|
 |
ecf709 |
From 887b53d8833ab91835cb3afbdadcbf9d091dafcd Mon Sep 17 00:00:00 2001
|
|
|
ecf709 |
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
|
|
|
ecf709 |
Date: Thu, 23 Mar 2017 13:14:56 +0100
|
|
|
ecf709 |
Subject: [PATCH 41/54] SUBDOMAINS: Allow use_fully_qualified_names for
|
|
|
ecf709 |
subdomains
|
|
|
ecf709 |
MIME-Version: 1.0
|
|
|
ecf709 |
Content-Type: text/plain; charset=UTF-8
|
|
|
ecf709 |
Content-Transfer-Encoding: 8bit
|
|
|
ecf709 |
|
|
|
ecf709 |
Allow option use_fully_qualified_names in subdomain section.
|
|
|
ecf709 |
This option was recently added to subdomain_inherit.
|
|
|
ecf709 |
|
|
|
ecf709 |
Resolves:
|
|
|
ecf709 |
https://pagure.io/SSSD/sssd/issue/3337
|
|
|
ecf709 |
|
|
|
ecf709 |
Reviewed-by: Fabiano FidĂȘncio <fidencio@redhat.com>
|
|
|
ecf709 |
---
|
|
|
ecf709 |
src/db/sysdb.h | 3 +-
|
|
|
ecf709 |
src/db/sysdb_private.h | 3 +-
|
|
|
ecf709 |
src/db/sysdb_subdomains.c | 63 +++++++++++++++++++++++++--
|
|
|
ecf709 |
src/man/sssd.conf.5.xml | 3 +-
|
|
|
ecf709 |
src/providers/ad/ad_subdomains.c | 3 +-
|
|
|
ecf709 |
src/providers/ipa/ipa_subdomains.c | 10 +++--
|
|
|
ecf709 |
src/responder/common/responder_get_domains.c | 9 ++--
|
|
|
ecf709 |
src/tests/cmocka/test_fqnames.c | 2 +-
|
|
|
ecf709 |
src/tests/cmocka/test_ipa_subdomains_server.c | 2 +-
|
|
|
ecf709 |
src/tests/cmocka/test_nss_srv.c | 6 ++-
|
|
|
ecf709 |
src/tests/cmocka/test_sysdb_subdomains.c | 25 ++++++-----
|
|
|
ecf709 |
src/tests/sysdb-tests.c | 14 +++---
|
|
|
ecf709 |
src/tools/common/sss_tools.c | 2 +-
|
|
|
ecf709 |
src/tools/sss_cache.c | 2 +-
|
|
|
ecf709 |
14 files changed, 107 insertions(+), 40 deletions(-)
|
|
|
ecf709 |
|
|
|
ecf709 |
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
|
|
|
ecf709 |
index 0cbb2c5c02355e9e9a4e73b075f92d16e4855045..6762b51bee02911fb97d5d393fad2495504ee5ad 100644
|
|
|
ecf709 |
--- a/src/db/sysdb.h
|
|
|
ecf709 |
+++ b/src/db/sysdb.h
|
|
|
ecf709 |
@@ -494,7 +494,8 @@ errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb,
|
|
|
ecf709 |
uint32_t trust_direction,
|
|
|
ecf709 |
struct ldb_message_element *upn_suffixes);
|
|
|
ecf709 |
|
|
|
ecf709 |
-errno_t sysdb_update_subdomains(struct sss_domain_info *domain);
|
|
|
ecf709 |
+errno_t sysdb_update_subdomains(struct sss_domain_info *domain,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb);
|
|
|
ecf709 |
|
|
|
ecf709 |
errno_t sysdb_master_domain_update(struct sss_domain_info *domain);
|
|
|
ecf709 |
|
|
|
ecf709 |
diff --git a/src/db/sysdb_private.h b/src/db/sysdb_private.h
|
|
|
ecf709 |
index bfd24799950ab3b31d57df11b8f91c0b2572f13a..dfddd2dda9e593bd02d52dee7d06f520a11bbdf6 100644
|
|
|
ecf709 |
--- a/src/db/sysdb_private.h
|
|
|
ecf709 |
+++ b/src/db/sysdb_private.h
|
|
|
ecf709 |
@@ -191,7 +191,8 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
bool enumerate,
|
