|
905b4d |
+ bool in_transaction = false;
|
|
|
905b4d |
+ struct ldb_result *res;
|
|
|
905b4d |
+ size_t c;
|
|
|
905b4d |
+ struct ldb_message *msg;
|
|
|
905b4d |
+ struct ldb_dn *base_dn;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ tmp_ctx = talloc_new(NULL);
|
|
|
905b4d |
+ if (tmp_ctx == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");
|
|
|
905b4d |
+ return ENOMEM;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ msg = ldb_msg_new(tmp_ctx);
|
|
|
905b4d |
+ if (msg == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_new failed.\n");
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ base_dn = ldb_dn_new(tmp_ctx, sysdb->ldb, SYSDB_BASE);
|
|
|
905b4d |
+ if (base_dn == NULL) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_dn_new failed");
|
|
|
905b4d |
+ ret = ENOMEM;
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_msg_add_empty(msg, SYSDB_CACHE_EXPIRE, LDB_FLAG_MOD_REPLACE,
|
|
|
905b4d |
+ NULL);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_empty failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ ret = ldb_msg_add_string(msg, SYSDB_CACHE_EXPIRE, "1");
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_string failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_msg_add_empty(msg, SYSDB_OVERRIDE_DN, LDB_FLAG_MOD_DELETE, NULL);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_empty failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_transaction_start(sysdb);
|
|
|
905b4d |
+ if (ret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_transaction_start failed.\n");
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ in_transaction = true;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn, LDB_SCOPE_SUBTREE,
|
|
|
905b4d |
+ NULL, "%s", SYSDB_UC);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ for (c = 0; c < res->count; c++) {
|
|
|
905b4d |
+ msg->dn = res->msgs[c]->dn;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_modify(sysdb->ldb, msg);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS && ret != LDB_ERR_NO_SUCH_ATTRIBUTE) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_modify failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ talloc_free(res);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn, LDB_SCOPE_SUBTREE,
|
|
|
905b4d |
+ NULL, "%s", SYSDB_GC);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ for (c = 0; c < res->count; c++) {
|
|
|
905b4d |
+ msg->dn = res->msgs[c]->dn;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = ldb_modify(sysdb->ldb, msg);
|
|
|
905b4d |
+ if (ret != LDB_SUCCESS && ret != LDB_ERR_NO_SUCH_ATTRIBUTE) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "ldb_modify failed.\n");
|
|
|
905b4d |
+ ret = sysdb_error_to_errno(ret);
|
|
|
905b4d |
+ goto done;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = EOK;
|
|
|
905b4d |
+done:
|
|
|
905b4d |
+ if (in_transaction) {
|
|
|
905b4d |
+ if (ret == EOK) {
|
|
|
905b4d |
+ sret = sysdb_transaction_commit(sysdb);
|
|
|
905b4d |
+ if (sret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_transaction_commit failed, " \
|
|
|
905b4d |
+ "nothing we can do about.\n");
|
|
|
905b4d |
+ ret = sret;
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ } else {
|
|
|
905b4d |
+ sret = sysdb_transaction_cancel(sysdb);
|
|
|
905b4d |
+ if (sret != EOK) {
|
|
|
905b4d |
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_transaction_cancel failed, " \
|
|
|
905b4d |
+ "nothing we can do about.\n");
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+ }
|
|
|
905b4d |
+
|
|
|
905b4d |
+ talloc_free(tmp_ctx);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ return ret;
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
static errno_t
|
|
|
905b4d |
add_name_and_aliases_for_name_override(struct sss_domain_info *domain,
|
|
|
905b4d |
struct sysdb_attrs *attrs,
|
|
|
905b4d |
diff --git a/src/tests/cmocka/test_sysdb_views.c b/src/tests/cmocka/test_sysdb_views.c
|
|
|
905b4d |
