Searched refs:rule (Results 1 - 21 of 21) sorted by relevance

/sssd-io/src/lib/ipa_hbac/
H A Dhbac_evaluator.c74 static void hbac_rule_debug_print(struct hbac_rule *rule);
106 bool hbac_rule_is_complete(struct hbac_rule *rule, uint32_t *missing_attrs) argument
112 if (rule == NULL) {
113 /* No rule passed in? */
118 if (!hbac_rule_element_is_complete(rule->users)) {
123 if (!hbac_rule_element_is_complete(rule->services)) {
128 if (!hbac_rule_element_is_complete(rule->targethosts)) {
133 if (!hbac_rule_element_is_complete(rule->srchosts)) {
141 enum hbac_eval_result_int hbac_evaluate_rule(struct hbac_rule *rule,
172 /* This rule di
219 hbac_evaluate_rule(struct hbac_rule *rule, struct hbac_eval_req *hbac_req, enum hbac_error_code *error) argument
487 hbac_rule_debug_print(struct hbac_rule *rule) argument
[all...]
H A Dipa_hbac.h108 * Component of an HBAC rule
124 * List of explicit members of this rule component
133 * List of group members of this rule component
143 * HBAC rule object for evaluation
151 * for which this rule applies
157 * rule applies
162 * Target hosts for which this rule apples
167 * Source hosts for which this rule applies
201 * Request object for an HBAC rule evaluation
254 /** Parse error while evaluating rule */
[all...]
/sssd-io/src/lib/certmap/
H A Dsss_certmap_ldap_mapping.c4 Library for rule based certificate to user mapping - LDAP mapping rules
210 static int add_comp(struct sss_certmap_ctx *ctx, struct ldap_mapping_rule *rule, argument
216 comp = talloc_zero(rule, struct ldap_mapping_rule_comp);
236 DLIST_ADD_END(rule->list, comp, struct ldap_mapping_rule_comp *);
242 struct ldap_mapping_rule *rule, const char *string)
244 return add_comp(ctx, rule, string, comp_string);
248 struct ldap_mapping_rule *rule, const char *string)
250 return add_comp(ctx, rule, string, comp_template);
261 struct ldap_mapping_rule *rule = NULL; local
265 rule
241 add_string(struct sss_certmap_ctx *ctx, struct ldap_mapping_rule *rule, const char *string) argument
247 add_template(struct sss_certmap_ctx *ctx, struct ldap_mapping_rule *rule, const char *string) argument
[all...]
H A Dsss_certmap_krb5_match.c4 Library for rule based certificate to user mapping - KRB5 matching rules
67 * [KRB5:][relation-operator]component-rule ...
73 * meaning only one component rule must match. The default is &&.
75 * component-rule
478 struct krb5_match_rule *rule; local
482 rule = talloc_zero(ctx, struct krb5_match_rule);
483 if (rule == NULL) {
491 rule->r = relation_and;
494 rule->r = relation_or;
497 rule
[all...]
H A Dsss_certmap.c4 Library for rule based certificate to user mapping
60 /* rule starts with ':', empty type */
92 CM_DEBUG(ctx, "Failed to read rule type.");
99 CM_DEBUG(ctx, "Failed to parse KRB5 matching rule.");
103 CM_DEBUG(ctx, "Unsupported matching rule type.");
126 CM_DEBUG(ctx, "Failed to read rule type.");
133 CM_DEBUG(ctx, "Failed to parse LDAP mapping rule.");
137 CM_DEBUG(ctx, "Unsupported mapping rule type.");
156 struct match_map_rule *rule; local
168 rule
[all...]
/sssd-io/src/tests/cmocka/
H A Dtest_sysdb_sudo.c90 static void create_rule_attrs(struct sysdb_attrs *rule, int i) argument
94 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_CN,
98 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_HOST,
102 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_RUNASUSER,
106 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_USER,
111 static void create_rule_attrs_multiple_sudoUser(struct sysdb_attrs *rule) argument
115 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_CN,
119 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_HOST,
123 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_RUNASUSER,
128 ret = sysdb_attrs_add_string_safe(rule, SYSDB_SUDO_CACHE_AT_USE
249 struct sysdb_attrs *rule; local
304 struct sysdb_attrs *rule; local
377 struct sysdb_attrs *rule; local
438 struct sysdb_attrs *rule; local
465 struct sysdb_attrs *rule; local
650 struct sysdb_attrs *rule; local
705 struct sysdb_attrs *rule; local
757 struct sysdb_attrs *rule; local
[all...]
