f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny/*
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny SSSD
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny Async LDAP Helper routines - retrieving users
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny Copyright (C) Simo Sorce <ssorce@redhat.com> - 2009
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny Copyright (C) 2010, Ralf Haferkamp <rhafer@suse.de>, Novell Inc.
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny Copyright (C) Jan Zeleny <jzeleny@redhat.com> - 2011
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny This program is free software; you can redistribute it and/or modify
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny it under the terms of the GNU General Public License as published by
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny the Free Software Foundation; either version 3 of the License, or
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny (at your option) any later version.
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny This program is distributed in the hope that it will be useful,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny but WITHOUT ANY WARRANTY; without even the implied warranty of
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny GNU General Public License for more details.
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny You should have received a copy of the GNU General Public License
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny along with this program. If not, see <http://www.gnu.org/licenses/>.
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny*/
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
96e1794db6915a655d97ecab7ab71ad53d1f527bLukas Slebodnik#include <ctype.h>
96e1794db6915a655d97ecab7ab71ad53d1f527bLukas Slebodnik
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny#include "util/util.h"
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek#include "util/probes.h"
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny#include "db/sysdb.h"
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny#include "providers/ldap/sdap_async_private.h"
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny#include "providers/ldap/ldap_common.h"
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher#include "providers/ldap/sdap_idmap.h"
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce#include "providers/ldap/sdap_users.h"
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina#define REALM_SEPARATOR '@'
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina
208b9f9bea519392428d99803edac1739ffdd444Pavel Březinastatic void make_realm_upper_case(const char *upn)
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina{
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina char *c;
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina c = strchr(upn, REALM_SEPARATOR);
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina if (c == NULL) {
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina DEBUG(SSSDBG_TRACE_ALL, "No realm delimiter found in upn [%s].\n", upn);
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina return;
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina }
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina while(*(++c) != '\0') {
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina c[0] = toupper(*c);
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina }
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina return;
208b9f9bea519392428d99803edac1739ffdd444Pavel Březina}
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny/* ==Save-User-Entry====================================================== */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozekstatic errno_t
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozeksdap_get_idmap_primary_gid(struct sdap_options *opts,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek struct sysdb_attrs *attrs,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek char *sid_str,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek char *dom_sid_str,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek gid_t *_gid)
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek{
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek errno_t ret;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek TALLOC_CTX *tmpctx = NULL;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek gid_t gid, primary_gid;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek char *group_sid_str;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek tmpctx = talloc_new(NULL);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (!tmpctx) {
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = ENOMEM;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek goto done;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek }
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = sysdb_attrs_get_uint32_t(attrs,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek opts->user_map[SDAP_AT_USER_PRIMARY_GROUP].sys_name,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek &primary_gid);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "no primary group ID provided\n");
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = EINVAL;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek goto done;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek }
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek /* The primary group ID is just the RID part of the objectSID
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek * of the group. Generate the GID by adding this to the domain
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek * SID value.
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek */
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek /* First, get the domain SID if we didn't do so above */
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (!dom_sid_str) {
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = sdap_idmap_get_dom_sid_from_object(tmpctx, sid_str,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek &dom_sid_str);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (ret != EOK) {
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Could not parse domain SID from [%s]\n", sid_str);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek goto done;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek }
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek }
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek /* Add the RID to the end */
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek group_sid_str = talloc_asprintf(tmpctx, "%s-%lu", dom_sid_str,
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek (unsigned long) primary_gid);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (!group_sid_str) {
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = ENOMEM;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek goto done;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek }
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek /* Convert the SID into a UNIX group ID */
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, group_sid_str, &gid);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek if (ret != EOK) goto done;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek ret = EOK;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek *_gid = gid;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozekdone:
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek talloc_free(tmpctx);
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek return ret;
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek}
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozekstatic errno_t sdap_set_non_posix_flag(struct sysdb_attrs *attrs,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek const char *pkey)
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek{
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek errno_t ret;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = sysdb_attrs_add_uint32(attrs, pkey, 0);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret != EOK) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz "Failed to add a zero ID to a non-POSIX object!\n");
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek return ret;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek }
