sysdb_upgrade.c revision f983b400bf4f6fb14a2174d6f58071e06e9ec832
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher Simo Sorce <ssorce@redhat.com>
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher Stephen Gallagher <sgallagh@redhat.com>
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher Copyright (C) 2008-2011 Simo Sorce <ssorce@redhat.com>
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher Copyright (C) 2008-2011 Stephen Gallagher
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher This program is free software; you can redistribute it and/or modify
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher it under the terms of the GNU General Public License as published by
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher the Free Software Foundation; either version 3 of the License, or
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher (at your option) any later version.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher This program is distributed in the hope that it will be useful,
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher but WITHOUT ANY WARRANTY; without even the implied warranty of
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher GNU General Public License for more details.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher You should have received a copy of the GNU General Public License
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher along with this program. If not, see <http://www.gnu.org/licenses/>.
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorcestatic errno_t commence_upgrade(TALLOC_CTX *mem_ctx, struct ldb_context *ldb,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "UPGRADING DB TO VERSION %s\n", new_ver);
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorcestatic errno_t update_version(struct upgrade_ctx *ctx)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = ldb_msg_add_empty(msg, "version", LDB_FLAG_MOD_REPLACE, NULL);
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = ldb_msg_add_string(msg, "version", ctx->new_version);
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorcestatic int finish_upgrade(int ret, struct upgrade_ctx **ctx, const char **ver)
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Could not cancel transaction! [%s]\n",
cff916f5352fe7c3a679571130090efdb935618aStephen Gallagher /* Do not overwrite ret here, we want to return
cff916f5352fe7c3a679571130090efdb935618aStephen Gallagher * the original failure, not the failure of the
cff916f5352fe7c3a679571130090efdb935618aStephen Gallagher * transaction cancellation.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher/* serach all groups that have a memberUid attribute.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * change it into a member attribute for a user of same domain.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * remove the memberUid attribute
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * add the new member attribute
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * finally stop indexing memberUid
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * upgrade version to 0.2
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_upgrade_01(struct ldb_context *ldb, const char **ver)
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher const char *filter = "(&(memberUid=*)(objectclass=group))";
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher const char *attrs[] = { "memberUid", NULL };
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(tmp_ctx, ldb, SYSDB_VERSION_0_2, &ctx);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher basedn = ldb_dn_new(tmp_ctx, ldb, SYSDB_BASE);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher el = ldb_msg_find_element(res->msgs[i], "memberUid");
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "memberUid is missing from message [%s], skipping\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[i]->dn));
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* create modification message */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "memberUid", LDB_FLAG_MOD_DELETE, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, SYSDB_MEMBER, LDB_FLAG_MOD_ADD, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* get domain name component value */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher val = ldb_dn_get_component_val(res->msgs[i]->dn, 2);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher domain = talloc_strndup(tmp_ctx, (const char *)val->data, val->length);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher mem_dn = ldb_dn_new_fmt(tmp_ctx, ldb, SYSDB_TMPL_USER,
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher (const char *)el->values[j].data, domain);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher mdn = talloc_strdup(msg, ldb_dn_get_linearized(mem_dn));
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, SYSDB_MEMBER, mdn);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* ok now we are ready to modify the entry */
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_check_upgrade_02(struct sss_domain_info *domains,
f983b400bf4f6fb14a2174d6f58071e06e9ec832Jakub Hrozek ldb_file = talloc_asprintf(tmp_ctx, "%s/"LOCAL_SYSDB_FILE,
72dbcd0a3361f1c0f0c3e348aa2fbcabd926188bJakub Hrozek ret = sysdb_ldb_connect(tmp_ctx, ldb_file, 0, &ldb);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_ldb_connect failed.\n");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher verdn = ldb_dn_new(tmp_ctx, ldb, SYSDB_BASE);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher el = ldb_msg_find_element(res->msgs[0], "version");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher if (strcmp(version, SYSDB_VERSION) == 0) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* all fine, return */
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Upgrading DB from version: %s\n", version);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher if (strcmp(version, SYSDB_VERSION_0_1) == 0) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* convert database */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher if (strcmp(version, SYSDB_VERSION_0_2) == 0) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* need to convert database to split files */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* not a v2 upgrade, return and let the normal code take over any
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * further upgrade */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* == V2->V3 UPGRADE == */
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "UPGRADING DB TO VERSION %s\n", SYSDB_VERSION_0_3);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* ldb uses posix locks,
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * posix is stupid and kills all locks when you close *any* file
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * descriptor associated to the same file.
