dpward / rpms / sssd

Forked from rpms/sssd 3 years ago
Clone
Blob Blame History Raw
From 359fe83281f2f54d71da65879eafec5ae383f33f Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstephen@redhat.com>
Date: Thu, 16 Mar 2017 14:46:55 -0400
Subject: [PATCH 15/15] IPA: Enhance debug logging for ipa s2n operations

Add log messages to provide useful debug logging surrounding
IPA client extended operations to the IPA Server during AD trust
requests to retrieve information. Print more details about the
objects requested and received during the ipa_s2n operations.

This will improve log analysis and troubleshooting efforts during AD
trust user and group resolution failures on IPA clients, such as missing
groups.

Reviewed-by: Sumit Bose <sbose@redhat.com>
---
 src/providers/ipa/ipa_s2n_exop.c | 28 ++++++++++++++++++++++++++++
 1 file changed, 28 insertions(+)

diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index 4fe20689fe4c0f2bb5217691dd05b37d2a1cc820..c99312274073858e5e03f3e82c069dafc839eb61 100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -1156,6 +1156,13 @@ static errno_t ipa_s2n_get_list_step(struct tevent_req *req)
         need_v1 = true;
     }
 
+    if (state->req_input.type == REQ_INP_NAME
+            && state->req_input.inp.name != NULL) {
+        DEBUG(SSSDBG_TRACE_FUNC, "Sending request_type: [%s] for group [%s].\n",
+                                 ipa_s2n_reqtype2str(state->request_type),
+                                 state->list[state->list_idx]);
+    }
+
     subreq = ipa_s2n_exop_send(state, state->ev, state->sh, need_v1,
                                state->exop_timeout, bv_req);
     if (subreq == NULL) {
@@ -1194,6 +1201,9 @@ static void ipa_s2n_get_list_next(struct tevent_req *subreq)
         goto fail;
     }
 
+    DEBUG(SSSDBG_TRACE_FUNC, "Received [%s] attributes from IPA server.\n",
+                             state->attrs->a.name);
+
     if (is_default_view(state->ipa_ctx->view_name)) {
         ret = ipa_s2n_get_list_save_step(req);
         if (ret == EOK) {
@@ -1375,6 +1385,11 @@ struct tevent_req *ipa_s2n_get_acct_info_send(TALLOC_CTX *mem_ctx,
         goto fail;
     }
 
+    DEBUG(SSSDBG_TRACE_FUNC, "Sending request_type: [%s] for trust user [%s] "
+                            "to IPA server\n",
+                            ipa_s2n_reqtype2str(state->request_type),
+                            req_input->inp.name);
+
     subreq = ipa_s2n_exop_send(state, state->ev, state->sh, is_v1,
                                state->exop_timeout, bv_req);
     if (subreq == NULL) {
@@ -1661,6 +1676,19 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
         state->attrs = attrs;
 
         if (attrs->response_type == RESP_USER_GROUPLIST) {
+
+            if (DEBUG_IS_SET(SSSDBG_TRACE_FUNC)) {
+                size_t c;
+
+                DEBUG(SSSDBG_TRACE_FUNC, "Received [%zu] groups in group list "
+                                         "from IPA Server\n", attrs->ngroups);
+
+                for (c = 0; c < attrs->ngroups; c++) {
+                    DEBUG(SSSDBG_TRACE_FUNC, "[%s].\n", attrs->groups[c]);
+                }
+            }
+
+
             ret = get_group_dn_list(state, state->dom,
                                     attrs->ngroups, attrs->groups,
                                     &group_dn_list, &missing_list);
-- 
2.9.3