responder_common.c revision 1d4293f36695daab5909b9eaa670e8e23db548aa
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek Common Responder methods
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek This program is free software; you can redistribute it and/or modify
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek it under the terms of the GNU General Public License as published by
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek the Free Software Foundation; either version 3 of the License, or
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek (at your option) any later version.
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek This program is distributed in the hope that it will be useful,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek but WITHOUT ANY WARRANTY; without even the implied warranty of
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek GNU General Public License for more details.
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek You should have received a copy of the GNU General Public License
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek along with this program. If not, see <http://www.gnu.org/licenses/>.
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Get the current flags for this file descriptor */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Set the non-blocking flag on this fd */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Unable to set fd non-blocking: [%d][%s]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Get the current flags for this file descriptor */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Set the close-on-exec flags on this fd */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Unable to set fd close-on-exec: [%d][%s]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic int client_destructor(struct cli_ctx *ctx)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Failed to close fd [%d]: [%s]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Terminated client [%p][%d]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic errno_t get_client_cred(struct cli_ctx *cctx)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek socklen_t client_cred_len = sizeof(client_cred);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = getsockopt(cctx->cfd, SOL_SOCKET, SO_PEERCRED, &client_cred,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(1, ("getsock failed [%d][%s].\n", ret, strerror(ret)));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(1, ("getsockopt returned unexpected message size.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(9, ("Client creds: euid[%d] egid[%d] pid[%d].\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek cctx->client_euid, cctx->client_egid, cctx->client_pid));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekerrno_t check_allowed_uids(uid_t uid, size_t allowed_uids_count,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek for (c = 0; c < allowed_uids_count; c++) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekerrno_t csv_string_to_uid_array(TALLOC_CTX *mem_ctx, const char *cvs_string,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = split_on_separator(mem_ctx, cvs_string, ',', true, false,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("split_on_separator failed [%d][%s].\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek uids = talloc_array(mem_ctx, uint32_t, list_size);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("talloc_array failed.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Failed to unset _SSS_LOOPS, getpwnam "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "might not find sssd users.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek for (c = 0; c < list_size; c++) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Empty list item.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("List item [%s] is out of range.\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("List item [%s] is neither a valid "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "UID nor a user name which cloud be "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Failed to set _SSS_LOOPS.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_packet_send(cctx->creq->out, cctx->cfd);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* not all data was sent, loop again */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to send data, aborting client!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* ok all sent */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic int client_cmd_execute(struct cli_ctx *cctx, struct sss_cmd_table *sss_cmds)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek cctx->creq = talloc_zero(cctx, struct cli_request);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to alloc request, aborting client!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_packet_new(cctx->creq, SSS_PACKET_MAX_RECV_SIZE,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to alloc request, aborting client!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_packet_recv(cctx->creq->in, cctx->cfd);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* do not read anymore */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* execute command */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = client_cmd_execute(cctx, cctx->rctx->sss_cmds);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to execute request, aborting client!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* past this point cctx can be freed at any time by callbacks
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek * in case of error, do not use it */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* need to read still some data, loop again */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(6, ("Invalid data from client, closing connection!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(6, ("Failed to read request, aborting client!\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic errno_t reset_idle_timer(struct cli_ctx *cctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic void client_fd_handler(struct tevent_context *ev,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek struct cli_ctx *cctx = talloc_get_type(ptr, struct cli_ctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Always reset the idle timer on any activity */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Could not create idle timer for client. "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "This connection may not auto-terminate\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Non-fatal, continue */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic void idle_handler(struct tevent_context *ev,