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * Therefore we must close and reopen the ldb file here */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* == Backup and reopen ldb == */
dfdc99afd56b605632adc265bfb1f55cd52b3dbeNikolai Kondrashov ret = backup_file(ldb_file, SSSDBG_FATAL_FAILURE);
72dbcd0a3361f1c0f0c3e348aa2fbcabd926188bJakub Hrozek ret = sysdb_ldb_connect(tmp_ctx, ldb_file, 0, &ldb);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_ldb_connect failed.\n");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* open a transaction */
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to start ldb transaction! (%d)\n", ret);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* == Upgrade contents == */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher for (dom = domains; dom; dom = dom->next) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* skip local */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher if (strcasecmp(dom->provider, "local") == 0) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* create new dom db */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = sysdb_domain_init_internal(tmp_ctx, dom,
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to start ldb transaction! (%d)\n", ret);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* search all entries for this domain in local,
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * copy them all in the new database,
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * then remove them from local */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher domain_dn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb,
12a000c8c7c07259e438fb1e992134bdd07d9a30Pavel Březina groups_dn = sysdb_group_base_dn(tmp_ctx, dom);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* skip pre-created congtainers */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher if ((ldb_dn_compare(msg->dn, domain_dn) == 0) ||
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher (ldb_dn_compare(msg->dn, users_dn) == 0) ||
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher (ldb_dn_compare(msg->dn, groups_dn) == 0)) {
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* regenerate the DN against the new ldb as it may have different
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * casefolding rules (example: name changing from case insensitive
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * to case sensitive) */
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_FATAL_FAILURE, "WARNING: Could not add entry %s,"
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher " to new ldb file! (%d [%s])\n",
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "WARNING: Could not remove entry %s,"
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher " from old ldb file! (%d [%s])\n",
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* now remove the basic containers from local */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* these were optional so debug at level 9 in case
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher * of failure just for tracing */
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "WARNING: Could not remove entry %s,"
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher " from old ldb file! (%d [%s])\n",
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "WARNING: Could not remove entry %s,"
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher " from old ldb file! (%d [%s])\n",
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "WARNING: Could not remove entry %s,"
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher " from old ldb file! (%d [%s])\n",
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to commit ldb transaction! (%d)\n", ret);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* conversion done, upgrade version number */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, ldb, SYSDB_BASE);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "version", LDB_FLAG_MOD_REPLACE, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, "version", SYSDB_VERSION_0_3);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to commit ldb transaction! (%d)\n", ret);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to cancel ldb transaction! (%d)\n", ret);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Failed to cancel ldb transaction! (%d)\n", ret);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_upgrade_03(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_4, &ctx);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Make this database case-sensitive */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@ATTRIBUTES");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "name", LDB_FLAG_MOD_DELETE, NULL);
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_upgrade_04(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_5, &ctx);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Add new index */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, "@IDXATTR", "originalDN");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Rebuild memberuid and memberoif attributes */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@MEMBEROF-REBUILD");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_upgrade_05(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_6, &ctx);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Add new indexes */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Add Index for dataExpireTimestamp */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, "@IDXATTR", "dataExpireTimestamp");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Add index to speed up ONELEVEL searches */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, "@IDXONE", LDB_FLAG_MOD_ADD, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, "@IDXONE", "1");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagherint sysdb_upgrade_06(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_7, &ctx);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Add new indexes */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@ATTRIBUTES");
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher /* Case insensitive search for originalDN */
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_empty(msg, SYSDB_ORIG_DN, LDB_FLAG_MOD_ADD, NULL);
c2352a73f52f600d95966ebe0b0819649ba923faStephen Gallagher ret = ldb_msg_add_string(msg, SYSDB_ORIG_DN, "CASE_INSENSITIVE");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
