src/db/sysdb_idmap.c

	sysdb_idmap.c revision 817b1bcafff27cc67630dd0cbd36df708c05fccc
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher/*
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    SSSD
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    Authors:
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        Stephen Gallagher <sgallagh@redhat.com>
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    Copyright (C) 2012 Red Hat
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    This program is free software; you can redistribute it and/or modify
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    it under the terms of the GNU General Public License as published by
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    the Free Software Foundation; either version 3 of the License, or
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    (at your option) any later version.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    This program is distributed in the hope that it will be useful,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    but WITHOUT ANY WARRANTY; without even the implied warranty of
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    GNU General Public License for more details.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    You should have received a copy of the GNU General Public License
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    along with this program.  If not, see <http://www.gnu.org/licenses/>.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher*/
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher#include "db/sysdb.h"
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher#include "db/sysdb_private.h"
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagherstruct ldb_dn *
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallaghersysdb_idmap_dn(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               const char *object_sid)
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher{
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    errno_t ret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    char *clean_sid;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    struct ldb_dn *dn;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    ret = sysdb_dn_sanitize(NULL, object_sid, &clean_sid);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    if (ret != EOK) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        return NULL;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    DEBUG(SSSDBG_TRACE_ALL,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher          (SYSDB_TMPL_IDMAP"\n", clean_sid, sysdb->domain->name));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    dn = ldb_dn_new_fmt(mem_ctx, sysdb->ldb, SYSDB_TMPL_IDMAP,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                        clean_sid, sysdb->domain->name);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    talloc_free(clean_sid);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    return dn;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher}
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallaghererrno_t
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallaghersysdb_idmap_store_mapping(struct sysdb_ctx *sysdb,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                          const char *dom_name,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                          const char *dom_sid,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                          id_t slice_num)
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher{
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   errno_t ret, sret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   int lret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   bool in_transaction = false;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   TALLOC_CTX *tmp_ctx;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   struct ldb_dn *dn;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   static const char *attrs[] = SYSDB_IDMAP_ATTRS;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   size_t count;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   struct ldb_message *update_msg;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   struct ldb_message **msgs;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   const char *old_name;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   id_t old_slice;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   tmp_ctx = talloc_new(NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (!tmp_ctx) return ENOMEM;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   dn = sysdb_idmap_dn(tmp_ctx, sysdb, dom_sid);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (!dn) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       ret = ENOMEM;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   update_msg = ldb_msg_new(tmp_ctx);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (!update_msg) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       ret = ENOMEM;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   update_msg->dn = dn;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   ret = sysdb_transaction_start(sysdb);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (ret != EOK) goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   in_transaction = true;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   /* Check for an existing mapping */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   ret = sysdb_search_entry(tmp_ctx, sysdb, dn, LDB_SCOPE_BASE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                            NULL, attrs, &count, &msgs);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (ret != EOK && ret != ENOENT) goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (ret == EOK && count != 1) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* More than one reply for a base search? */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       ret = EIO;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   } else if (ret == ENOENT) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Create a new mapping */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       DEBUG(SSSDBG_CONF_SETTINGS,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher             ("Adding new ID mapping [%s][%s][%lu]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher              dom_name, dom_sid, (unsigned long)slice_num));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Add the objectClass */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_empty(update_msg, SYSDB_OBJECTCLASS,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                LDB_FLAG_MOD_ADD,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_string(update_msg, SYSDB_OBJECTCLASS,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                 SYSDB_IDMAP_MAPPING_OC);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Add the domain objectSID */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_empty(update_msg, SYSDB_IDMAP_SID_ATTR,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                LDB_FLAG_MOD_ADD,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_string(update_msg, SYSDB_IDMAP_SID_ATTR, dom_sid);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Add the domain name */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_empty(update_msg, SYSDB_NAME,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                LDB_FLAG_MOD_ADD,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_string(update_msg, SYSDB_NAME, dom_name);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Add the slice number */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_empty(update_msg, SYSDB_IDMAP_SLICE_ATTR,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                LDB_FLAG_MOD_ADD,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_msg_add_fmt(update_msg, SYSDB_IDMAP_SLICE_ATTR,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                              "%lu", (unsigned long)slice_num);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_add(sysdb->ldb, update_msg);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_MINOR_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Failed to add mapping: [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  ldb_strerror(lret)));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   } else {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Update the existing mapping */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Check whether the slice has changed