5f93f452e4a80d6b0243eaf3c583d0caf9981ca0Jakub Hrozekstatic void accept_fd_handler(struct tevent_context *ev,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* accept and attach new event handler */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek int fd = accept_ctx->is_private ? rctx->priv_lfd : rctx->lfd;
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(1, ("stat on privileged pipe failed: [%d][%s].\n", errno,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek if ( ! (stat_buf.st_uid == 0 && stat_buf.st_gid == 0 &&
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek (stat_buf.st_mode&(S_IFSOCK|S_IRUSR|S_IWUSR)) == stat_buf.st_mode)) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(1, ("privileged pipe has an illegal status.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* TODO: what is the best response to this condition? Terminate? */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Out of memory trying to setup client context%s!\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek accept_ctx->is_private ? " on privileged pipe": ""));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* accept and close to signal the client we have a problem */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek client_fd = accept(fd, (struct sockaddr *)&addr, &len);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek cctx->cfd = accept(fd, (struct sockaddr *)&cctx->addr, &len);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(1, ("Accept failed [%s]\n", strerror(errno)));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "client cred may not be available.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("allowed_uids configured, " \
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "but platform does not support " \
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "reading peer credential from the " \
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "socket. Access denied.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = check_allowed_uids(cctx->client_euid, rctx->allowed_uids_count,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Access denied for uid [%d].\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("check_allowed_uids failed.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek cctx->cfde = tevent_add_fd(ev, cctx, cctx->cfd,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Failed to queue client handler%s\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek accept_ctx->is_private ? " on privileged pipe" : ""));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek talloc_set_destructor(cctx, client_destructor);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Set up the idle timer */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Could not create idle timer for client. "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek "This connection may not auto-terminate\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Non-fatal, continue */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Client connected%s!\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek accept_ctx->is_private ? " to privileged pipe" : ""));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic errno_t reset_idle_timer(struct cli_ctx *cctx)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek tevent_timeval_current_ofs(cctx->rctx->client_idle_timeout, 0);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek cctx->idle = tevent_add_timer(cctx->ev, cctx, tv, idle_handler, cctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Idle timer re-set for client [%p][%d]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic void idle_handler(struct tevent_context *ev,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* This connection is idle. Terminate it */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Terminating idle client [%p][%d]\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* The cli_ctx destructor will handle the rest */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Set up SBUS connection to the monitor */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = dp_get_sbus_address(be_conn, &be_conn->sbus_address, domain->name);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to connect to monitor services.\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DLIST_ADD_END(rctx->be_conns, be_conn, struct be_conn *);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Identify ourselves to the DP */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek/* create a unix socket and listen to it */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic int set_unix_socket(struct resp_ctx *rctx)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek/* for future use */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek default_pipe = talloc_asprintf(rctx, "%s/%s", PIPE_PATH,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek default_pipe = talloc_asprintf(rctx, "%s/private/%s", PIPE_PATH,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Set the umask so that permissions are set right on the socket.
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek * It must be readable and writable by anybody on the system. */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek strncpy(addr.sun_path, rctx->sock_name, sizeof(addr.sun_path)-1);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* make sure we have no old sockets around */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek if (bind(rctx->lfd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0,("Unable to bind on socket '%s'\n", rctx->sock_name));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0,("Unable to listen on socket '%s'\n", rctx->sock_name));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek accept_ctx = talloc_zero(rctx, struct accept_fd_ctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek rctx->lfde = tevent_add_fd(rctx->ev, rctx, rctx->lfd,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to queue handler on pipe\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* create privileged pipe */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek rctx->priv_lfd = socket(AF_UNIX, SOCK_STREAM, 0);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek strncpy(addr.sun_path, rctx->priv_sock_name, sizeof(addr.sun_path)-1);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek if (bind(rctx->priv_lfd, (struct sockaddr *)&addr, sizeof(addr)) == -1) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0,("Unable to bind on socket '%s'\n", rctx->priv_sock_name));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0,("Unable to listen on socket '%s'\n", rctx->priv_sock_name));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek accept_ctx = talloc_zero(rctx, struct accept_fd_ctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek rctx->priv_lfde = tevent_add_fd(rctx->ev, rctx, rctx->priv_lfd,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("Failed to queue handler on privileged pipe\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* we want default permissions on created files to be very strict,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek so set our umask to 0177 */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* we want default permissions on created files to be very strict,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek so set our umask to 0177 */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekstatic int sss_responder_ctx_destructor(void *ptr)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek struct resp_ctx *rctx = talloc_get_type(ptr, struct resp_ctx);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* mark that we are shutting down the responder, so it is propagated