0387564f38698c5301b76b24eda000c448174171Stephen Gallagherint sysdb_upgrade_07(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_8, &ctx);
0387564f38698c5301b76b24eda000c448174171Stephen Gallagher /* Add new indexes */
0387564f38698c5301b76b24eda000c448174171Stephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
0387564f38698c5301b76b24eda000c448174171Stephen Gallagher /* Add Index for nameAlias */
0387564f38698c5301b76b24eda000c448174171Stephen Gallagher ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
0387564f38698c5301b76b24eda000c448174171Stephen Gallagher ret = ldb_msg_add_string(msg, "@IDXATTR", "nameAlias");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagherint sysdb_upgrade_08(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_9, &ctx);
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher /* Add new indexes */
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher /* Add Index for servicePort and serviceProtocol */
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher ret = ldb_msg_add_string(msg, "@IDXATTR", "servicePort");
ff907ba7a9b5e429de086515642f97a0447e546aStephen Gallagher ret = ldb_msg_add_string(msg, "@IDXATTR", "serviceProtocol");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozekint sysdb_upgrade_09(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_10, &ctx);
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozek /* Add new indexes */
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozek msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozek /* Add Index for servicePort and serviceProtocol */
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozek ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
25a9a1768d2e3587cc68b76a0a5df1e42a2c89abJakub Hrozek ret = ldb_msg_add_string(msg, "@IDXATTR", "sudoUser");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
46675b5033169e1e954cd570413ce85b2c5e11fcSimo Sorceint sysdb_upgrade_10(struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
46675b5033169e1e954cd570413ce85b2c5e11fcSimo Sorce const char **ver)
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny const char *name;
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny const char *filter = "(&(objectClass=user)(!(uidNumber=*))(memberOf=*))";
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny const char *attrs[] = { "name", "memberof", NULL };
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_11, &ctx);
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny ret = ldb_search(sysdb->ldb, tmp_ctx, &res, basedn, LDB_SCOPE_SUBTREE,
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny memberof_el = ldb_msg_find_element(user, "memberof");
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny name = ldb_msg_find_attr_as_string(user, "name", NULL);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_LIBS, "User [%s] is a member of %d groups\n",
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny msg->dn = ldb_dn_from_ldb_val(tmp_ctx, sysdb->ldb, &memberof_el->values[j]);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "DN validation failed during "
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny "upgrade: [%s]\n",
c193cdcb43bffc1eac1bde6dfb0311e033e0c12fJan Zeleny ret = ldb_msg_add_empty(msg, "ghost", LDB_FLAG_MOD_ADD, NULL);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Adding ghost [%s] to entry [%s]\n",
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek ret = sss_ldb_modify_permissive(sysdb->ldb, msg);
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek if (ret == LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS) {
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek /* If we failed adding the ghost user(s) because the values already
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek * exist, they were probably propagated from a parent that was
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek * upgraded before us. Mark the group as expired so that it is
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek * refreshed on next request.
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek msg->dn = ldb_dn_from_ldb_val(tmp_ctx, sysdb->ldb, &memberof_el->values[j]);
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek ret = ldb_msg_add_empty(msg, SYSDB_CACHE_EXPIRE,
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek ret = ldb_msg_add_string(msg, SYSDB_CACHE_EXPIRE, "1");
541ee4f36c58dac103dfb766231cf8f26db93676Jakub Hrozek ret = sss_ldb_modify_permissive(sysdb->ldb, msg);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Removing fake user [%s]\n",
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
46675b5033169e1e954cd570413ce85b2c5e11fcSimo Sorceint sysdb_upgrade_11(struct sysdb_ctx *sysdb, struct sss_domain_info *domain,
46675b5033169e1e954cd570413ce85b2c5e11fcSimo Sorce const char **ver)
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek const char *key;
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek const char *attrs[] = { SYSDB_AUTOFS_ENTRY_KEY,
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_12, &ctx);
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek basedn = ldb_dn_new_fmt(tmp_ctx, sysdb->ldb, SYSDB_TMPL_CUSTOM_SUBTREE,
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek ret = ldb_search(sysdb->ldb, tmp_ctx, &res, basedn, LDB_SCOPE_SUBTREE,
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek attrs, "(objectClass=%s)", SYSDB_AUTOFS_ENTRY_OC);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_LIBS, "Found %d autofs entries\n", res->count);
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek memberof_el = ldb_msg_find_element(entry, SYSDB_MEMBEROF);
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek for (j = 0; j < memberof_el->num_values; j++) {
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek memberof_dn = ldb_dn_from_ldb_val(tmp_ctx, sysdb->ldb,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Cannot convert memberof into DN, skipping\n");
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Cannot get map name from map DN\n");
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Cannot save autofs entry [%s]-[%s] into map %s\n",
77f445dbaecc8e792e1ad42e3742800ad141bee0Jakub Hrozek /* Delete the old entry if it was either processed or incomplete */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_LIBS, "Deleting [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Cannot delete old autofs entry %s\n",
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholastaint sysdb_upgrade_12(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_13, &ctx);