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        * This should never happen, and it's a recipe for
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        * disaster. We'll throw an error if it does.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       old_slice = ldb_msg_find_attr_as_int(msgs[0],
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                            SYSDB_IDMAP_SLICE_ATTR,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                            -1);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (old_slice == -1) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_CRIT_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Could not identify original slice for SID [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  dom_sid));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = ENOENT;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (slice_num != old_slice) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_FATAL_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Detected attempt to change slice value for sid [%s] "
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  "This will break existing users. Refusing to perform.\n"));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = EINVAL;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       /* Check whether the name has changed. This may happen
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        * if we're told the real name of a domain and want to
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        * replace the SID as placeholder.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       old_name = ldb_msg_find_attr_as_string(msgs[0], SYSDB_NAME, NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (!old_name) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_CRIT_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Could not identify original domain name of SID [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  dom_sid));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = ENOENT;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (strcmp(old_name, dom_name) == 0) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           /* There's nothing to be done. We don't need to
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher            * make any changes here. Just return success.
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher            */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_TRACE_LIBS,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("No changes needed, canceling transaction\n"));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = EOK;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       } else {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           /* The name has changed. Replace it */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_CONF_SETTINGS,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Changing domain name of SID [%s] from [%s] to [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  dom_sid, old_name, dom_name));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           /* Set the new name */
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           lret = ldb_msg_add_empty(update_msg, SYSDB_NAME,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                    LDB_FLAG_MOD_REPLACE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                                    NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           lret = ldb_msg_add_string(update_msg, SYSDB_NAME, dom_name);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       lret = ldb_modify(sysdb->ldb, update_msg);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (lret != LDB_SUCCESS) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_MINOR_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Failed to update mapping: [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                  ldb_strerror(lret)));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   ret = sysdb_transaction_commit(sysdb);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (ret != EOK) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       DEBUG(SSSDBG_CRIT_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher             ("Could not commit transaction: [%s]\n", strerror(ret)));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   in_transaction = false;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagherdone:
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   if (in_transaction) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       sret = sysdb_transaction_cancel(sysdb);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       if (sret != EOK) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher           DEBUG(SSSDBG_CRIT_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                 ("Could not cancel transaction\n"));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher       }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   talloc_free(tmp_ctx);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher   return ret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher}
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallaghererrno_t
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallaghersysdb_idmap_get_mappings(TALLOC_CTX *mem_ctx,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                         struct sysdb_ctx *sysdb,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                         struct ldb_result **_result)
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher{
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    errno_t ret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    int lret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    struct ldb_dn *base_dn;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    TALLOC_CTX *tmp_ctx;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    struct ldb_result *res;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    static const char *attrs[] = SYSDB_IDMAP_ATTRS;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    tmp_ctx = talloc_new(NULL);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    if (!tmp_ctx) return ENOMEM;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    DEBUG(SSSDBG_TRACE_ALL,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher          (SYSDB_TMPL_IDMAP_BASE"\n", sysdb->domain->name));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    base_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                             SYSDB_TMPL_IDMAP_BASE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                             sysdb->domain->name);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    if (!base_dn) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        ret = ENOMEM;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    lret = ldb_search(sysdb->ldb, tmp_ctx, &res, base_dn,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher                     LDB_SCOPE_SUBTREE, attrs, SYSDB_IDMAP_FILTER);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    if (lret) {
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        DEBUG(SSSDBG_MINOR_FAILURE,
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher              ("Could not locate ID mappings: [%s]\n",
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher               ldb_strerror(lret)));
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        ret = sysdb_error_to_errno(lret);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher        goto done;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    }
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    *_result = talloc_steal(mem_ctx, res);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    ret = EOK;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagherdone:
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    talloc_free(tmp_ctx);
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher    return ret;
817b1bcafff27cc67630dd0cbd36df708c05fcccStephen Gallagher}