e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny Async IPA Helper routines for netgroups
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny Jan Zeleny <jzeleny@redhat.com>
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny Copyright (C) 2011 Red Hat
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny This program is free software; you can redistribute it and/or modify
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny it under the terms of the GNU General Public License as published by
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny the Free Software Foundation; either version 3 of the License, or
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny (at your option) any later version.
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny This program is distributed in the hope that it will be useful,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny but WITHOUT ANY WARRANTY; without even the implied warranty of
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny GNU General Public License for more details.
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny You should have received a copy of the GNU General Public License
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny along with this program. If not, see <http://www.gnu.org/licenses/>.
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* Entities which have been already asked for
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * and are scheduled for inspection */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic errno_t ipa_save_netgroup(TALLOC_CTX *mem_ctx,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny opts->netgroup_map[IPA_AT_NETGROUP_NAME].sys_name,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Storing netgroup %s\n", name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(attrs, SYSDB_ORIG_DN, &el);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Original DN is not available for [%s].\n", name);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Adding original DN [%s] to attributes of [%s].\n",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_add_string(netgroup_attrs, SYSDB_ORIG_DN,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(attrs, SYSDB_NETGROUP_TRIPLE, &el);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "No netgroup triples for netgroup [%s].\n", name);
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zeleny ret = sysdb_attrs_get_el(netgroup_attrs, SYSDB_NETGROUP_TRIPLE, &el);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny opts->netgroup_map[IPA_AT_NETGROUP_MEMBER].sys_name,
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "No original members for netgroup [%s]\n", name);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov "Adding original members to netgroup [%s]\n", name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny opts->netgroup_map[IPA_AT_NETGROUP_MEMBER].sys_name,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(attrs, SYSDB_NETGROUP_MEMBER, &el);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_LIBS, "No members for netgroup [%s]\n", name);
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_LIBS, "Adding members to netgroup [%s]\n", name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_add_string(netgroup_attrs, SYSDB_NETGROUP_MEMBER,
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Storing info for netgroup %s\n", name);
d115f40c7a3999e3cbe705a2ff9cf0fd493f80fbMichal Zidek ret = sysdb_add_netgroup(dom, name, NULL, netgroup_attrs, NULL,
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to save netgroup %s\n", name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic errno_t ipa_netgr_next_base(struct tevent_req *req);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic void ipa_get_netgroups_process(struct tevent_req *subreq);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_process_all(struct ipa_get_netgroups_state *state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystruct tevent_req *ipa_get_netgroups_send(TALLOC_CTX *memctx,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny const char **attrs,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny const char *filter,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny req = tevent_req_create(memctx, &state, struct ipa_get_netgroups_state);
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek if (!ipa_options->id->sdom->netgroup_search_bases) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Netgroup lookup request without a search base\n");
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sss_hash_create(state, 32, &state->new_netgroups);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sss_hash_create(state, 32, &state->new_users);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sss_hash_create(state, 32, &state->new_hosts);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic errno_t ipa_netgr_next_base(struct tevent_req *req)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state = tevent_req_data(req, struct ipa_get_netgroups_state);
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek netgr_bases = state->ipa_opts->id->sdom->netgroup_search_bases;
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Searching for netgroups with base [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov netgr_bases[state->netgr_base_iter]->basedn);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny tevent_req_set_callback(subreq, ipa_get_netgroups_process, req);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_netgroups(struct ipa_get_netgroups_state *state,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_users(struct ipa_get_netgroups_state *state,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_hosts(struct ipa_get_netgroups_state *state,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic void ipa_netgr_members_process(struct tevent_req *subreq);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic void ipa_get_netgroups_process(struct tevent_req *subreq)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny struct tevent_req *req = tevent_req_callback_data(subreq,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny struct ipa_get_netgroups_state *state = tevent_req_data(req,