|
|
ecf709 |
const char *forest,
|
|
|
ecf709 |
const char **upn_suffixes,
|
|
|
ecf709 |
- uint32_t trust_direction);
|
|
|
ecf709 |
+ uint32_t trust_direction,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb);
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Helper functions to deal with the timestamp cache should not be used
|
|
|
ecf709 |
* outside the sysdb itself. The timestamp cache should be completely
|
|
|
ecf709 |
diff --git a/src/db/sysdb_subdomains.c b/src/db/sysdb_subdomains.c
|
|
|
ecf709 |
index 01f49763b712769f4f74df47961526e5b1514cd4..916dbba153d8c08837425f6fd29a20f5a6aa9fc9 100644
|
|
|
ecf709 |
--- a/src/db/sysdb_subdomains.c
|
|
|
ecf709 |
+++ b/src/db/sysdb_subdomains.c
|
|
|
ecf709 |
@@ -23,6 +23,10 @@
|
|
|
ecf709 |
#include "util/util.h"
|
|
|
ecf709 |
#include "db/sysdb_private.h"
|
|
|
ecf709 |
|
|
|
ecf709 |
+static errno_t
|
|
|
ecf709 |
+check_subdom_config_file(struct confdb_ctx *confdb,
|
|
|
ecf709 |
+ struct sss_domain_info *subdomain);
|
|
|
ecf709 |
+
|
|
|
ecf709 |
struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
struct sss_domain_info *parent,
|
|
|
ecf709 |
const char *name,
|
|
|
ecf709 |
@@ -33,10 +37,12 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
bool enumerate,
|
|
|
ecf709 |
const char *forest,
|
|
|
ecf709 |
const char **upn_suffixes,
|
|
|
ecf709 |
- uint32_t trust_direction)
|
|
|
ecf709 |
+ uint32_t trust_direction,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
struct sss_domain_info *dom;
|
|
|
ecf709 |
bool inherit_option;
|
|
|
ecf709 |
+ errno_t ret;
|
|
|
ecf709 |
|
|
|
ecf709 |
DEBUG(SSSDBG_TRACE_FUNC,
|
|
|
ecf709 |
"Creating [%s] as subdomain of [%s]!\n", name, parent->name);
|
|
|
ecf709 |
@@ -160,6 +166,17 @@ struct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
}
|
|
|
ecf709 |
dom->sysdb = parent->sysdb;
|
|
|
ecf709 |
|
|
|
ecf709 |
+ if (confdb != NULL) {
|
|
|
ecf709 |
+ /* If confdb was provided, also check for sssd.conf */
|
|
|
ecf709 |
+ ret = check_subdom_config_file(confdb, dom);
|
|
|
ecf709 |
+ if (ret != EOK) {
|
|
|
ecf709 |
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
|
|
ecf709 |
+ "Failed to read subdomain configuration [%d]: %s",
|
|
|
ecf709 |
+ ret, sss_strerror(ret));
|
|
|
ecf709 |
+ goto fail;
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
return dom;
|
|
|
ecf709 |
|
|
|
ecf709 |
fail:
|
|
|
ecf709 |
@@ -167,6 +184,45 @@ fail:
|
|
|
ecf709 |
return NULL;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
+static errno_t
|
|
|
ecf709 |
+check_subdom_config_file(struct confdb_ctx *confdb,
|
|
|
ecf709 |
+ struct sss_domain_info *subdomain)
|
|
|
ecf709 |
+{
|
|
|
ecf709 |
+ char *sd_conf_path;
|
|
|
ecf709 |
+ TALLOC_CTX *tmp_ctx;
|
|
|
ecf709 |
+ errno_t ret;
|
|
|
ecf709 |
+
|
|
|
ecf709 |
+ tmp_ctx = talloc_new(NULL);
|
|
|
ecf709 |
+ if (tmp_ctx == NULL) {