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = sysdb_attrs_add_bool(attrs, SYSDB_POSIX, false);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret != EOK) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz "Error: Failed to mark objects as non-POSIX!\n");
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek return ret;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek }
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek return EOK;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek}
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozekstatic int sdap_user_set_mpg(struct sysdb_attrs *user_attrs,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek gid_t *_gid)
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek{
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek errno_t ret;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (_gid == NULL) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek return EINVAL;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (*_gid == 0) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek /* The original entry had no GID number. This is OK, we just won't add
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * the SYSDB_PRIMARY_GROUP_GIDNUM attribute
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek return EOK;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek ret = sysdb_attrs_add_uint32(user_attrs,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek SYSDB_PRIMARY_GROUP_GIDNUM,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek (uint32_t) *_gid);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (ret != EOK) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, "sysdb_attrs_add_uint32 failed.\n");
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek return ret;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek /* We won't really store gidNumber=0, but the zero value tells
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * the sysdb layer that no GID is set, which sysdb requires for
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * MPG-enabled domains
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek *_gid = 0;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek return EOK;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek}
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny/* FIXME: support storing additional attributes */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zelenyint sdap_save_user(TALLOC_CTX *memctx,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_options *opts,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sss_domain_info *dom,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sysdb_attrs *attrs,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose struct sysdb_attrs *mapped_attrs,
684d1b48b5582a1bf7812b8c3c663592dc6dfed9Pavel Březina char **_usn_value,
684d1b48b5582a1bf7812b8c3c663592dc6dfed9Pavel Březina time_t now)
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny{
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct ldb_message_element *el;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int ret;
3ca846cfb59dee6e20b94c4aee2716f1a20ebd3aJakub Hrozek const char *user_name = NULL;
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina const char *fullname = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny const char *pwd;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny const char *gecos;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny const char *homedir;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny const char *shell;
28761d3c03e0758dc6a5a76b406f23532d15d143Ondrej Kos const char *orig_dn = NULL;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek uid_t uid = 0;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek gid_t gid = 0;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sysdb_attrs *user_attrs;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char *upn = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny size_t i;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int cache_timeout;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char *usn_value = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char **missing = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny TALLOC_CTX *tmpctx = NULL;
b56b06e199f15a8a840b36bc7cb8010e39ae761dSumit Bose bool use_id_mapping;
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher char *sid_str;
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher char *dom_sid_str = NULL;
16b27fcceebcbbaeefaf5b9bdf2dec3065adba4aLukas Slebodnik struct sss_domain_info *subdomain;
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose size_t c;
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose char *p1;
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose char *p2;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek bool is_posix = true;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Save user\n");
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek tmpctx = talloc_new(NULL);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (!tmpctx) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = ENOMEM;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny user_attrs = sysdb_new_attrs(tmpctx);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (user_attrs == NULL) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = ENOMEM;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
022ebf54037982211da729b99213bab7458ae827Pavel Březina /* Always store SID string if available */
022ebf54037982211da729b99213bab7458ae827Pavel Březina ret = sdap_attrs_get_sid_str(tmpctx, opts->idmap_ctx, attrs,
022ebf54037982211da729b99213bab7458ae827Pavel Březina opts->user_map[SDAP_AT_USER_OBJECTSID].sys_name,
022ebf54037982211da729b99213bab7458ae827Pavel Březina &sid_str);
022ebf54037982211da729b99213bab7458ae827Pavel Březina if (ret == EOK) {
022ebf54037982211da729b99213bab7458ae827Pavel Březina ret = sysdb_attrs_add_string(user_attrs, SYSDB_SID_STR, sid_str);
022ebf54037982211da729b99213bab7458ae827Pavel Březina if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "Could not add SID string: [%s]\n",
933326b4180b72636af84643d4811f6ad645fbe8Sumit Bose sss_strerror(ret));
022ebf54037982211da729b99213bab7458ae827Pavel Březina goto done;
022ebf54037982211da729b99213bab7458ae827Pavel Březina }
022ebf54037982211da729b99213bab7458ae827Pavel Březina } else if (ret == ENOENT) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "objectSID: not available for user\n");
022ebf54037982211da729b99213bab7458ae827Pavel Březina sid_str = NULL;
022ebf54037982211da729b99213bab7458ae827Pavel Březina } else {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "Could not identify objectSID: [%s]\n",
933326b4180b72636af84643d4811f6ad645fbe8Sumit Bose sss_strerror(ret));
022ebf54037982211da729b99213bab7458ae827Pavel Březina sid_str = NULL;
022ebf54037982211da729b99213bab7458ae827Pavel Březina }
022ebf54037982211da729b99213bab7458ae827Pavel Březina
933326b4180b72636af84643d4811f6ad645fbe8Sumit Bose /* Always store UUID if available */
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose ret = sysdb_handle_original_uuid(opts->user_map[SDAP_AT_USER_UUID].def_name,
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose attrs,
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose opts->user_map[SDAP_AT_USER_UUID].sys_name,
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose user_attrs, SYSDB_UUID);
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose if (ret != EOK) {
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose DEBUG((ret == ENOENT) ? SSSDBG_TRACE_ALL : SSSDBG_MINOR_FAILURE,
1d93029624d708119bbf803e6647a2cbb271f001Sumit Bose "Failed to retrieve UUID [%d][%s].\n", ret, sss_strerror(ret));
933326b4180b72636af84643d4811f6ad645fbe8Sumit Bose }
933326b4180b72636af84643d4811f6ad645fbe8Sumit Bose
022ebf54037982211da729b99213bab7458ae827Pavel Březina /* If this object has a SID available, we will determine the correct
022ebf54037982211da729b99213bab7458ae827Pavel Březina * domain by its SID. */
022ebf54037982211da729b99213bab7458ae827Pavel Březina if (sid_str != NULL) {
9ca0071db0e226e4e65b2a80fdeddd5048ca8990Pavel Reichl subdomain = find_domain_by_sid(get_domains_head(dom), sid_str);
