From 7d8b28ad691335ebb679c6230b5e4818a7434bc5 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek Date: Sat, 23 Mar 2019 22:18:18 +0100 Subject: [PATCH] SYSDB: Index the ccacheFile attribute Related: https://pagure.io/SSSD/sssd/issue/3968 The Kerberos ticket renewal code searches for user entries which have the ccacheFile attribute set. Since the search can potentially traverse all the users, it might be a good idea to index the attribute. Reviewed-by: Alexey Tikhonov (cherry picked from commit 96013bbb7d937d1a9e4e5c678df3034520d98f32) --- src/db/sysdb_init.c | 7 ++++++ src/db/sysdb_private.h | 5 +++- src/db/sysdb_upgrade.c | 52 ++++++++++++++++++++++++++++++++++++++++++ 3 files changed, 63 insertions(+), 1 deletion(-) diff --git a/src/db/sysdb_init.c b/src/db/sysdb_init.c index 89f8c6a5b..48e21baab 100644 --- a/src/db/sysdb_init.c +++ b/src/db/sysdb_init.c @@ -558,6 +558,13 @@ static errno_t sysdb_domain_cache_upgrade(TALLOC_CTX *mem_ctx, } } + if (strcmp(version, SYSDB_VERSION_0_20) == 0) { + ret = sysdb_upgrade_20(sysdb, &version); + if (ret != EOK) { + goto done; + } + } + ret = EOK; done: diff --git a/src/db/sysdb_private.h b/src/db/sysdb_private.h index c297715cd..58544d826 100644 --- a/src/db/sysdb_private.h +++ b/src/db/sysdb_private.h @@ -23,6 +23,7 @@ #ifndef __INT_SYS_DB_H__ #define __INT_SYS_DB_H__ +#define SYSDB_VERSION_0_21 "0.21" #define SYSDB_VERSION_0_20 "0.20" #define SYSDB_VERSION_0_19 "0.19" #define SYSDB_VERSION_0_18 "0.18" @@ -44,7 +45,7 @@ #define SYSDB_VERSION_0_2 "0.2" #define SYSDB_VERSION_0_1 "0.1" -#define SYSDB_VERSION SYSDB_VERSION_0_20 +#define SYSDB_VERSION SYSDB_VERSION_0_21 #define SYSDB_BASE_LDIF \ "dn: @ATTRIBUTES\n" \ @@ -79,6 +80,7 @@ "@IDXATTR: uniqueID\n" \ "@IDXATTR: mail\n" \ "@IDXATTR: userMappedCertificate\n" \ + "@IDXATTR: ccacheFile\n" \ "\n" \ "dn: @MODULES\n" \ "@LIST: asq,memberof\n" \ @@ -171,6 +173,7 @@ int sysdb_upgrade_17(struct sysdb_ctx *sysdb, const char **ver); int sysdb_upgrade_18(struct sysdb_ctx *sysdb, const char **ver); int sysdb_upgrade_19(struct sysdb_ctx *sysdb, const char **ver); +int sysdb_upgrade_20(struct sysdb_ctx *sysdb, const char **ver); int sysdb_ts_upgrade_01(struct sysdb_ctx *sysdb, const char **ver); diff --git a/src/db/sysdb_upgrade.c b/src/db/sysdb_upgrade.c index 46df971e9..f6a481147 100644 --- a/src/db/sysdb_upgrade.c +++ b/src/db/sysdb_upgrade.c @@ -2501,6 +2501,58 @@ done: return ret; } +int sysdb_upgrade_20(struct sysdb_ctx *sysdb, const char **ver) +{ + struct upgrade_ctx *ctx; + errno_t ret; + struct ldb_message *msg = NULL; + + ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_21, &ctx); + if (ret) { + return ret; + } + + /* Add missing indices */ + msg = ldb_msg_new(ctx); + if (msg == NULL) { + ret = ENOMEM; + goto done; + } + + msg->dn = ldb_dn_new(msg, sysdb->ldb, "@INDEXLIST"); + if (msg->dn == NULL) { + ret = ENOMEM; + goto done; + } + + ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL); + if (ret != LDB_SUCCESS) { + ret = ENOMEM; + goto done; + } + + ret = ldb_msg_add_string(msg, "@IDXATTR", SYSDB_CCACHE_FILE); + if (ret != LDB_SUCCESS) { + ret = ENOMEM; + goto done; + } + + ret = ldb_modify(sysdb->ldb, msg); + if (ret != LDB_SUCCESS) { + ret = sysdb_error_to_errno(ret); + goto done; + } + + talloc_free(msg); + + /* conversion done, update version number */ + ret = update_version(ctx); + +done: + ret = finish_upgrade(ret, &ctx, ver); + return ret; +} + int sysdb_ts_upgrade_01(struct sysdb_ctx *sysdb, const char **ver) { struct upgrade_ctx *ctx; -- 2.19.1