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek netgr_bases = state->ipa_opts->id->sdom->netgroup_search_bases;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sdap_get_generic_recv(subreq, state, &netgroups_count, &netgroups);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Search for netgroups, returned %zu results.\n",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* No netgroups found in this search */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* There are more search bases to try */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny for (i = 0; i < netgroups_count; i++) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_NETGROUP_MEMBER,
c048657aa2fbb246b5dc199ef6101bfd6e5eeaeaLukas Slebodnik if (el->num_values) state->entities_found |= ENTITY_NG;
9674f0f018c65a9af6b18dd0a4e515f726803d27Jan Zeleny ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_MEMBER_USER,
c048657aa2fbb246b5dc199ef6101bfd6e5eeaeaLukas Slebodnik if (el->num_values) state->entities_found |= ENTITY_USER;
9674f0f018c65a9af6b18dd0a4e515f726803d27Jan Zeleny ret = sysdb_attrs_get_el(netgroups[i], SYSDB_ORIG_MEMBER_HOST,
c048657aa2fbb246b5dc199ef6101bfd6e5eeaeaLukas Slebodnik if (el->num_values) state->entities_found |= ENTITY_HOST;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string(netgroups[i], SYSDB_ORIG_DN, &orig_dn);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = hash_enter(state->new_netgroups, &key, &value);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* Add this to the filter */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny filter = talloc_asprintf_append(filter, "(%s=%s)",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->opts->netgroup_map[IPA_AT_NETGROUP_MEMBER_OF].name,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->filter = talloc_asprintf_append(filter, ")");
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny } else if (state->entities_found & ENTITY_USER) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny } else if (state->entities_found & ENTITY_HOST) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_netgroups(struct ipa_get_netgroups_state *state,
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek bases = state->ipa_opts->id->sdom->netgroup_search_bases;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* No more bases to try */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny base_filter = bases[state->netgr_base_iter]->filter;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->opts->netgroup_map[SDAP_OC_NETGROUP].name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_users(struct ipa_get_netgroups_state *state,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny const char *attrs[] = { state->opts->user_map[SDAP_AT_USER_NAME].name,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->opts->user_map[SDAP_AT_USER_MEMBEROF].name,
749cfb5d3270b5daf389d51a0dbd3fd2aec6e05dJakub Hrozek bases = state->ipa_opts->id->sdom->user_search_bases;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny base_filter = bases[state->user_base_iter]->filter;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_fetch_hosts(struct ipa_get_netgroups_state *state,
60a715a0dd79873d2d2607eab8fdfaf0ffd2e7d3Hristo Venev bases = state->ipa_opts->id->sdom->host_search_bases;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny base_filter = bases[state->host_base_iter]->filter;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny filter = talloc_asprintf(state, "(&%s%s(objectclass=%s))",
60a715a0dd79873d2d2607eab8fdfaf0ffd2e7d3Hristo Venev state->ipa_opts->id->host_map[SDAP_OC_HOST].name);
60a715a0dd79873d2d2607eab8fdfaf0ffd2e7d3Hristo Venev ret = build_attrs_from_map(state, state->ipa_opts->id->host_map,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny subreq = sdap_get_generic_send(state, state->ev, state->opts, state->sh,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny tevent_req_set_callback(subreq, ipa_netgr_members_process, req);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic void ipa_netgr_members_process(struct tevent_req *subreq)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny struct tevent_req *req = tevent_req_callback_data(subreq,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny struct ipa_get_netgroups_state *state = tevent_req_data(req,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny int (* next_call)(struct ipa_get_netgroups_state *,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sdap_get_generic_recv(subreq, state, &count, &entities);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Found %zu members in current search base\n",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* While processing a batch of entities from one search base,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * schedule query for another search base if there is one
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * If there is no other search base, another class of entities
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * will be scheduled for lookup after processing of current
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * batch. The order of lookup is: netgroups -> users -> hosts
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* We just received a batch of netgroups */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* If there is a member netgroup, we always have to
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * ask for both member users and hosts
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * -> now schedule users
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny } else if (state->current_entity == ENTITY_USER) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* We just received a batch of users */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny } else if (state->current_entity == ENTITY_HOST) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* We just received a batch of hosts */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Invalid entity type given for processing: %d\n",
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* Next search base has been scheduled for inspection,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * don't try to look for other type of entities
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* Process all member entites and store them in the designated hash table */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny for (i = 0; i < count; i++) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string(entities[i], SYSDB_ORIG_DN, &orig_dn);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* The next search base is already scheduled to be searched */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* There is another class of members that has to be retrieved