16b27fcceebcbbaeefaf5b9bdf2dec3065adba4aLukas Slebodnik if (subdomain) {
16b27fcceebcbbaeefaf5b9bdf2dec3065adba4aLukas Slebodnik dom = subdomain;
16b27fcceebcbbaeefaf5b9bdf2dec3065adba4aLukas Slebodnik } else {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "SID %s does not belong to any known "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "domain\n", sid_str);
022ebf54037982211da729b99213bab7458ae827Pavel Březina }
022ebf54037982211da729b99213bab7458ae827Pavel Březina }
022ebf54037982211da729b99213bab7458ae827Pavel Březina
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek ret = sdap_get_user_primary_name(memctx, opts, attrs, dom, &user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to get user name\n");
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Processing user %s\n", user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina if (opts->schema_type == SDAP_SCHEMA_AD) {
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina ret = sysdb_attrs_get_string(attrs,
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina opts->user_map[SDAP_AT_USER_FULLNAME].sys_name, &fullname);
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina if (ret == EOK) {
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina ret = sysdb_attrs_add_string(user_attrs, SYSDB_FULLNAME, fullname);
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina if (ret != EOK) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina }
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina } else if (ret != ENOENT) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina }
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina }
ec2102d767bd658668d59db0954013c9c20c15ddPavel Březina
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_PWD].sys_name, &el);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) pwd = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny else pwd = (const char *)el->values[0].data;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_GECOS].sys_name, &el);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) gecos = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny else gecos = (const char *)el->values[0].data;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (!gecos) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny /* Fall back to the user's full name */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_FULLNAME].sys_name, &el);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values > 0) gecos = (const char *)el->values[0].data;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_HOME].sys_name, &el);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) homedir = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny else homedir = (const char *)el->values[0].data;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_SHELL].sys_name, &el);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) shell = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny else shell = (const char *)el->values[0].data;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
b56b06e199f15a8a840b36bc7cb8010e39ae761dSumit Bose use_id_mapping = sdap_idmap_domain_has_algorithmic_mapping(opts->idmap_ctx,
fdda4b659fa3be3027df91a2b053835186ec2c59Sumit Bose dom->name,
b56b06e199f15a8a840b36bc7cb8010e39ae761dSumit Bose sid_str);
b56b06e199f15a8a840b36bc7cb8010e39ae761dSumit Bose
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher /* Retrieve or map the UID as appropriate */
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher if (use_id_mapping) {
1a79825cfbbd26ef12ad085487247e5adf4d657dStephen Gallagher
1ae6d34788fd6ac2278be52b60d77c77073d98f3Sumit Bose if (sid_str == NULL) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "SID not available, cannot map a " \
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "unix ID to user [%s].\n", user_name);
1ae6d34788fd6ac2278be52b60d77c77073d98f3Sumit Bose ret = ENOENT;
1ae6d34788fd6ac2278be52b60d77c77073d98f3Sumit Bose goto done;
1ae6d34788fd6ac2278be52b60d77c77073d98f3Sumit Bose }
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher
1ae6d34788fd6ac2278be52b60d77c77073d98f3Sumit Bose DEBUG(SSSDBG_TRACE_LIBS,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Mapping user [%s] objectSID [%s] to unix ID\n", user_name, sid_str);
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher /* Convert the SID into a UNIX user ID */
8be5e4497e5008f7807178acdfcbf97365ec4e73Stephen Gallagher ret = sdap_idmap_sid_to_unix(opts->idmap_ctx, sid_str, &uid);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret == ENOTSUP) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Skipping built-in object.\n");
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek ret = EOK;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek } else if (ret != EOK) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek }
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher
3f2fa4c9290afdb393c760419a0ff686045a1ab3Stephen Gallagher /* Store the UID in the ldap_attrs so it doesn't get
3f2fa4c9290afdb393c760419a0ff686045a1ab3Stephen Gallagher * treated as a missing attribute from LDAP and removed.
3f2fa4c9290afdb393c760419a0ff686045a1ab3Stephen Gallagher */
f9f74a587c8e96dcf90214c760022684afc8bef7Jakub Hrozek ret = sdap_replace_id(attrs, SYSDB_UIDNUM, uid);
f9f74a587c8e96dcf90214c760022684afc8bef7Jakub Hrozek if (ret) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Cannot set the id-mapped UID\n");
f9f74a587c8e96dcf90214c760022684afc8bef7Jakub Hrozek goto done;
f9f74a587c8e96dcf90214c760022684afc8bef7Jakub Hrozek }
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher } else {
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher ret = sysdb_attrs_get_uint32_t(attrs,
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher opts->user_map[SDAP_AT_USER_UID].sys_name,
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher &uid);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret == ENOENT && dom->type == DOM_TYPE_APPLICATION) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL,
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz "Marking object as non-POSIX and setting ID=0!\n");
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = sdap_set_non_posix_flag(user_attrs,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek opts->user_map[SDAP_AT_USER_UID].sys_name);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret != EOK) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek goto done;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek }
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek is_posix = false;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek } else if (ret != EOK) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek "Cannot retrieve UID for [%s] in domain [%s].\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov user_name, dom->name);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = ERR_NO_POSIX;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
8538f3d5109c548049c344fa042684d9d40f04d6Stephen Gallagher }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek /* check that the uid is valid for this domain if the user is a POSIX one */
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (is_posix == true && OUT_OF_ID_RANGE(uid, dom->id_min, dom->id_max)) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek "User [%s] filtered out! (uid out of range)\n",
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = EINVAL;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher if (use_id_mapping) {
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose ret = sdap_get_idmap_primary_gid(opts, attrs, sid_str, dom_sid_str,
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose &gid);
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose if (ret) {
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Cannot get the GID for [%s] in domain [%s].\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov user_name, dom->name);
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose goto done;
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose }
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (IS_SUBDOMAIN(dom) || dom->mpg == true) {
d27d7f2c270b69d0805633c4bedcf6d806acd5cdJakub Hrozek /* For subdomain users, only create the private group as
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose * the subdomain is an MPG domain.
