providers/ldap/sdap_reinit.c

	sdap_reinit.c revision 1402e7140d143aaf48224c23182c2c12c2a89cd7
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina/*
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    Authors:
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        Pavel B??ezina <pbrezina@redhat.com>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    Copyright (C) 2012 Red Hat
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    This program is free software; you can redistribute it and/or modify
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    it under the terms of the GNU General Public License as published by
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    the Free Software Foundation; either version 3 of the License, or
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    (at your option) any later version.
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    This program is distributed in the hope that it will be useful,
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    but WITHOUT ANY WARRANTY; without even the implied warranty of
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    GNU General Public License for more details.
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    You should have received a copy of the GNU General Public License
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    along with this program.  If not, see <http://www.gnu.org/licenses/>.
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina*/
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include <talloc.h>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include <tevent.h>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include <string.h>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include <ldb.h>
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include "util/util.h"
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include "providers/ldap/ldap_common.h"
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include "db/sysdb.h"
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina#include "db/sysdb_services.h"
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinastruct sdap_reinit_cleanup_state {
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    struct sss_domain_info *domain;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct sysdb_ctx *sysdb;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina};
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorcestatic errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb,
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce                                     struct sss_domain_info *domain);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinastatic void sdap_reinit_cleanup_done(struct tevent_req *subreq);
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorcestatic errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb,
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce                                          struct sss_domain_info *domain);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinastruct tevent_req* sdap_reinit_cleanup_send(TALLOC_CTX *mem_ctx,
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina                                            struct be_ctx *be_ctx,
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina                                            struct sdap_id_ctx *id_ctx)
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina{
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct tevent_req *req = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct tevent_req *subreq = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct sdap_reinit_cleanup_state *state;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    int ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    /*
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * 1. remove entryUSN attribute from all entries
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * 2. run enumeration
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * 3. remove records that doesn't have entryUSN attribute updated
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     *
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * We don't need to do this for sudo rules, they will be refreshed
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * automatically during next smart/full refresh, or when an expired rule
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * is deleted.
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     */
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    req = tevent_req_create(mem_ctx, &state, struct sdap_reinit_cleanup_state);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (req == NULL) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        return NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    state->sysdb = be_ctx->domain->sysdb;
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    state->domain = be_ctx->domain;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (!be_ctx->domain->enumerate) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        /* enumeration is disabled, this whole process is meaningless */
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        ret = EOK;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto immediately;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    ret = sdap_reinit_clear_usn(state->sysdb, state->domain);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to clear USN attributes [%d]: %s\n",
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina                                    ret, strerror(ret)));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto immediately;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    subreq = ldap_id_enumerate_send(be_ctx->ev, id_ctx);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    if (subreq == NULL) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to issue enumeration request\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        ret = ENOMEM;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto immediately;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tevent_req_set_callback(subreq, sdap_reinit_cleanup_done, req);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return req;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinaimmediately:
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        tevent_req_error(req, ret);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    } else {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        tevent_req_done(req);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tevent_req_post(req, be_ctx->ev);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return req;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina}
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorcestatic void sdap_delete_msgs_usn(struct sysdb_ctx *sysdb,
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                 struct ldb_message **msgs,
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                 size_t msgs_num)
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce{
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    struct ldb_message_element el = { 0, SYSDB_USN, 0, NULL };
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    struct sysdb_attrs usn_el = { 1, &el };
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    errno_t ret;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    int i;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    for (i = 0; i < msgs_num; i++) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        ret = sysdb_set_entry_attr(sysdb, msgs[i]->dn, &usn_el, SYSDB_MOD_DEL);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        if (ret) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce            DEBUG(SSSDBG_TRACE_FUNC, ("Failed to clean USN on entry: [%s]\n",
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                      ldb_dn_get_linearized(msgs[i]->dn)));
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce}
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorcestatic errno_t sdap_reinit_clear_usn(struct sysdb_ctx *sysdb,
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce                                     struct sss_domain_info *domain)
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina{
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    TALLOC_CTX *tmp_ctx = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    bool in_transaction = false;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    struct ldb_message **msgs = NULL;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    size_t msgs_num = 0;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    const char *attrs[] = { "dn", NULL };
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    int sret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    errno_t ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tmp_ctx = talloc_new(NULL);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (tmp_ctx == NULL) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new() failed\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        return ENOMEM;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    ret = sysdb_transaction_start(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto done;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    in_transaction = true;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* reset users' usn */
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    ret = sysdb_search_users(tmp_ctx, sysdb, domain,
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce                             "", attrs, &msgs_num, &msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    if (ret != EOK) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        goto done;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_usn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* reset groups' usn */
2b7ee2a760e7fcc70f4970a3bbee6fbf8f2ccb9dSimo Sorce    ret = sysdb_search_groups(tmp_ctx, sysdb, domain,