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny * - schedule the lookup
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* All members, that could have been fetched, were fetched */
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic bool extract_netgroups(hash_entry_t *entry, void *pvt)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state = talloc_get_type(pvt, struct ipa_get_netgroups_state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->netgroups[state->netgroups_count] = talloc_get_type(entry->value.ptr,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny return true;
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zelenystatic bool extract_entities(hash_entry_t *entry, void *pvt)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state = talloc_get_type(pvt, struct extract_state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny member = talloc_get_type(entry->value.ptr, struct sysdb_attrs);
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech ret = sysdb_attrs_get_el(member, state->appropriateMemberOf, &el);
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech return false;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(member, SYSDB_NAME, &name_el);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny if (ret != EOK || name_el == NULL || name_el->num_values == 0) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny return false;
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech if (strcmp((char *)el->values[j].data, state->group) == 0) {
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech state->entries = talloc_realloc(state, state->entries,
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech const char *,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny return false;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->entries[state->entries_count] = (char *)name_el->values[0].data;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny return true;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny const char ***_ret_array,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state = talloc_zero(mem_ctx, struct extract_state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_el(netgroup, member_type, &el);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny if (ret != HASH_SUCCESS && ret != HASH_ERROR_KEY_NOT_FOUND) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny process = talloc_realloc(mem_ctx, process, const char *, process_count + 1);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny process[process_count] = (char *)el->values[i].data;
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret_array = talloc_realloc(mem_ctx, ret_array, const char *, ret_count + 1);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny member = talloc_get_type(value.ptr, struct sysdb_attrs);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string(member, SYSDB_NAME, &ret_array[ret_count]);
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zeleny hash_iterate(lookup_table, extract_entities, state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret_array = talloc_realloc(mem_ctx, ret_array, const char *,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenystatic int ipa_netgr_process_all(struct ipa_get_netgroups_state *state)
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny state->netgroups = talloc_zero_array(state, struct sysdb_attrs *,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny extract_state = talloc_zero(state, struct extract_state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny hash_iterate(state->new_netgroups, extract_netgroups, state);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* load all its member netgroups, translate */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Extracting netgroup members of netgroup %d\n", i);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string_array(state->netgroups[i],
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny for (j = 0; members[j]; j++) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = hash_lookup(state->new_netgroups, &key, &value);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny member = talloc_get_type(value.ptr, struct sysdb_attrs);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string(member, SYSDB_NAME, &member_name);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_add_string(state->netgroups[i],
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Extracted %d netgroup members\n", j);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny /* Load all UIDs */
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "Extracting user members of netgroup %d\n", i);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = extract_members(state, state->netgroups[i],
e6595222c41af84288d303e8d464ce45b1408ed3Petr Cech state->ipa_opts->id->user_map[SDAP_AT_USER_MEMBEROF].sys_name,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Extracted %d user members\n", uids_count);
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "Extracting host members of netgroup %d\n", i);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = extract_members(state, state->netgroups[i],
60a715a0dd79873d2d2607eab8fdfaf0ffd2e7d3Hristo Venev state->ipa_opts->id->host_map[SDAP_AT_HOST_MEMBER_OF].sys_name,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Extracted %d host members\n", hosts_count);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny hosts = talloc_realloc(state, hosts, const char *,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny for (j = 0; j < external_hosts->num_values; j++) {
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny hosts[hosts_count] = talloc_strdup(hosts, (char *)external_hosts->values[j].data);
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny ret = sysdb_attrs_get_string(state->netgroups[i], SYSDB_NETGROUP_DOMAIN,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Putting together triples of "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "netgroup %d\n", i);
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zeleny for (j = 0; j < uids_count; j++) {
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zeleny for (k = 0; k < hosts_count; k++) {
3e1c814a7ca3a0e4086e0822d6b4df23b8465bc8Jan Zeleny ret = sysdb_attrs_add_string(state->netgroups[i],
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zelenyint ipa_get_netgroups_recv(struct tevent_req *req,
e526b608657f229f7486b3aa8c53b0f2c53b42b1Jan Zeleny struct ipa_get_netgroups_state *state = tevent_req_data(req,