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose * But we have to save the GID of the original primary group
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz * because otherwise this information might be lost because
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz * typically (UNIX and AD) the user is not listed in his primary
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose * group as a member.
d27d7f2c270b69d0805633c4bedcf6d806acd5cdJakub Hrozek */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek ret = sdap_user_set_mpg(user_attrs, &gid);
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose if (ret != EOK) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek "sdap_user_set_mpg failed [%d]: %s\n", ret,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek sss_strerror(ret));
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose goto done;
8cdb9b9824d3fcc2448544d67544496f55b8d393Sumit Bose }
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher }
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher
3f2fa4c9290afdb393c760419a0ff686045a1ab3Stephen Gallagher /* Store the GID in the ldap_attrs so it doesn't get
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek * treated as a missing attribute from LDAP and removed.
a79c0a639c4ab26eacbc29f9f42bc95421e33f6eJakub Hrozek */
3f2fa4c9290afdb393c760419a0ff686045a1ab3Stephen Gallagher ret = sysdb_attrs_add_uint32(attrs, SYSDB_GIDNUM, gid);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret != EOK) goto done;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek } else if (dom->mpg) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek /* Likewise, if a domain is set to contain 'magic private groups', do
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * not process the real GID, but save it in the cache as originalGID
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * (if available)
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek ret = sysdb_attrs_get_uint32_t(attrs,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek opts->user_map[SDAP_AT_USER_GID].sys_name,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek &gid);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (ret == ENOENT) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_TRACE_LIBS,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek "Missing GID, won't save the %s attribute\n",
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek SYSDB_PRIMARY_GROUP_GIDNUM);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek /* Store the UID as GID (since we're in a MPG domain so that it doesn't
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek * get treated as a missing attribute and removed
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek ret = sdap_replace_id(attrs, SYSDB_GIDNUM, uid);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (ret) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, "Cannot set the id-mapped UID\n");
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek goto done;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek gid = 0;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek } else if (ret != EOK) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek "Cannot retrieve GID, won't save the %s attribute\n",
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek SYSDB_PRIMARY_GROUP_GIDNUM);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek gid = 0;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek ret = sdap_user_set_mpg(user_attrs, &gid);
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (ret != EOK) {
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek "sdap_user_set_mpg failed [%d]: %s\n", ret, sss_strerror(ret));
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek goto done;
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek }
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher } else {
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher ret = sysdb_attrs_get_uint32_t(attrs,
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher opts->user_map[SDAP_AT_USER_GID].sys_name,
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher &gid);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret == ENOENT && dom->type == DOM_TYPE_APPLICATION) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek DEBUG(SSSDBG_TRACE_INTERNAL,
4a9c1047354dbe5a4ed41e5951ae623e3772e113René Genz "Marking object as non-POSIX and setting ID=0!\n");
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = sdap_set_non_posix_flag(attrs,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek opts->user_map[SDAP_AT_USER_GID].sys_name);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek if (ret != EOK) {
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek goto done;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek }
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek is_posix = false;
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek } else if (ret != EOK) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek "Cannot retrieve GID for [%s] in domain [%s].\n",
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek user_name, dom->name);
ed0cdfcacc44e4e13e1524e254efa744610a87c2Jakub Hrozek ret = ERR_NO_POSIX;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
532eb49e129bedf57cdbd0a66f39ad228b8f2482Stephen Gallagher }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny /* check that the gid is valid for this domain */
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek if (is_posix == true && IS_SUBDOMAIN(dom) == false
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek && dom->mpg == false
cdb74b2cc6cc3fe52969712907c9eb4026c7a44fJakub Hrozek && OUT_OF_ID_RANGE(gid, dom->id_min, dom->id_max)) {
d27d7f2c270b69d0805633c4bedcf6d806acd5cdJakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "User [%s] filtered out! (primary gid out of range)\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = EINVAL;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek ret = sysdb_attrs_get_el(attrs, SYSDB_ORIG_DN, &el);
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek if (!el || el->num_values == 0) {
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "originalDN is not available for [%s].\n", user_name);
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek } else {
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek orig_dn = (const char *) el->values[0].data;
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_INTERNAL, "Adding originalDN [%s] to attributes "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "of [%s].\n", orig_dn, user_name);
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek ret = sysdb_attrs_add_string(user_attrs, SYSDB_ORIG_DN, orig_dn);
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek }
8455d5ab61184e0d126fc074a9ce6e98391eb909Jakub Hrozek }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek ret = sysdb_attrs_get_el(attrs, SYSDB_MEMBEROF, &el);
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek if (el->num_values == 0) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Original memberOf is not available for [%s].\n", user_name);
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek } else {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Adding original memberOf attributes to [%s].\n", user_name);
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek for (i = 0; i < el->num_values; i++) {
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek ret = sysdb_attrs_add_string(user_attrs, SYSDB_ORIG_MEMBEROF,
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek (const char *) el->values[i].data);
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek }
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek }
13308d6c9e30ca6835c38fbdedcb47dfc343d8b3Jakub Hrozek }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek ret = sdap_attrs_add_string(attrs,
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek opts->user_map[SDAP_AT_USER_MODSTAMP].sys_name,
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek "original mod-Timestamp",
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek user_name, user_attrs);
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek if (ret != EOK) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_USN].sys_name, &el);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Original USN value is not available for [%s].\n", user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny } else {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_add_string(user_attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_USN].sys_name,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny (const char*)el->values[0].data);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek usn_value = talloc_strdup(tmpctx, (const char*)el->values[0].data);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (!usn_value) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = ENOMEM;