2b7ee2a760e7fcc70f4970a3bbee6fbf8f2ccb9dSimo Sorce                              "", attrs, &msgs_num, &msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    if (ret != EOK) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        goto done;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_usn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* reset services' usn */
681742138b2afbbefa7f14de937beb438409208eSimo Sorce    ret = sysdb_search_services(tmp_ctx, sysdb, domain,
681742138b2afbbefa7f14de937beb438409208eSimo Sorce                                "", attrs, &msgs_num, &msgs);
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek    if (ret != EOK) {
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek        DEBUG(SSSDBG_OP_FAILURE,
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek              ("Cannot search services [%d]: %s\n", ret, strerror(ret)));
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek        goto done;
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek    }
1402e7140d143aaf48224c23182c2c12c2a89cd7Jakub Hrozek
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_usn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    ret = sysdb_transaction_commit(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret == EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        in_transaction = false;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    } else {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_MINOR_FAILURE, ("Could not commit transaction\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinadone:
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (in_transaction) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        sret = sysdb_transaction_cancel(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        if (sret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina            DEBUG(SSSDBG_OP_FAILURE, ("Could not cancel transaction\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    talloc_free(tmp_ctx);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina}
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinastatic void sdap_reinit_cleanup_done(struct tevent_req *subreq)
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina{
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct tevent_req *req = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    struct sdap_reinit_cleanup_state *state = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    enum tevent_req_state tstate;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    uint64_t err;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    errno_t ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    req = tevent_req_callback_data(subreq, struct tevent_req);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    state = tevent_req_data(req, struct sdap_reinit_cleanup_state);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (tevent_req_is_error(subreq, &tstate, &err)) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        ret = err;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_CRIT_FAILURE, ("Domain enumeration failed [%d]: %s\n",
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina                                    err, strerror(err)));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto fail;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    /* Ok, we've completed an enumeration. Save this to the
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * sysdb so we can postpone starting up the enumeration
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * process on the next SSSD service restart (to avoid
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     * slowing down system boot-up
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina     */
80c6afa474d8a1e0198832bddfe5da75a9818b29Simo Sorce    ret = sysdb_set_enumerated(state->sysdb, state->domain, true);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_MINOR_FAILURE, ("Could not mark domain as having "
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina                                     "enumerated.\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        /* This error is non-fatal, so continue */
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    ret = sdap_reinit_delete_records(state->sysdb, state->domain);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto fail;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tevent_req_done(req);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinafail:
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tevent_req_error(req, ret);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina}
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorcestatic void sdap_delete_msgs_dn(struct sysdb_ctx *sysdb,
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                struct ldb_message **msgs,
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                size_t msgs_num)
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce{
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    errno_t ret;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    int i;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    for (i = 0; i < msgs_num; i++) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        ret = sysdb_delete_entry(sysdb, msgs[i]->dn, true);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        if (ret) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce            DEBUG(SSSDBG_TRACE_FUNC, ("Failed to delete entry: [%s]\n",
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                      ldb_dn_get_linearized(msgs[i]->dn)));
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce}
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorcestatic errno_t sdap_reinit_delete_records(struct sysdb_ctx *sysdb,
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce                                          struct sss_domain_info *domain)
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina{
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    TALLOC_CTX *tmp_ctx = NULL;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    bool in_transaction = false;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    struct ldb_message **msgs = NULL;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    size_t msgs_num = 0;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    const char *attrs[] = { "dn", NULL };
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    int sret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    errno_t ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    tmp_ctx = talloc_new(NULL);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (tmp_ctx == NULL) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_new() failed\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        return ENOMEM;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    ret = sysdb_transaction_start(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        goto done;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    in_transaction = true;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* purge untouched users */
044868b388b4e47499f12a9105310b247bbe1ce2Simo Sorce    ret = sysdb_search_users(tmp_ctx, sysdb, domain, "(!("SYSDB_USN"=*))",
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                             attrs, &msgs_num, &msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    if (ret != EOK) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        goto done;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_dn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* purge untouched groups */
2b7ee2a760e7fcc70f4970a3bbee6fbf8f2ccb9dSimo Sorce    ret = sysdb_search_groups(tmp_ctx, sysdb, domain, "(!("SYSDB_USN"=*))",
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                              attrs, &msgs_num, &msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    if (ret != EOK) {
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce        goto done;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_dn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    /* purge untouched services */
681742138b2afbbefa7f14de937beb438409208eSimo Sorce    ret = sysdb_search_services(tmp_ctx, sysdb, domain, "(!("SYSDB_USN"=*))",
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce                                attrs, &msgs_num, &msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    sdap_delete_msgs_dn(sysdb, msgs, msgs_num);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    talloc_zfree(msgs);
4c2cf6607ddc82c5061d805c11e163de4bc1bd82Simo Sorce    msgs_num = 0;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    ret = sysdb_transaction_commit(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (ret == EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        in_transaction = false;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    } else {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        DEBUG(SSSDBG_MINOR_FAILURE, ("Could not commit transaction\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinadone:
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    if (in_transaction) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        sret = sysdb_transaction_cancel(sysdb);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        if (sret != EOK) {
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina            DEBUG(SSSDBG_OP_FAILURE, ("Could not cancel transaction\n"));
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina        }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    }
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    talloc_free(tmp_ctx);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return ret;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina}
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březinaerrno_t sdap_reinit_cleanup_recv(struct tevent_req *req)
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina{
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    TEVENT_REQ_RETURN_ON_ERROR(req);
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina    return EOK;
41be4e3976cf66823ad2c6880671ac7fbafdc640Pavel Březina}