|
|
|
ecf709 |
+ return ENOMEM;
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
+ sd_conf_path = subdomain_create_conf_path(tmp_ctx, subdomain);
|
|
|
ecf709 |
+ if (sd_conf_path == NULL) {
|
|
|
ecf709 |
+ ret = ENOMEM;
|
|
|
ecf709 |
+ goto done;
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
+ /* use_fully_qualified_names */
|
|
|
ecf709 |
+ ret = confdb_get_bool(confdb, sd_conf_path, CONFDB_DOMAIN_FQ,
|
|
|
ecf709 |
+ true, &subdomain->fqnames);
|
|
|
ecf709 |
+ if (ret != EOK) {
|
|
|
ecf709 |
+ DEBUG(SSSDBG_OP_FAILURE,
|
|
|
ecf709 |
+ "Failed to get %s option for the subdomain: %s\n",
|
|
|
ecf709 |
+ CONFDB_DOMAIN_FQ, subdomain->name);
|
|
|
ecf709 |
+ goto done;
|
|
|
ecf709 |
+ }
|
|
|
ecf709 |
+
|
|
|
ecf709 |
+ DEBUG(SSSDBG_CONF_SETTINGS, "%s/%s has value %s\n",
|
|
|
ecf709 |
+ sd_conf_path, CONFDB_DOMAIN_FQ,
|
|
|
ecf709 |
+ subdomain->fqnames ? "TRUE" : "FALSE");
|
|
|
ecf709 |
+
|
|
|
ecf709 |
+ ret = EOK;
|
|
|
ecf709 |
+done:
|
|
|
ecf709 |
+ talloc_free(tmp_ctx);
|
|
|
ecf709 |
+ return ret;
|
|
|
ecf709 |
+}
|
|
|
ecf709 |
+
|
|
|
ecf709 |
static bool is_forest_root(struct sss_domain_info *d)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
if (d->forest == NULL) {
|
|
|
ecf709 |
@@ -232,7 +288,8 @@ static void link_forest_roots(struct sss_domain_info *domain)
|
|
|
ecf709 |
}
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
-errno_t sysdb_update_subdomains(struct sss_domain_info *domain)
|
|
|
ecf709 |
+errno_t sysdb_update_subdomains(struct sss_domain_info *domain,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
int i;
|
|
|
ecf709 |
errno_t ret;
|
|
|
ecf709 |
@@ -451,7 +508,7 @@ errno_t sysdb_update_subdomains(struct sss_domain_info *domain)
|
|
|
ecf709 |
if (dom == NULL) {
|
|
|
ecf709 |
dom = new_subdomain(domain, domain, name, realm,
|
|
|
ecf709 |
flat, id, mpg, enumerate, forest,
|
|
|
ecf709 |
- upn_suffixes, trust_direction);
|
|
|
ecf709 |
+ upn_suffixes, trust_direction, confdb);
|
|
|
ecf709 |
if (dom == NULL) {
|
|
|
ecf709 |
ret = ENOMEM;
|
|
|
ecf709 |
goto done;
|
|
|
ecf709 |
diff --git a/src/man/sssd.conf.5.xml b/src/man/sssd.conf.5.xml
|
|
|
ecf709 |
index 284402bc00d37c6c33bf195d2bd719300f265851..1c27742cf0c1b6ffad23ab5b044bf4a168ed8f69 100644
|
|
|
ecf709 |
--- a/src/man/sssd.conf.5.xml
|
|
|
ecf709 |
+++ b/src/man/sssd.conf.5.xml
|
|
|
ecf709 |
@@ -2780,7 +2780,8 @@ subdomain_inherit = ldap_purge_cache_timeout
|
|
|
ecf709 |
<para>ldap_service_search_base,</para>
|
|
|
ecf709 |
<para>ad_server,</para>
|
|
|
ecf709 |
<para>ad_backup_server,</para>
|
|
|
ecf709 |
- <para>ad_site.</para>
|
|
|
ecf709 |
+ <para>ad_site,</para>
|
|
|
ecf709 |
+ <para>use_fully_qualified_names</para>
|
|
|
ecf709 |
<para>
|
|
|
ecf709 |
For more details about these options see their individual description
|
|
|
ecf709 |
in the manual page.