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_attrs_get_el(attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny opts->user_map[SDAP_AT_USER_PRINC].sys_name, &el);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (el->num_values == 0) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "User principal is not available for [%s].\n", user_name);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny } else {
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose for (c = 0; c < el->num_values; c++) {
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose upn = talloc_strdup(tmpctx, (const char*) el->values[c].data);
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose if (!upn) {
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose ret = ENOMEM;
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose goto done;
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose }
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose /* Check for IPA Kerberos enterprise principal strings
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose * 'user\@my.realm@IPA.REALM' and use 'user@my.realm' */
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose if ( (p1 = strchr(upn,'\\')) != NULL
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose && *(p1 + 1) == '@'
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose && (p2 = strchr(p1 + 2, '@')) != NULL) {
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose *p1 = '\0';
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose *p2 = '\0';
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose upn = talloc_asprintf(tmpctx, "%s%s", upn, p1 + 1);
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose if (upn == NULL) {
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose DEBUG(SSSDBG_OP_FAILURE, "talloc_asprintf failed.\n");
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose ret = ENOMEM;
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose goto done;
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose }
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose }
15694ca762f61a414f0017c57ed97a8d57456b80Sumit Bose
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose if (dp_opt_get_bool(opts->basic, SDAP_FORCE_UPPER_CASE_REALM)) {
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose make_realm_upper_case(upn);
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose }
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose DEBUG(SSSDBG_TRACE_FUNC,
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose "Adding user principal [%s] to attributes of [%s].\n",
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose upn, user_name);
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose ret = sysdb_attrs_add_string(user_attrs, SYSDB_UPN, upn);
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose if (ret) {
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose goto done;
0d5d490fb5ec685fd8ef7a75e612e6ec7ef6bde3Sumit Bose }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek for (i = SDAP_FIRST_EXTRA_USER_AT; i < opts->user_map_cnt; i++) {
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek ret = sdap_attrs_add_list(attrs, opts->user_map[i].sys_name,
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek NULL, user_name, user_attrs);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
bd92e8ee315d4da9350b9ef0358c88a7b54aeebeStephen Gallagher cache_timeout = dom->user_timeout;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
7cc19286547260350afed9ef7176712f8fc66652Michal Zidek ret = sdap_save_all_names(user_name, attrs, dom,
7cc19286547260350afed9ef7176712f8fc66652Michal Zidek SYSDB_MEMBER_USER, user_attrs);
033d1e3985288ec827db85882b052104485606acJakub Hrozek if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to save user names\n");
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
033d1e3985288ec827db85882b052104485606acJakub Hrozek }
033d1e3985288ec827db85882b052104485606acJakub Hrozek
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny /* Make sure that any attributes we requested from LDAP that we
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny * did not receive are also removed from the sysdb
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny */
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek ret = list_missing_attrs(user_attrs, opts->user_map, opts->user_map_cnt,
3ff729e6c8a371e7a52914772816c39ca73c50a9Jan Zeleny attrs, &missing);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret != EOK) {
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Storing info for user %s\n", user_name);
3ca846cfb59dee6e20b94c4aee2716f1a20ebd3aJakub Hrozek
d115f40c7a3999e3cbe705a2ff9cf0fd493f80fbMichal Zidek ret = sysdb_store_user(dom, user_name, pwd, uid, gid,
6ac396bebb4cd3124711d26dce54263f6f9c7c45Simo Sorce gecos, homedir, shell, orig_dn,
6ac396bebb4cd3124711d26dce54263f6f9c7c45Simo Sorce user_attrs, missing, cache_timeout, now);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (mapped_attrs != NULL) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose ret = sysdb_set_user_attr(dom, user_name, mapped_attrs, SYSDB_MOD_ADD);
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (ret) return ret;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (_usn_value) {
70a33bdf7db34fe4d1ba194cf9ea28c758719b4bJakub Hrozek *_usn_value = talloc_steal(memctx, usn_value);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_steal(memctx, user_attrs);
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek ret = EOK;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidekdone:
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek if (ret) {
bfd59d1a2d0d45125e5164ef12c425690d519f61Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to save user [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov user_name ? user_name : "Unknown");
d6f283302268520c1506fb3da4f2a22f5a741be5Michal Zidek }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_free(tmpctx);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return ret;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny}
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny/* ==Generic-Function-to-save-multiple-users============================= */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zelenyint sdap_save_users(TALLOC_CTX *memctx,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sysdb_ctx *sysdb,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sss_domain_info *dom,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_options *opts,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sysdb_attrs **users,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int num_users,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose struct sysdb_attrs *mapped_attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char **_usn_value)
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny{
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny TALLOC_CTX *tmpctx;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char *higher_usn = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char *usn_value;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int ret;
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek errno_t sret;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int i;
684d1b48b5582a1bf7812b8c3c663592dc6dfed9Pavel Březina time_t now;
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek bool in_transaction = false;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (num_users == 0) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny /* Nothing to do if there are no users */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return EOK;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny tmpctx = talloc_new(memctx);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (!tmpctx) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return ENOMEM;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_transaction_start(sysdb);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to start transaction\n");
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek in_transaction = true;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (mapped_attrs != NULL) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose ret = sysdb_remove_mapped_data(dom, mapped_attrs);
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (ret != EOK) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose DEBUG(SSSDBG_OP_FAILURE, "sysdb_remove_mapped_data failed, "
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose "some cached entries might contain invalid mapping data.\n");
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose
684d1b48b5582a1bf7812b8c3c663592dc6dfed9Pavel Březina now = time(NULL);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny for (i = 0; i < num_users; i++) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny usn_value = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose ret = sdap_save_user(tmpctx, opts, dom, users[i], mapped_attrs,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose &usn_value, now);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny /* Do not fail completely on errors.
