Lines Matching defs:conv
190 static bool is_ipacmdgroup(struct ipa_sudo_conv *conv, const char *dn)
192 if (ipa_check_rdn_bool(conv->dom->sysdb, dn,
193 MATCHRDN_CMDGROUPS(conv->map_cmdgroup))) {
200 static bool is_ipacmd(struct ipa_sudo_conv *conv, const char *dn)
202 if (ipa_check_rdn_bool(conv->dom->sysdb, dn,
203 MATCHRDN_CMDS(IPA_AT_SUDOCMD_UUID, conv->map_cmd))) {
208 if (ipa_check_rdn_bool(conv->dom->sysdb, dn,
209 MATCHRDN_CMDS(IPA_AT_SUDOCMD_CMD, conv->map_cmd))) {
218 struct ipa_sudo_conv *conv,
242 if (is_ipacmdgroup(conv, members[i])) {
244 conv->cmdgroups, members[i]);
251 } else if (is_ipacmd(conv, members[i])) {
253 conv->cmds, members[i]);
275 process_allowcmd(struct ipa_sudo_conv *conv,
278 return process_rulemember(rule, conv, &rule->allow, rule->attrs,
283 process_denycmd(struct ipa_sudo_conv *conv,
286 return process_rulemember(rule, conv, &rule->deny, rule->attrs,
291 process_cmdgroupmember(struct ipa_sudo_conv *conv,
315 ret = ipa_sudo_conv_store(conv->cmds, members[i], NULL);
354 struct ipa_sudo_conv *conv;
357 conv = talloc_zero(mem_ctx, struct ipa_sudo_conv);
358 if (conv == NULL) {
362 conv->dom = dom;
363 conv->map_rule = map_rule;
364 conv->map_cmdgroup = map_cmdgroup;
365 conv->map_cmd = map_cmd;
366 conv->map_user = map_user;
367 conv->map_group = map_group;
368 conv->map_host = map_host;
369 conv->map_hostgroup = map_hostgroup;
371 ret = sss_hash_create(conv, 20, &conv->rules);
378 ret = sss_hash_create(conv, 20, &conv->cmdgroups);
385 ret = sss_hash_create(conv, 20, &conv->cmds);
394 talloc_free(conv);
398 return conv;
402 ipa_sudo_conv_rules(struct ipa_sudo_conv *conv,
424 rule = talloc_zero(conv->rules, struct ipa_sudo_rule);
432 ret = process_allowcmd(conv, rule);
439 ret = process_denycmd(conv, rule);
446 ret = ipa_sudo_conv_store(conv->rules, key, rule);
468 ipa_sudo_conv_cmdgroups(struct ipa_sudo_conv *conv,
490 cmdgroup = talloc_zero(conv->cmdgroups, struct ipa_sudo_cmdgroup);
496 ret = process_cmdgroupmember(conv, cmdgroup, cmdgroups[i]);
503 ret = ipa_sudo_conv_store(conv->cmdgroups, key, cmdgroup);
524 ipa_sudo_conv_cmds(struct ipa_sudo_conv *conv,
553 ret = ipa_sudo_conv_store(conv->cmds, key, discard_const(cmd));
568 ipa_sudo_conv_has_cmdgroups(struct ipa_sudo_conv *conv)
570 return hash_count(conv->cmdgroups) == 0;
574 ipa_sudo_conv_has_cmds(struct ipa_sudo_conv *conv)
576 return hash_count(conv->cmds) == 0;
580 ipa_sudo_cmdgroups_exceed_threshold(struct ipa_sudo_conv *conv, int threshold)
582 return (hash_count(conv->cmdgroups)) > threshold;
585 ipa_sudo_cmds_exceed_threshold(struct ipa_sudo_conv *conv, int threshold)
587 return (hash_count(conv->cmds)) > threshold;
736 struct ipa_sudo_conv *conv,
739 if (ipa_sudo_cmdgroups_exceed_threshold(conv, cmd_threshold)) {
744 conv->map_cmdgroup->name);
746 return build_filter(mem_ctx, conv->dom->sysdb, conv->cmdgroups,
747 conv->map_cmdgroup, get_sudo_cmdgroup_rdn);
753 struct ipa_sudo_conv *conv,
756 if (ipa_sudo_cmdgroups_exceed_threshold(conv, cmd_threshold)) {
761 conv->map_cmd->name);
763 return build_filter(mem_ctx, conv->dom->sysdb, conv->cmds,
764 conv->map_cmd, get_sudo_cmd_rdn);
769 struct ipa_sudo_conv *conv;
777 struct ipa_sudo_conv *conv,
787 ret = ipa_get_rdn(mem_ctx, conv->dom->sysdb, value, &rdn,
788 MATCHRDN_HOST(conv->map_host));
797 ret = ipa_get_rdn(mem_ctx, conv->dom->sysdb, value, &rdn,
798 MATCHRDN_HOSTGROUP(conv->map_hostgroup));
817 struct ipa_sudo_conv *conv,
827 ret = ipa_get_rdn(mem_ctx, conv->dom->sysdb, value, &rdn,
828 MATCHRDN_USER(conv->map_user));
837 ret = ipa_get_rdn(mem_ctx, conv->dom->sysdb, value, &rdn,
838 MATCHRDN_GROUP(conv->map_group));
857 struct ipa_sudo_conv *conv,
866 shortname = convert_user(mem_ctx, conv, value, skip_entry);
871 fqdn = sss_create_internal_fqname(mem_ctx, shortname, conv->dom->name);
878 struct ipa_sudo_conv *conv,
882 return sss_create_internal_fqname(mem_ctx, value, conv->dom->name);
887 struct ipa_sudo_conv *conv,
896 ret = ipa_get_rdn(mem_ctx, conv->dom->sysdb, value, &rdn,
897 MATCHRDN_GROUP(conv->map_group));
913 struct ipa_sudo_conv *conv,
922 struct ipa_sudo_conv *conv,
937 convert_attributes(struct ipa_sudo_conv *conv,
951 struct ipa_sudo_conv *conv,
994 value = table[i].conv_fn(tmp_ctx, conv, values[j], &skip_entry);
1025 struct ipa_sudo_conv *conv,
1046 cmdgroup = ipa_sudo_conv_lookup(conv->cmdgroups, listitem->dn);
1069 struct ipa_sudo_conv *conv,
1087 command = ipa_sudo_conv_lookup(conv->cmds, listitem->dn);
1100 build_sudocommand(struct ipa_sudo_conv *conv,
1116 cmds[0] = combine_cmdgroups(tmp_ctx, conv, mlist->cmdgroups);
1122 cmds[1] = combine_cmds(tmp_ctx, conv, mlist->cmds);
1159 convert_sudocommand(struct ipa_sudo_conv *conv,
1171 ret = build_sudocommand(conv, &rule->allow, attrs, '\0');
1178 ret = build_sudocommand(conv, &rule->deny, attrs, '!');
1217 ctx->ret = convert_attributes(ctx->conv, rule, attrs);
1225 ctx->ret = convert_sudocommand(ctx->conv, rule, attrs);
1258 values = combine_cmds(cmdgroup, ctx->conv, cmdgroup->cmds);
1273 struct ipa_sudo_conv *conv,
1282 num_rules = hash_count(conv->rules);
1289 ctx.conv = conv;
1299 hret = hash_iterate(conv->cmdgroups, cmdgroups_iterator, &ctx);
1321 hret = hash_iterate(conv->rules, rules_iterator, &ctx);