index 6be28e624d102060121f9afa91b282f7e8620676..7238467c3c9bf91fd0d48204dd7217d4d273e965 100644
|
|
|
905b4d |
--- a/src/tests/cmocka/test_sysdb_views.c
|
|
|
905b4d |
+++ b/src/tests/cmocka/test_sysdb_views.c
|
|
|
905b4d |
@@ -291,6 +291,73 @@ void test_sysdb_delete_view_tree(void **state)
|
|
|
905b4d |
|
|
|
905b4d |
}
|
|
|
905b4d |
|
|
|
905b4d |
+void test_sysdb_invalidate_overrides(void **state)
|
|
|
905b4d |
+{
|
|
|
905b4d |
+ int ret;
|
|
|
905b4d |
+ struct ldb_message *msg;
|
|
|
905b4d |
+ struct sysdb_attrs *attrs;
|
|
|
905b4d |
+ struct ldb_dn *views_dn;
|
|
|
905b4d |
+ const char *user_attrs[] = { SYSDB_NAME,
|
|
|
905b4d |
+ SYSDB_CACHE_EXPIRE,
|
|
|
905b4d |
+ SYSDB_OVERRIDE_DN,
|
|
|
905b4d |
+ NULL};
|
|
|
905b4d |
+
|
|
|
905b4d |
+ struct sysdb_test_ctx *test_ctx = talloc_get_type_abort(*state,
|
|
|
905b4d |
+ struct sysdb_test_ctx);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ test_ctx->domain->mpg = false;
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_update_view_name(test_ctx->domain->sysdb, TEST_VIEW_NAME);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_store_user(test_ctx->domain, TEST_USER_NAME, NULL,
|
|
|
905b4d |
+ TEST_USER_UID, TEST_USER_GID, TEST_USER_GECOS,
|
|
|
905b4d |
+ TEST_USER_HOMEDIR, TEST_USER_SHELL, NULL, NULL, NULL,
|
|
|
905b4d |
+ 10,0);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_search_user_by_name(test_ctx, test_ctx->domain, TEST_USER_NAME,
|
|
|
905b4d |
+ NULL, &msg;;
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+ assert_non_null(msg);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ attrs = sysdb_new_attrs(test_ctx);
|
|
|
905b4d |
+ assert_non_null(attrs);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_attrs_add_string(attrs, SYSDB_OVERRIDE_ANCHOR_UUID,
|
|
|
905b4d |
+ TEST_ANCHOR_PREFIX TEST_USER_SID);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_store_override(test_ctx->domain, TEST_VIEW_NAME,
|
|
|
905b4d |
+ SYSDB_MEMBER_USER, attrs, msg->dn);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ views_dn = ldb_dn_new(test_ctx, test_ctx->domain->sysdb->ldb,
|
|
|
905b4d |
+ SYSDB_TMPL_VIEW_BASE);
|
|
|
905b4d |
+ assert_non_null(views_dn);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_delete_view_tree(test_ctx->domain->sysdb, TEST_VIEW_NAME);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_search_user_by_name(test_ctx, test_ctx->domain, TEST_USER_NAME,
|
|
|
905b4d |
+ user_attrs, &msg;;
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+ assert_non_null(msg);
|
|
|
905b4d |
+ assert_true(ldb_msg_find_attr_as_uint64(msg, SYSDB_CACHE_EXPIRE, 0) > 1);
|
|
|
905b4d |
+ assert_non_null(ldb_msg_find_attr_as_string(msg, SYSDB_OVERRIDE_DN, NULL));
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_invalidate_overrides(test_ctx->domain->sysdb);
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+
|
|
|
905b4d |
+ ret = sysdb_search_user_by_name(test_ctx, test_ctx->domain, TEST_USER_NAME,
|
|
|
905b4d |
+ user_attrs, &msg;;
|
|
|
905b4d |
+ assert_int_equal(ret, EOK);
|
|
|
905b4d |
+ assert_non_null(msg);
|
|
|
905b4d |
+ assert_int_equal(ldb_msg_find_attr_as_uint64(msg, SYSDB_CACHE_EXPIRE, 0),
|
|
|
905b4d |
+ 1);
|
|
|
905b4d |
+ assert_null(ldb_msg_find_attr_as_string(msg, SYSDB_OVERRIDE_DN, NULL));
|
|
|
905b4d |
+}
|
|
|
905b4d |
+
|
|
|
905b4d |
int main(int argc, const char *argv[])
|
|
|
905b4d |
{
|
|
|
905b4d |
int rv;
|
|
|
905b4d |
@@ -312,6 +379,8 @@ int main(int argc, const char *argv[])
|
|
|
905b4d |
test_sysdb_setup, test_sysdb_teardown),
|
|
|
905b4d |
unit_test_setup_teardown(test_sysdb_delete_view_tree,
|
|
|
905b4d |
test_sysdb_setup, test_sysdb_teardown),
|
|
|
905b4d |
+ unit_test_setup_teardown(test_sysdb_invalidate_overrides,
|
|
|
905b4d |
+ test_sysdb_setup, test_sysdb_teardown),
|
|
|
905b4d |
};
|
|
|
905b4d |
|
|
|
905b4d |
/* Set debug level to invalid value so we can deside if -d 0 was used. */
|
|
|
905b4d |
--
|
|
|
905b4d |
1.9.3
|
|
|
905b4d |
|