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny * Just report the failure to save and go on */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_OP_FAILURE, "Failed to store user %d. Ignoring.\n", i);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny } else {
83bf46f4066e3d5e838a32357c201de9bd6ecdfdNikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "User %d processed!\n", i);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (usn_value) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (higher_usn) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if ((strlen(usn_value) > strlen(higher_usn)) ||
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny (strcmp(usn_value, higher_usn) > 0)) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_zfree(higher_usn);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny higher_usn = usn_value;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny } else {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_zfree(usn_value);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny } else {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny higher_usn = usn_value;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sysdb_transaction_commit(sysdb);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction!\n");
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny goto done;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek in_transaction = false;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (_usn_value) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny *_usn_value = talloc_steal(memctx, higher_usn);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zelenydone:
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek if (in_transaction) {
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek sret = sysdb_transaction_cancel(sysdb);
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek if (sret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to cancel transaction\n");
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek }
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_zfree(tmpctx);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return ret;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny}
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny/* ==Search-Users-with-filter============================================= */
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstruct sdap_search_user_state {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct tevent_context *ev;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_options *opts;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_handle *sh;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sss_domain_info *dom;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny const char **attrs;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher const char *base_filter;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek const char *filter;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher int timeout;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek enum sdap_entry_lookup_type lookup_type;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny char *higher_usn;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sysdb_attrs **users;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny size_t count;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher size_t base_iter;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher struct sdap_search_base **search_bases;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny};
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic errno_t sdap_search_user_next_base(struct tevent_req *req);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic void sdap_search_user_copy_batch(struct sdap_search_user_state *state,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek struct sysdb_attrs **users,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek size_t count);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic void sdap_search_user_process(struct tevent_req *subreq);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstruct tevent_req *sdap_search_user_send(TALLOC_CTX *memctx,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_context *ev,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sss_domain_info *dom,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_options *opts,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_base **search_bases,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_handle *sh,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek const char **attrs,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek const char *filter,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek int timeout,
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek enum sdap_entry_lookup_type lookup_type)
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny{
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher errno_t ret;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher struct tevent_req *req;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state *state;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek req = tevent_req_create(memctx, &state, struct sdap_search_user_state);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (req == NULL) return NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->ev = ev;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->opts = opts;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->dom = dom;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->sh = sh;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->attrs = attrs;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->higher_usn = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->users = NULL;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->count = 0;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->timeout = timeout;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->base_filter = filter;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->base_iter = 0;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->search_bases = search_bases;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek state->lookup_type = lookup_type;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher if (!state->search_bases) {
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "User lookup request without a search base\n");
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher ret = EINVAL;
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher goto done;
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher }
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek ret = sdap_search_user_next_base(req);
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagher
169fa5bd3edd34aa0db35681832bd7406e423c1bStephen Gallagherdone:
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher if (ret != EOK) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher tevent_req_error(req, ret);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher tevent_req_post(req, state->ev);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher }
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher return req;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher}
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic errno_t sdap_search_user_next_base(struct tevent_req *req)
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher{
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher struct tevent_req *subreq;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state *state;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek bool need_paging = false;
b9e74a747b8f1012bba3575f3e4289ef4877d64aJakub Hrozek int sizelimit = 0;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek state = tevent_req_data(req, struct sdap_search_user_state);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher talloc_zfree(state->filter);
92ec40e6aa25f75903ffdb166a8ec56b67bfd77dPavel Březina state->filter = sdap_combine_filters(state, state->base_filter,
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->search_bases[state->base_iter]->filter);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (state->filter == NULL) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher return ENOMEM;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher }
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Searching for users with base [%s]\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov state->search_bases[state->base_iter]->basedn);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek switch (state->lookup_type) {
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek case SDAP_LOOKUP_SINGLE:
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek break;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek /* Only requests that can return multiple entries should require
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek * the paging control
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek */
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek case SDAP_LOOKUP_WILDCARD:
b9e74a747b8f1012bba3575f3e4289ef4877d64aJakub Hrozek sizelimit = dp_opt_get_int(state->opts->basic, SDAP_WILDCARD_LIMIT);
b9e74a747b8f1012bba3575f3e4289ef4877d64aJakub Hrozek need_paging = true;
b9e74a747b8f1012bba3575f3e4289ef4877d64aJakub Hrozek break;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek case SDAP_LOOKUP_ENUMERATE:
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek need_paging = true;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek break;
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek }
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek
5b2ca5cc0e22dd184e3eba84af2c00d7065c59c7Jakub Hrozek subreq = sdap_get_and_parse_generic_send(
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state, state->ev, state->opts, state->sh,