|
|
|
ecf709 |
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
|
|
|
ecf709 |
index eecae9c9ca82ad67874c13a3c7b7c617d6232d5c..bc659b2cb0a02723437d24d0021ec3592381e84c 100644
|
|
|
ecf709 |
--- a/src/providers/ad/ad_subdomains.c
|
|
|
ecf709 |
+++ b/src/providers/ad/ad_subdomains.c
|
|
|
ecf709 |
@@ -656,7 +656,8 @@ static errno_t ad_subdom_reinit(struct ad_subdomains_ctx *subdoms_ctx)
|
|
|
ecf709 |
/* Just continue */
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(subdoms_ctx->be_ctx->domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(subdoms_ctx->be_ctx->domain,
|
|
|
ecf709 |
+ subdoms_ctx->be_ctx->cdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_OP_FAILURE, "sysdb_update_subdomains failed.\n");
|
|
|
ecf709 |
return ret;
|
|
|
ecf709 |
diff --git a/src/providers/ipa/ipa_subdomains.c b/src/providers/ipa/ipa_subdomains.c
|
|
|
ecf709 |
index 7537550606ef09c0b87a80932c75aa4f93c0efab..a07b88fe2f499353293ba90345552413c9792f4b 100644
|
|
|
ecf709 |
--- a/src/providers/ipa/ipa_subdomains.c
|
|
|
ecf709 |
+++ b/src/providers/ipa/ipa_subdomains.c
|
|
|
ecf709 |
@@ -126,7 +126,7 @@ ipa_subdom_reinit(struct ipa_subdomains_ctx *ctx)
|
|
|
ecf709 |
return ret;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(ctx->be_ctx->domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(ctx->be_ctx->domain, ctx->be_ctx->cdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_OP_FAILURE, "sysdb_update_subdomains failed.\n");
|
|
|
ecf709 |
return ret;
|
|
|
ecf709 |
@@ -780,7 +780,8 @@ done:
|
|
|
ecf709 |
static errno_t ipa_apply_view(struct sss_domain_info *domain,
|
|
|
ecf709 |
struct ipa_id_ctx *ipa_id_ctx,
|
|
|
ecf709 |
const char *view_name,
|
|
|
ecf709 |
- bool read_at_init)
|
|
|
ecf709 |
+ bool read_at_init,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
const char *current = ipa_id_ctx->view_name;
|
|
|
ecf709 |
struct sysdb_ctx *sysdb = domain->sysdb;
|
|
|
ecf709 |
@@ -876,7 +877,7 @@ static errno_t ipa_apply_view(struct sss_domain_info *domain,
|
|
|
ecf709 |
goto done;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(domain, confdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_OP_FAILURE, "sysdb_update_subdomains failed "
|
|
|
ecf709 |
"[%d]: %s\n", ret, sss_strerror(ret));
|
|
|
ecf709 |
@@ -1654,7 +1655,8 @@ static void ipa_subdomains_view_name_done(struct tevent_req *subreq)
|
|
|
ecf709 |
|
|
|
ecf709 |
ret = ipa_apply_view(state->sd_ctx->be_ctx->domain,
|
|
|
ecf709 |
state->sd_ctx->ipa_id_ctx, view_name,
|
|
|
ecf709 |
- state->sd_ctx->view_read_at_init);
|
|
|
ecf709 |
+ state->sd_ctx->view_read_at_init,
|
|
|
ecf709 |
+ state->sd_ctx->be_ctx->cdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to set view [%d]: %s\n",
|
|
|
ecf709 |
ret, sss_strerror(ret));
|
|
|
ecf709 |
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
|
|
|
ecf709 |
index 0f39d107dad6c458785b1b8d708e60d7c34e3901..0f9c01214631200f9687635f6302fa5c07e8a1fe 100644
|
|
|
ecf709 |
--- a/src/responder/common/responder_get_domains.c
|
|
|
ecf709 |
+++ b/src/responder/common/responder_get_domains.c
|
|
|
ecf709 |
@@ -126,7 +126,8 @@ get_next_domain_recv(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
/* ====== Iterate over all domains, searching for their subdomains ======= */
|
|
|
ecf709 |
-static errno_t process_subdomains(struct sss_domain_info *dom);
|
|
|
ecf709 |
+static errno_t process_subdomains(struct sss_domain_info *dom,
|
|
|
ecf709 |
+ struct confdb_ctx *confdb);
|
|
|
ecf709 |
static void set_time_of_last_request(struct resp_ctx *rctx);
|
|
|
ecf709 |
static errno_t check_last_request(struct resp_ctx *rctx, const char *hint);
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -234,7 +235,7 @@ sss_dp_get_domains_process(struct tevent_req *subreq)
|
|
|
ecf709 |
goto fail;
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = process_subdomains(state->dom);
|
|
|
ecf709 |