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholasta /* add new indexes */
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholasta msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@INDEXLIST");
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholasta /* add index for sshKnownHostsExpire */
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholasta ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
3882325ff60f89d0c312e9519bdfd1351978fd73Jan Cholasta ret = ldb_msg_add_string(msg, "@IDXATTR", "sshKnownHostsExpire");
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorceint sysdb_upgrade_13(struct sysdb_ctx *sysdb, const char **ver)
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce int i, j, l, n;
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_14, &ctx);
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce basedn = ldb_dn_new(ctx, sysdb->ldb, SYSDB_BASE);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n");
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to search subdomains\n");
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce tmp_str = ldb_msg_find_attr_as_string(dom_res->msgs[i], "cn", NULL);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "The object [%s] doesn't have a name\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(dom_res->msgs[i]->dn));
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce basedn = ldb_dn_new_fmt(ctx, sysdb->ldb, SYSDB_DOM_BASE, tmp_str);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to build base dn for subdomain %s\n", tmp_str);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to search subdomain %s\n", tmp_str);
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce if (n <= l + 1) {
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce /* Do not remove subdomain containers, only their contents */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to delete %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[j]->dn));
d096233fe7610186ee12f41f97ca9602a3768405Simo Sorce /* conversion done, update version number */
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorceint sysdb_upgrade_14(struct sysdb_ctx *sysdb, const char **ver)
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_15, &ctx);
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce basedn = ldb_dn_new(ctx, sysdb->ldb, SYSDB_BASE);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to build base dn\n");
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce /* create base ranges container */
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce msg->dn = ldb_dn_new(msg, sysdb->ldb, SYSDB_TMPL_RANGE_BASE);
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce /* do a synchronous add */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to upgrade DB (%d, [%s])!\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to search range objects\n");
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce /* Failure to convert any range is not fatal. As long as there are no
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce * left-over objects we can fail to move them around, as they will be
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce * recreated on the next online access */
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce tmp_str = ldb_msg_find_attr_as_string(res->msgs[i], SYSDB_NAME, NULL);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "The object [%s] doesn't have a name\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[i]->dn));
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to delete %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[i]->dn));
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce newdn = ldb_dn_new_fmt(ctx, sysdb->ldb, SYSDB_TMPL_RANGE, tmp_str);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to create new DN to move [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[i]->dn));
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce ret = ldb_rename(sysdb->ldb, res->msgs[i]->dn, newdn);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to move [%s] to [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to delete %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov ldb_dn_get_linearized(res->msgs[i]->dn));
73120327cc136229d56d08f7f8c5e8df4129c1e3Simo Sorce /* conversion done, update version number */
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Boseint sysdb_upgrade_15(struct sysdb_ctx *sysdb, const char **ver)
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_16, &ctx);
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose /* Add new indexes */
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose msg->dn = ldb_dn_new(tmp_ctx, sysdb->ldb, "@ATTRIBUTES");
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose /* Case insensitive search for canonicalUserPrincipalName */
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose ret = ldb_msg_add_empty(msg, SYSDB_CANONICAL_UPN, LDB_FLAG_MOD_ADD, NULL);
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose ret = ldb_msg_add_string(msg, SYSDB_CANONICAL_UPN, "CASE_INSENSITIVE");
9ad2756fcf4df945f4cd09238e3f9fe707b0b70cSumit Bose /* conversion done, update version number */
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozekint sysdb_upgrade_16(struct sysdb_ctx *sysdb, const char **ver)
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_17, &ctx);
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek msg->dn = ldb_dn_new(msg, sysdb->ldb, "@INDEXLIST");
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek /* add index for objectSIDString */
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek ret = ldb_msg_add_empty(msg, "@IDXATTR", LDB_FLAG_MOD_ADD, NULL);
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek ret = ldb_msg_add_string(msg, "@IDXATTR", "objectSIDString");
e61b0e41cb44004d2b260ad9d05802995f7bcb2eJakub Hrozek /* conversion done, update version number */
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce * Example template for future upgrades.
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce * Copy and change version numbers as appropriate.
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorceint sysdb_upgrade_13(struct sysdb_ctx *sysdb, const char **ver)
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce ret = commence_upgrade(sysdb, sysdb->ldb, SYSDB_VERSION_0_14, &ctx);
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* DO STUFF HERE (use ctx, as the local temporary memory context) */
868ae511c9b0d610f83acf8f01975e1f5e3c1aa3Simo Sorce /* conversion done, update version number */