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->search_bases[state->base_iter]->basedn,
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->search_bases[state->base_iter]->scope,
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->filter, state->attrs,
4dd38025efda88f123eac672f87d3cda12f050c8Jakub Hrozek state->opts->user_map, state->opts->user_map_cnt,
b9e74a747b8f1012bba3575f3e4289ef4877d64aJakub Hrozek 0, NULL, NULL, sizelimit, state->timeout,
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek need_paging);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (subreq == NULL) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher return ENOMEM;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_set_callback(subreq, sdap_search_user_process, req);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher return EOK;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny}
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic void sdap_search_user_process(struct tevent_req *subreq)
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny{
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct tevent_req *req = tevent_req_callback_data(subreq,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct tevent_req);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state *state = tevent_req_data(req,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny int ret;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek size_t count;
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher struct sysdb_attrs **users;
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher bool next_base = false;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b2ca5cc0e22dd184e3eba84af2c00d7065c59c7Jakub Hrozek ret = sdap_get_and_parse_generic_recv(subreq, state,
5b2ca5cc0e22dd184e3eba84af2c00d7065c59c7Jakub Hrozek &count, &users);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny talloc_zfree(subreq);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny tevent_req_error(req, ret);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
0e65abe5cf2abf5d4b431cf6bd161b419f07901dLukas Slebodnik DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Search for users, returned %zu results.\n", count);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek if (state->lookup_type == SDAP_LOOKUP_WILDCARD || \
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek state->lookup_type == SDAP_LOOKUP_ENUMERATE || \
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek count == 0) {
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek /* No users found in this search or looking up multiple entries */
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher next_base = true;
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher }
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher /* Add this batch of users to the list */
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher if (count > 0) {
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher state->users =
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher talloc_realloc(state,
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher state->users,
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher struct sysdb_attrs *,
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher state->count + count + 1);
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher if (!state->users) {
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher tevent_req_error(req, ENOMEM);
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher return;
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher }
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek sdap_search_user_copy_batch(state, users, count);
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher }
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher if (next_base) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher state->base_iter++;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher if (state->search_bases[state->base_iter]) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher /* There are more search bases to try */
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek ret = sdap_search_user_next_base(req);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher if (ret != EOK) {
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher tevent_req_error(req, ret);
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher }
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher return;
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher }
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher }
a0e406e5219068aec1a531e2b09ee30309b266cfStephen Gallagher
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio DEBUG(SSSDBG_TRACE_INTERNAL, "Retrieved total %zu users\n", state->count);
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher /* No more search bases
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher * Return ENOENT if no users were found
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher */
f26b61dfe246c750a42f1f9fb28f9df5981bc841Stephen Gallagher if (state->count == 0) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny tevent_req_error(req, ENOENT);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_done(req);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek}
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozekstatic void sdap_search_user_copy_batch(struct sdap_search_user_state *state,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek struct sysdb_attrs **users,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek size_t count)
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek{
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek size_t copied;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek bool filter;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek /* Always copy all objects for wildcard lookups. */
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek filter = state->lookup_type == SDAP_LOOKUP_SINGLE ? true : false;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek copied = sdap_steal_objects_in_dom(state->opts,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek state->users,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek state->count,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek state->dom,
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek users, count, filter);
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek state->count += copied;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek state->users[state->count] = NULL;
fb83de0699b16e7d8eca803305e2112795807b4cJakub Hrozek}
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekint sdap_search_user_recv(TALLOC_CTX *memctx, struct tevent_req *req,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek char **higher_usn, struct sysdb_attrs ***users,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek size_t *count)
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek{
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state *state = tevent_req_data(req,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_user_state);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (higher_usn) {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek *higher_usn = talloc_steal(memctx, state->higher_usn);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (users) {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek *users = talloc_steal(memctx, state->users);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (count) {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek *count = state->count;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek TEVENT_REQ_RETURN_ON_ERROR(req);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek return EOK;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek}
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek/* ==Search-And-Save-Users-with-filter============================================= */
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstruct sdap_get_users_state {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sysdb_ctx *sysdb;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_options *opts;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sss_domain_info *dom;
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek const char *filter;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek char *higher_usn;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sysdb_attrs **users;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose struct sysdb_attrs *mapped_attrs;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek size_t count;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek};
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic void sdap_get_users_done(struct tevent_req *subreq);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstruct tevent_req *sdap_get_users_send(TALLOC_CTX *memctx,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_context *ev,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sss_domain_info *dom,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sysdb_ctx *sysdb,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_options *opts,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_search_base **search_bases,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_handle *sh,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek const char **attrs,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek const char *filter,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek int timeout,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose enum sdap_entry_lookup_type lookup_type,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose struct sysdb_attrs *mapped_attrs)
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek{