H A Dtest_certmap.c920 const char *rule; member in struct:match_tests
1001 for (c = 0; match_tests[c].rule != NULL; c++) {
1007 ret = sss_certmap_add_rule(ctx, 1, match_tests[c].rule, NULL, NULL);
1017 for (c = 0; match_tests_2[c].rule != NULL; c++) {
1023 print_error("Checking matching rule [%s]\n", match_tests_2[c].rule);
1025 ret = sss_certmap_add_rule(ctx, 1, match_tests_2[c].rule, NULL, NULL);
1035 for (c = 0; match_tests_3[c].rule != NULL; c++) {
1041 print_error("Checking matching rule [%s]\n", match_tests_3[c].rule);
[all...]
/sssd-io/src/tests/
H A Dpyhbac-test.py158 rule = pyhbac.HbacRule(name)
159 self.assertEqual(rule.name, unicode(name))
161 rule.name = new_name
162 self.assertEqual(rule.name, unicode(new_name))
165 rule = pyhbac.HbacRule("testRuleGetSetEnabled")
167 rule.enabled = True
168 self.assertEqual(rule.enabled, True)
169 rule.enabled = False
170 self.assertEqual(rule.enabled, False)
172 rule
[all...]
H A Dipa_hbac-tests.c73 struct hbac_rule *rule; local
74 /* Create a rule that ALLOWs all services, users and
77 rule = talloc_zero(mem_ctx, struct hbac_rule);
78 fail_if (rule == NULL);
80 rule->enabled = true;
82 rule->services = talloc_zero(rule, struct hbac_rule_element);
83 fail_if (rule->services == NULL);
84 rule->services->category = HBAC_CATEGORY_ALL;
85 rule
826 struct hbac_rule *rule; local
[all...]
/sssd-io/src/sss_client/sudo_testcli/
H A Dsudo_testcli.c118 struct sss_sudo_rule *rule = NULL; local
127 rule = &result->rules[i];
128 printf("=== Rule %d has %d attributes\n", i, rule->num_attrs);
129 for (j = 0; j < rule->num_attrs; j++) {
130 attr = &rule->attrs[j];
/sssd-io/src/providers/ipa/
H A Dipa_deskprofile_rules_util.h41 struct sysdb_attrs *rule,
H A Dipa_rules_common.h66 const char *rule,
H A Dipa_sudo_conversion.c220 struct sysdb_attrs *rule,
233 ret = sysdb_attrs_get_string_array(rule, attr, tmp_ctx, &members);
276 struct ipa_sudo_rule *rule)
278 return process_rulemember(rule, conv, &rule->allow, rule->attrs,
284 struct ipa_sudo_rule *rule)
286 return process_rulemember(rule, conv, &rule->deny, rule
217 process_rulemember(TALLOC_CTX *mem_ctx, struct ipa_sudo_conv *conv, struct ipa_sudo_rulemember *rulemember, struct sysdb_attrs *rule, const char *attr) argument
275 process_allowcmd(struct ipa_sudo_conv *conv, struct ipa_sudo_rule *rule) argument
283 process_denycmd(struct ipa_sudo_conv *conv, struct ipa_sudo_rule *rule) argument
406 struct ipa_sudo_rule *rule = NULL; local
937 convert_attributes(struct ipa_sudo_conv *conv, struct ipa_sudo_rule *rule, struct sysdb_attrs *attrs) argument
1159 convert_sudocommand(struct ipa_sudo_conv *conv, struct ipa_sudo_rule *rule, struct sysdb_attrs *attrs) argument
1197 struct ipa_sudo_rule *rule = item->value.ptr; local
[all...]
H A Dipa_deskprofile_rules_util.c47 * The rule's filename has to follow a global policy, used by FleetCommander
78 * - rule name: testrule
86 * format, but also create the whole path for this rule's file.
335 struct sysdb_attrs *rule,
423 ret = sysdb_attrs_get_el(rule, IPA_MEMBER_USER, &el);
426 "Failed to get the Desktop Profile Rule memberUser for rule "
450 "Desktop Profile rule \"%s\" matches with the user \"%s\" "
471 "Desktop Profile rule \"%s\" matches with (at least) "
509 struct sysdb_attrs *rule,
593 ret = sysdb_attrs_get_el(rule, IPA_MEMBER_HOS
332 ipa_deskprofile_rule_check_memberuser( TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, struct sysdb_attrs *rule, const char *rule_name, const char *rule_prio, const char *base_dn, const char *username, char **_user_prio, char **_group_prio) argument
507 ipa_deskprofile_rule_check_memberhost(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, struct sysdb_attrs *rule, const char *rule_name, const char *rule_prio, const char *base_dn, const char *hostname, char **_host_prio, char **_hostgroup_prio) argument
681 ipa_deskprofile_rules_save_rule_to_disk( TALLOC_CTX *mem_ctx, uint16_t priority, struct sysdb_attrs *rule, struct sss_domain_info *domain, const char *hostname, const char *username, uid_t uid, gid_t gid) argument
[all...]