+ ret = process_subdomains(state->dom, state->rctx->cdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_OP_FAILURE, "process_subdomains failed, "
|
|
|
ecf709 |
"trying next domain.\n");
|
|
|
ecf709 |
@@ -270,7 +271,7 @@ fail:
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
static errno_t
|
|
|
ecf709 |
-process_subdomains(struct sss_domain_info *domain)
|
|
|
ecf709 |
+process_subdomains(struct sss_domain_info *domain, struct confdb_ctx *confdb)
|
|
|
ecf709 |
{
|
|
|
ecf709 |
int ret;
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -288,7 +289,7 @@ process_subdomains(struct sss_domain_info *domain)
|
|
|
ecf709 |
/* Retrieve all subdomains of this domain from sysdb
|
|
|
ecf709 |
* and create their struct sss_domain_info representations
|
|
|
ecf709 |
*/
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(domain, confdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_FUNC_DATA, "sysdb_update_subdomains failed.\n");
|
|
|
ecf709 |
goto done;
|
|
|
ecf709 |
diff --git a/src/tests/cmocka/test_fqnames.c b/src/tests/cmocka/test_fqnames.c
|
|
|
ecf709 |
index 19788248a39774bb4509363145ac4ce0815b7d28..0ed42a597b7787635c4971b4f1c3d9976949ccd2 100644
|
|
|
ecf709 |
--- a/src/tests/cmocka/test_fqnames.c
|
|
|
ecf709 |
+++ b/src/tests/cmocka/test_fqnames.c
|
|
|
ecf709 |
@@ -309,7 +309,7 @@ static int parse_name_test_setup(void **state)
|
|
|
ecf709 |
* discovered
|
|
|
ecf709 |
*/
|
|
|
ecf709 |
test_ctx->subdom = new_subdomain(dom, dom, SUBDOMNAME, NULL, SUBFLATNAME,
|
|
|
ecf709 |
- NULL, false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ NULL, false, false, NULL, NULL, 0, NULL);
|
|
|
ecf709 |
assert_non_null(test_ctx->subdom);
|
|
|
ecf709 |
|
|
|
ecf709 |
check_leaks_push(test_ctx);
|
|
|
ecf709 |
diff --git a/src/tests/cmocka/test_ipa_subdomains_server.c b/src/tests/cmocka/test_ipa_subdomains_server.c
|
|
|
ecf709 |
index 123cf11c01ef4687eecad31a9d73120a87c643e1..ca48425aca69e58358f5fd37e4b8238bfa9efe15 100644
|
|
|
ecf709 |
--- a/src/tests/cmocka/test_ipa_subdomains_server.c
|
|
|
ecf709 |
+++ b/src/tests/cmocka/test_ipa_subdomains_server.c
|
|
|
ecf709 |
@@ -263,7 +263,7 @@ static void add_test_subdomains(struct trust_test_ctx *test_ctx,
|
|
|
ecf709 |
direction, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
}
|
|
|
ecf709 |
diff --git a/src/tests/cmocka/test_nss_srv.c b/src/tests/cmocka/test_nss_srv.c
|
|
|
ecf709 |
index 50714715cc80338640f2a77ecbe17bd5e0d6e911..3d7e0382197401cb2264671712152fe0709296b6 100644
|
|
|
ecf709 |
--- a/src/tests/cmocka/test_nss_srv.c
|
|
|
ecf709 |
+++ b/src/tests/cmocka/test_nss_srv.c
|
|
|
ecf709 |
@@ -3206,7 +3206,8 @@ static int nss_subdom_test_setup(void **state)
|
|
|
ecf709 |
|
|
|
ecf709 |
subdomain = new_subdomain(nss_test_ctx, nss_test_ctx->tctx->dom,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
- false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ false, false, NULL, NULL, 0,
|
|
|
ecf709 |
+ nss_test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_non_null(subdomain);
|
|
|
ecf709 |
|
|
|
ecf709 |
ret = sysdb_subdomain_store(nss_test_ctx->tctx->sysdb,
|
|
|
ecf709 |
@@ -3214,7 +3215,8 @@ static int nss_subdom_test_setup(void **state)
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(nss_test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(nss_test_ctx->tctx->dom,
|
|
|
ecf709 |
+ nss_test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
nss_test_ctx->subdom = subdomain;
|
|
|
ecf709 |
diff --git a/src/tests/cmocka/test_sysdb_subdomains.c b/src/tests/cmocka/test_sysdb_subdomains.c
|
|
|
ecf709 |
index 49f44998a06740d1df70ac354ee741824acd8f50..84bcdc17b39dbc8822097c2006f157a09ea5e466 100644
|
|
|
ecf709 |
--- a/src/tests/cmocka/test_sysdb_subdomains.c
|
|
|
ecf709 |
+++ b/src/tests/cmocka/test_sysdb_subdomains.c
|
|
|
ecf709 |
@@ -103,7 +103,7 @@ static void test_sysdb_subdomain_create(void **state)