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek errno_t ret;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_req *req;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_req *subreq;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_get_users_state *state;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek req = tevent_req_create(memctx, &state, struct sdap_get_users_state);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (!req) return NULL;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek state->sysdb = sysdb;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek state->opts = opts;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek state->dom = dom;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek state->filter = filter;
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek PROBE(SDAP_SEARCH_USER_SEND, state->filter);
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (mapped_attrs == NULL) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose state->mapped_attrs = NULL;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose } else {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose state->mapped_attrs = sysdb_new_attrs(state);
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (state->mapped_attrs == NULL) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose DEBUG(SSSDBG_OP_FAILURE, "sysdb_new_attrs failed.\n");
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose ret = ENOMEM;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose goto done;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose ret = sysdb_attrs_copy(mapped_attrs, state->mapped_attrs);
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose if (ret != EOK) {
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose DEBUG(SSSDBG_OP_FAILURE, "sysdb_attrs_copy failed.\n");
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose goto done;
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose }
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek subreq = sdap_search_user_send(state, ev, dom, opts, search_bases,
1f2fc55ecf7b5e170b2c0752304d1a2ecebc5259Jakub Hrozek sh, attrs, filter, timeout, lookup_type);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (subreq == NULL) {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek ret = ENOMEM;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek goto done;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_set_callback(subreq, sdap_get_users_done, req);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek ret = EOK;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekdone:
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (ret != EOK) {
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_error(req, ret);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_post(req, ev);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek return req;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek}
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozekstatic void sdap_get_users_done(struct tevent_req *subreq)
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek{
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_req *req = tevent_req_callback_data(subreq,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct tevent_req);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_get_users_state *state = tevent_req_data(req,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek struct sdap_get_users_state);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek int ret;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek ret = sdap_search_user_recv(state, subreq, &state->higher_usn,
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek &state->users, &state->count);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek if (ret) {
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio if (ret != ENOENT) {
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio DEBUG(SSSDBG_OP_FAILURE, "Failed to retrieve users [%d][%s].\n",
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio ret, sss_strerror(ret));
835965da366e468c12015ac35979a8ded0824c66Fabiano Fidêncio }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek tevent_req_error(req, ret);
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek return;
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek }
5b83443dd252a3897feda134f224f6b09f283372Jakub Hrozek
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek PROBE(SDAP_SEARCH_USER_SAVE_BEGIN, state->filter);
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny ret = sdap_save_users(state, state->sysdb,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->dom, state->opts,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny state->users, state->count,
70c0648f021ded3d31313eb962e1ad140f242673Sumit Bose state->mapped_attrs,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny &state->higher_usn);
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek PROBE(SDAP_SEARCH_USER_SAVE_END, state->filter);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (ret) {
1fedb90a1d67766da39783eb193f568e9e2d55b0Pavel Reichl DEBUG(SSSDBG_OP_FAILURE, "Failed to store users [%d][%s].\n",
1fedb90a1d67766da39783eb193f568e9e2d55b0Pavel Reichl ret, sss_strerror(ret));
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny tevent_req_error(req, ret);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_ALL, "Saving %zu Users - Done\n", state->count);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny tevent_req_done(req);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny}
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zelenyint sdap_get_users_recv(struct tevent_req *req,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny TALLOC_CTX *mem_ctx, char **usn_value)
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny{
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_get_users_state *state = tevent_req_data(req,
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny struct sdap_get_users_state);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
630f3ff08c1d17c7900b9bde814922f775ca2703Jakub Hrozek PROBE(SDAP_SEARCH_USER_RECV, state->filter);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny TEVENT_REQ_RETURN_ON_ERROR(req);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny if (usn_value) {
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny *usn_value = talloc_steal(mem_ctx, state->higher_usn);
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny }
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny return EOK;
f26c954658dfd7461f290f0b5d924951a6db219aJan Zeleny}
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce/* ==Fetch-Fallback-local-user============================================ */
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorceerrno_t sdap_fallback_local_user(TALLOC_CTX *memctx,
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce const char *name, uid_t uid,
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce struct sysdb_attrs ***reply)
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce{
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce struct sysdb_attrs **ua;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce struct sysdb_attrs *user;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce struct passwd *pwd;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce int ret;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (name) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce pwd = getpwnam(name);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce } else {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce pwd = getpwuid(uid);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (!pwd) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce return errno ? errno : ENOENT;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ua = talloc_array(memctx, struct sysdb_attrs *, 2);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (!ua) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = ENOMEM;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ua[1] = NULL;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce user = sysdb_new_attrs(ua);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (!user) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = ENOMEM;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ua[0] = user;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_string(user, SYSDB_NAME, pwd->pw_name);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (pwd->pw_passwd) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_string(user, SYSDB_PWD, pwd->pw_passwd);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_long(user, SYSDB_UIDNUM, (long)pwd->pw_uid);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_long(user, SYSDB_GIDNUM, (long)pwd->pw_gid);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (pwd->pw_gecos) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_string(user, SYSDB_GECOS, pwd->pw_gecos);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (pwd->pw_dir) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_string(user, SYSDB_HOMEDIR, pwd->pw_dir);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (pwd->pw_shell) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce ret = sysdb_attrs_add_string(user, SYSDB_SHELL, pwd->pw_shell);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce goto done;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorcedone:
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce if (ret != EOK) {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce talloc_free(ua);
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce } else {
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce *reply = ua;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce }
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce return ret;
fae99bfe4bfc8b4a12e9c2a0ad01b3684c22f934Simo Sorce}