DP: Add dp_sbus_invalidate_group_memcache() This function will be called from the data provider to the NSS responder, which will invalidate a group in the memcache. Related: https://pagure.io/SSSD/sssd/issue/2653 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

DP: Create a new handler function getAccountDomain() Adds a new method getAccountDomain() which is a bit similar to getAccountInfo, except it doesn't fetch, parse and store the entry, but just returns the domain or a subdomain the entry was found in. At the moment, the method only supports requests by ID. A default handler is provided (and in this patch used by all the domains) which returns ERR_GET_ACCT_DOM_NOT_SUPPORTED. This return code should be evaluated by the responder so that this DP method is not called again, because it's not supported by the back end type. Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Sumit Bose <sbose@redhat.com>

dp: add method to refresh access control rules Related: https://pagure.io/SSSD/sssd/issue/2840 Reviewed-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

DESKPROFILE: Introduce the new IPA session provider In order to provide FleetCommander[0] integration, a session provider has been introduced for IPA. The design of this feature and more technical details can be found at [1] and [2], which are the design pages of both freeIPA and SSSD parts. As there's no way to test freeIPA integration with our upstream tests, no test has been provided yet. Is also worth to mention that the name "deskprofile" has been chosen instead of "fleetcmd" in order to match with the freeIPA plugin. It means that, for consistence, all source files, directories created, options added, functions prefixes and so on are following the choice accordingly. [0]: https://wiki.gnome.org/Projects/FleetCommander [1]: https://github.com/abbra/freeipa-desktop-profile/blob/master/plugin/Feature.mediawiki [2]: https://docs.pagure.org/SSSD.sssd/design_pages/fleet_commander_integration.html Resolves: https://pagure.io/SSSD/sssd/issue/2995 Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com> Reviewed-by: Pavel Březina <pbrezina@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

DP: Add internal interface to invalidate memory cache from DP Adds an interfae to the Data Provider that allows the DP to notify the NSS responder to invalidate its memory cache records. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

DP: Add internal interface to reset negative cache from DP Adds a an interface that allows the Data Provider to notify responders to drop their negative cache. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

DP: Add internal DP interface to set domain state Adds functions to the interface Data Provider publishes towards back ends that allows the back ends to notify responders that a domain has been enabled or disabled. Reviewed-by: Pavel Březina <pbrezina@redhat.com>

DP: add dp_get_module_data() Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

DP: Introduce new interface for backend Terminology: * Backend: Implemenation of domain * Data Provider: interface between backend and responders * Module: ldap/ipa/ad/... dlopened library that implements dp interface * Target: id/autofs/sudo/... functionality of module Benefits over current code: * data provider is a black box completely separated from backend * method handlers are just simple tevent requests on backend side * no need of spy on be_client * simplified and error proof adding of new responders * simplified adding of new methods * reply to D-Bus message is completely handled by DP code * each target can have several methods defined * properties can be added on objects * each method can have output parameters * modules now support constructor * improved debugging * clear memory hierarchy * ability to chain requests * type safe private data Reviewed-by: Sumit Bose <sbose@redhat.com> Reviewed-by: Jakub Hrozek <jhrozek@redhat.com> Reviewed-by: Lukáš Slebodník <lslebodn@redhat.com>