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek * into underlying contexts that are freed right before rctx */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_TRACE_FUNC, ("Responder is being shut down\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("fatal error initializing resp_ctx\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek rctx->confdb_service_path = confdb_service_path;
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek talloc_set_destructor((TALLOC_CTX*)rctx, sss_responder_ctx_destructor);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = confdb_get_int(rctx->cdb, rctx->confdb_service_path,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Cannot get the client idle timeout [%d]: %s\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Ensure that the client timeout is at least ten seconds */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = confdb_get_int(rctx->cdb, rctx->confdb_service_path,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek GET_DOMAINS_DEFAULT_TIMEOUT, &rctx->domains_timeout);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Cannnot get the default domain timeout [%d]: %s\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_CONF_SETTINGS, ("timeout can't be set to negative value, setting default\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek rctx->domains_timeout = GET_DOMAINS_DEFAULT_TIMEOUT;
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = confdb_get_domains(rctx->cdb, &rctx->domains);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("fatal error setting up domain map\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = confdb_get_string(rctx->cdb, rctx, CONFDB_MONITOR_CONF_ENTRY,
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Cannnot get the default domain [%d]: %s\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_monitor_init(rctx, rctx->ev, monitor_intf,
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek DEBUG(0, ("fatal error setting up message bus\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek for (dom = rctx->domains; dom; dom = get_next_domain(dom, false)) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_names_init(rctx->cdb, rctx->cdb, dom->name, &dom->names);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("fatal error initializing regex data for domain: %s\n",
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* skip local domain, it doesn't have a backend */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_dp_init(rctx, dp_intf, cli_name, dom);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("fatal error setting up backend connector\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("fatal error initializing resp_ctx\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* after all initializations we are ready to listen on our socket */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(0, ("fatal error initializing socket\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* Create DP request table */
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ret = sss_hash_create(rctx, 30, &rctx->dp_request_table);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Could not create hash table for the request queue\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_TRACE_FUNC, ("Responder Initialization complete\n"));
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekint sss_dp_get_domain_conn(struct resp_ctx *rctx, const char *domain,
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek for (iter = rctx->be_conns; iter; iter = iter->next) {
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek if (strcasecmp(domain, iter->domain->name) == 0) break;
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekresponder_get_domain(struct resp_ctx *rctx, const char *name)
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Unknown domain [%s], checking for "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozekerrno_t responder_get_domain_by_id(struct resp_ctx *rctx, const char *id,
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek for (dom = rctx->domains; dom; dom = get_next_domain(dom, true)) {
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek strncasecmp(dom->domain_id, id, dom_id_len) == 0) {
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek ((time(NULL) - dom->parent->subdomains_last_checked.tv_sec) >
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC, ("Domain entry with id [%s] " \
5dfb1257f62839eea1c31669cf3bbcb114c22183Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("Unknown domain id [%s], checking for "
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek struct resp_ctx *rctx = talloc_get_type(sbus_conn_get_private_data(conn),
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek ret = monitor_common_rotate_logs(rctx->cdb, rctx->confdb_service_path);
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek /* First, let's see if we have permission to just set
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek * the value as-is.
9e80079370ff3b943832adc3c5ef430e64be0a0cJakub Hrozek ("Maximum file descriptors set to [%d]\n",
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek /* We couldn't set the soft and hard limits to this
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek * value. Let's see how high we CAN set it.
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek /* Determine the maximum hard limit */
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek limret = getrlimit(RLIMIT_NOFILE, ¤t_limit);
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek ("Current fd limit: [%d]\n",
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek /* Choose the lesser of the requested and the hard limit */
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek ("Maximum file descriptors set to [%d]\n",
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek ("Could not set new fd limits. Proceeding with [%d]\n",
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek ("Could not determine fd limits. "
c83ebdbc0629313ef6594215ed1674b9a783cfddJakub Hrozek "Proceeding with system values\n"));