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
assert_non_null(test_ctx->tctx->dom->subdomains);
|
|
|
ecf709 |
@@ -115,7 +115,7 @@ static void test_sysdb_subdomain_create(void **state)
|
|
|
ecf709 |
false, false, NULL, 1, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
assert_non_null(test_ctx->tctx->dom->subdomains->next);
|
|
|
ecf709 |
@@ -133,7 +133,7 @@ static void test_sysdb_subdomain_create(void **state)
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
assert_int_equal(test_ctx->tctx->dom->subdomains->trust_direction, 1);
|
|
|
ecf709 |
@@ -145,7 +145,7 @@ static void test_sysdb_subdomain_create(void **state)
|
|
|
ecf709 |
ret = sysdb_subdomain_delete(test_ctx->tctx->sysdb, dom1[0]);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
assert_int_equal(sss_domain_get_state(test_ctx->tctx->dom->subdomains),
|
|
|
ecf709 |
@@ -235,11 +235,11 @@ static void test_sysdb_link_forest_root_ipa(void **state)
|
|
|
ecf709 |
0, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Also update dom2 */
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom->next);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom->next, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
sub = find_domain_by_name(test_ctx->tctx->dom, dom1[0], true);
|
|
|
ecf709 |
@@ -315,11 +315,11 @@ static void test_sysdb_link_forest_root_ad(void **state)
|
|
|
ecf709 |
0, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Also update dom2 */
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom->next);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom->next, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
assert_non_null(test_ctx->tctx->dom->forest_root);
|
|
|
ecf709 |
@@ -395,14 +395,15 @@ static void test_sysdb_link_forest_member_ad(void **state)
|
|
|
ecf709 |
ret = sysdb_master_domain_update(test_ctx->tctx->dom);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom, test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Also update dom2 */
|
|
|
ecf709 |
ret = sysdb_master_domain_update(test_ctx->tctx->dom->next);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->tctx->dom->next);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->tctx->dom->next,
|
|
|
ecf709 |
+ test_ctx->tctx->confdb);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Checks */
|
|
|
ecf709 |
@@ -472,7 +473,7 @@ static void test_sysdb_link_ad_multidom(void **state)
|
|
|
ecf709 |
ret = sysdb_master_domain_update(main_dom1);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(main_dom1);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(main_dom1, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
ret = sysdb_master_domain_add_info(main_dom2,
|
|
|
ecf709 |
@@ -492,7 +493,7 @@ static void test_sysdb_link_ad_multidom(void **state)
|
|
|
ecf709 |
ret = sysdb_master_domain_update(main_dom2);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(main_dom2);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(main_dom2, NULL);
|
|
|
ecf709 |
assert_int_equal(ret, EOK);
|
|
|
ecf709 |
|
|
|
ecf709 |
main_dom1 = find_domain_by_name(test_ctx->tctx->dom, TEST_DOM1_NAME, true);
|
|
|
ecf709 |
diff --git a/src/tests/sysdb-tests.c b/src/tests/sysdb-tests.c
|
|
|
ecf709 |
index 5bdd631fbfa1b4463fb169e5f07b65fb2c784096..1767dc3c734c6b2e5f74564debd603e2442f491b 100644
|
|
|
ecf709 |
--- a/src/tests/sysdb-tests.c
|
|
|
ecf709 |
+++ b/src/tests/sysdb-tests.c
|
|
|
ecf709 |
@@ -1395,7 +1395,7 @@ START_TEST (test_sysdb_get_user_attr_subdomain)
|
|
|
ecf709 |
/* Create subdomain */
|
|
|
ecf709 |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
ecf709 |
"test.sub", "TEST.SUB", "test", "S-3",
|
|
|
ecf709 |
- false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ false, false, NULL, NULL, 0, NULL);
|
|
|
ecf709 |
fail_if(subdomain == NULL, "Failed to create new subdomain.");
|
|
|
ecf709 |
|
|
|
ecf709 |
ret = sss_names_init_from_args(test_ctx,