H A Dipa_rules_common.c168 const char *rule,
186 filter = talloc_asprintf(tmp_ctx, "(objectClass=%s)", rule);
166 ipa_common_get_cached_rules(TALLOC_CTX *mem_ctx, struct sss_domain_info *domain, const char *rule, const char *subtree_name, const char **attrs, size_t *_rule_count, struct sysdb_attrs ***_rules) argument
H A Dipa_hbac_common.c65 struct hbac_rule **rule);
97 /* Create each rule one at a time */
129 struct hbac_rule **rule)
142 DEBUG(SSSDBG_CONF_SETTINGS, "rule has no name, assuming '(none)'.\n");
150 DEBUG(SSSDBG_TRACE_LIBS, "Processing rule [%s]\n", new_rule->name);
168 "Rule [%s] is not an ALLOW rule\n", new_rule->name);
179 DEBUG(SSSDBG_CRIT_FAILURE, "Could not parse users for rule [%s]\n",
190 DEBUG(SSSDBG_CRIT_FAILURE, "Could not parse services for rule [%s]\n",
202 "Could not parse target hosts for rule [%s]\n",
217 "Could not parse source hosts for rule [
126 hbac_attrs_to_rule(TALLOC_CTX *mem_ctx, struct hbac_ctx *hbac_ctx, size_t idx, struct hbac_rule **rule) argument
[all...]
/sssd-io/src/providers/data_provider/
H A Ddp_target_sudo.c42 const char *rule; local
115 dbus_message_iter_get_basic(&array_iter, &rule);
116 rules[i] = talloc_strdup(rules, rule);
/sssd-io/src/sss_client/sudo/
H A Dsss_sudo.c210 struct sss_sudo_rule *rule = NULL; local
218 rule = rules + i;
220 sss_sudo_free_attrs(rule->num_attrs, rule->attrs);
221 rule->attrs = NULL;
/sssd-io/src/db/
H A Dsysdb_sudo.c73 static errno_t sysdb_sudo_check_time(struct sysdb_attrs *rule, argument
92 ret = sysdb_attrs_get_string(rule, SYSDB_SUDO_CACHE_AT_CN, &name);
111 ret = sysdb_attrs_get_string_array(rule, SYSDB_SUDO_CACHE_AT_NOTBEFORE,
117 DEBUG(SSSDBG_MINOR_FAILURE, "Invalid time format in rule [%s]!\n",
134 ret = sysdb_attrs_get_string_array(rule, SYSDB_SUDO_CACHE_AT_NOTAFTER,
140 DEBUG(SSSDBG_MINOR_FAILURE, "Invalid time format in rule [%s]!\n",
666 sysdb_sudo_get_rule_name(struct sysdb_attrs *rule) argument
671 ret = sysdb_attrs_get_string(rule, SYSDB_SUDO_CACHE_AT_CN, &name);
673 DEBUG(SSSDBG_MINOR_FAILURE, "Warning: found rule that contains none "
677 DEBUG(SSSDBG_OP_FAILURE, "Unable to obtain rule nam
851 sysdb_sudo_add_sss_attrs(struct sysdb_attrs *rule, const char *name, int cache_timeout, time_t now) argument
884 sysdb_sudo_add_lowered_users(struct sss_domain_info *domain, struct sysdb_attrs *rule) argument
934 sysdb_sudo_store_rule(struct sss_domain_info *domain, struct sysdb_attrs *rule, int cache_timeout, time_t now) argument
[all...]
/sssd-io/src/python/
H A Dpyhbac.c284 error->rule_name ? error->rule_name : "no rule");
541 "(set) A set of categories this rule falls into");
567 "HbacRuleElement() -> new empty rule element\n"
645 free_hbac_rule(struct hbac_rule *rule);
925 struct hbac_rule *rule; local
934 rule = HbacRule_to_native(self);
935 if (!rule) {
944 is_valid = hbac_rule_is_complete(rule, &missing);
945 free_hbac_rule(rule);
991 "Validate an HBAC rule\
1079 free_hbac_rule(struct hbac_rule *rule) argument
1095 struct hbac_rule *rule = NULL; local
[all...]
/sssd-io/src/sbus/
H A Dsssd_dbus_signals.c143 const char *rule; local
163 rule = talloc_asprintf(tmp_ctx, "type='signal',interface='%s',member='%s'",
165 if (rule == NULL) {
170 dbus_bus_add_match(conn->dbus.conn, rule, &error);
173 "Cannot add D-Bus match rule, cause: %s\n", error.message);

Completed in 52 milliseconds