|
|
|
ecf709 |
@@ -5821,14 +5821,14 @@ START_TEST(test_sysdb_subdomain_store_user)
|
|
|
ecf709 |
|
|
|
ecf709 |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
- false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ false, false, NULL, NULL, 0, NULL);
|
|
|
ecf709 |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
ecf709 |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
fail_if(ret != EOK, "Could not set up the test (test subdom)");
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->domain, NULL);
|
|
|
ecf709 |
fail_unless(ret == EOK, "sysdb_update_subdomains failed with [%d][%s]",
|
|
|
ecf709 |
ret, strerror(ret));
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -5900,14 +5900,14 @@ START_TEST(test_sysdb_subdomain_user_ops)
|
|
|
ecf709 |
|
|
|
ecf709 |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
- false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ false, false, NULL, NULL, 0, NULL);
|
|
|
ecf709 |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
ecf709 |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
fail_if(ret != EOK, "Could not set up the test (test subdom)");
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->domain, NULL);
|
|
|
ecf709 |
fail_unless(ret == EOK, "sysdb_update_subdomains failed with [%d][%s]",
|
|
|
ecf709 |
ret, strerror(ret));
|
|
|
ecf709 |
|
|
|
ecf709 |
@@ -5973,14 +5973,14 @@ START_TEST(test_sysdb_subdomain_group_ops)
|
|
|
ecf709 |
|
|
|
ecf709 |
subdomain = new_subdomain(test_ctx, test_ctx->domain,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
- false, false, NULL, NULL, 0);
|
|
|
ecf709 |
+ false, false, NULL, NULL, 0, NULL);
|
|
|
ecf709 |
fail_unless(subdomain != NULL, "Failed to create new subdomin.");
|
|
|
ecf709 |
ret = sysdb_subdomain_store(test_ctx->sysdb,
|
|
|
ecf709 |
testdom[0], testdom[1], testdom[2], testdom[3],
|
|
|
ecf709 |
false, false, NULL, 0, NULL);
|
|
|
ecf709 |
fail_if(ret != EOK, "Could not set up the test (test subdom)");
|
|
|
ecf709 |
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(test_ctx->domain);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(test_ctx->domain, NULL);
|
|
|
ecf709 |
fail_unless(ret == EOK, "sysdb_update_subdomains failed with [%d][%s]",
|
|
|
ecf709 |
ret, strerror(ret));
|
|
|
ecf709 |
|
|
|
ecf709 |
diff --git a/src/tools/common/sss_tools.c b/src/tools/common/sss_tools.c
|
|
|
ecf709 |
index 0f4f46894130daf722641f25a4cdfaae220252cc..97a3caab3bec88c5727eea2f08b200f1d3b23f0c 100644
|
|
|
ecf709 |
--- a/src/tools/common/sss_tools.c
|
|
|
ecf709 |
+++ b/src/tools/common/sss_tools.c
|
|
|
ecf709 |
@@ -154,7 +154,7 @@ static errno_t sss_tool_domains_init(TALLOC_CTX *mem_ctx,
|
|
|
ecf709 |
}
|
|
|
ecf709 |
|
|
|
ecf709 |
/* Update list of subdomains for this domain */
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(dom);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(dom, confdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_MINOR_FAILURE,
|
|
|
ecf709 |
"Failed to update subdomains for domain %s.\n",
|
|
|
ecf709 |
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
|
|
|
ecf709 |
index 59e49a8aa92e3a08ec80e0597304f1a4af0a02be..8a40b38c07f7e76cde5b98e5916816581fea7973 100644
|
|
|
ecf709 |
--- a/src/tools/sss_cache.c
|
|
|
ecf709 |
+++ b/src/tools/sss_cache.c
|
|
|
ecf709 |
@@ -158,7 +158,7 @@ int main(int argc, const char *argv[])
|
|
|
ecf709 |
dinfo = get_next_domain(dinfo, SSS_GND_DESCEND)) {
|
|
|
ecf709 |
if (!IS_SUBDOMAIN(dinfo)) {
|
|
|
ecf709 |
/* Update list of subdomains for this domain */
|
|
|
ecf709 |
- ret = sysdb_update_subdomains(dinfo);
|
|
|
ecf709 |
+ ret = sysdb_update_subdomains(dinfo, tctx->confdb);
|
|
|
ecf709 |
if (ret != EOK) {
|
|
|
ecf709 |
DEBUG(SSSDBG_MINOR_FAILURE,
|
|
|
ecf709 |
"Failed to update subdomains for domain %s.\n", dinfo->name);
|
|
|
ecf709 |
--
|
|
|
ecf709 |
2.9.3
|
|
|
ecf709 |
|