sss_cache.c revision 72aa8e7b1d234b6b68446d42efa1cff22b70c81b
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny Copyright (C) Jan Zeleny <jzeleny@redhat.com> 2011
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny This program is free software; you can redistribute it and/or modify
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny it under the terms of the GNU General Public License as published by
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny the Free Software Foundation; either version 3 of the License, or
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny (at your option) any later version.
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny This program is distributed in the hope that it will be useful,
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny but WITHOUT ANY WARRANTY; without even the implied warranty of
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny GNU General Public License for more details.
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny You should have received a copy of the GNU General Public License
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny along with this program. If not, see <http://www.gnu.org/licenses/>.
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozekstatic errno_t search_autofsmaps(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek size_t *msgs_count, struct ldb_message ***msgs);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zelenyerrno_t init_domains(struct cache_tool_ctx *ctx, const char *domain);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zelenyerrno_t init_context(int argc, const char *argv[], struct cache_tool_ctx **tctx);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zelenyerrno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
480195bd70467bf05e2fd92cf25cec822a670cedSimo Sorcestatic bool invalidate_entries(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidekstatic errno_t update_all_filters(struct cache_tool_ctx *tctx,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ("Error initializing context for the application\n"));
72aa8e7b1d234b6b68446d42efa1cff22b70c81bSimo Sorce for (dinfo = tctx->domains; dinfo; dinfo = dinfo->next) {
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update filters for each domain */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to update filters.\n"));
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Could not start the transaction!\n"));
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek skipped &= !invalidate_entries(tctx, sysdb, TYPE_USER,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek skipped &= !invalidate_entries(tctx, sysdb, TYPE_GROUP,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek skipped &= !invalidate_entries(tctx, sysdb, TYPE_NETGROUP,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek skipped &= !invalidate_entries(tctx, sysdb, TYPE_SERVICE,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek skipped &= !invalidate_entries(tctx, sysdb, TYPE_AUTOFSMAP,
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Could not commit the transaction!\n"));
21d485184df986e1a123f70c689517386e51a5ceMichal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to cancel transaction\n"));
69f6f2ed116d1c987851bfcc410cf2bdd1b0cc97Michal Zidek if (skipped == true) {
69f6f2ed116d1c987851bfcc410cf2bdd1b0cc97Michal Zidek ERROR("No cache object matched the specified search\n");
a290ace39af184d878568e17588b6b2210aea63fMichal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to clear memory cache.\n"));
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidekstatic errno_t update_filter(struct cache_tool_ctx *tctx, char *domain_name,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("sss_parse_name failed\n"));
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Set to NULL to indicate that it will not be used
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek * in this domain */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek *filter = talloc_asprintf(tctx, fmt, SYSDB_NAME, name);
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek/* This function updates all filters for specified domain using this
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek * domains regex to parse string into domain and name (if exists). */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidekstatic errno_t update_all_filters(struct cache_tool_ctx *tctx,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = sss_names_init(tctx, tctx->confdb, domain_name, &tctx->nctx);
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek DEBUG(SSSDBG_CRIT_FAILURE, ("sss_names_init() failed\n"));
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update user filter */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = update_filter(tctx, domain_name, tctx->user_name,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update group filter */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = update_filter(tctx, domain_name, tctx->group_name,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update netgroup filter */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = update_filter(tctx, domain_name, tctx->netgroup_name,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update service filter */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = update_filter(tctx, domain_name, tctx->service_name,
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek /* Update autofs filter */
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ret = update_filter(tctx, domain_name, tctx->autofs_name,
480195bd70467bf05e2fd92cf25cec822a670cedSimo Sorcestatic bool invalidate_entries(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny const char *c_name;
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek if (!filter) return false;
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ret = sysdb_search_users(ctx, sysdb, filter, attrs, &msg_count, &msgs);
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ret = sysdb_search_groups(ctx, sysdb, filter, attrs, &msg_count, &msgs);
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ret = sysdb_search_netgroups(ctx, sysdb, filter, attrs, &msg_count, &msgs);
e3ce042be3a6c66aa720fc139f557b065ae6dc5eSimo Sorce ret = sysdb_search_services(ctx, sysdb, filter, attrs, &msg_count, &msgs);
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ret = search_autofsmaps(ctx, sysdb, filter, attrs, &msg_count, &msgs);
69f6f2ed116d1c987851bfcc410cf2bdd1b0cc97Michal Zidek ("Searching for %s in domain %s with filter %s failed\n",
69f6f2ed116d1c987851bfcc410cf2bdd1b0cc97Michal Zidek ERROR("No such %1$s named %2$s in domain %3$s, skipping\n",
69f6f2ed116d1c987851bfcc410cf2bdd1b0cc97Michal Zidek ERROR("No objects of type %1$s from domain %2$s in the cache, "
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek return false;
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek for (i = 0; i < msg_count; i++) {
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek c_name = ldb_msg_find_attr_as_string(msgs[i], SYSDB_NAME, NULL);
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ("Something bad happened, can't find attribute %s", SYSDB_NAME));
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ret = invalidate_entry(ctx, sysdb, c_name, entry_type);
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ("Couldn't invalidate %s %s", type_string, c_name));
2eaf2045b5b55cdaff6ae5704225cf9a75b16950Simo Sorce ERROR("Couldn't invalidate %1$s %2$s", type_string, c_name);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zelenyerrno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
e79d23932ef9d52cf4eb32ddec2d0a9b3af9a9ebJan Zeleny ret = sysdb_set_user_attr(sysdb, name, sys_attrs,
e79d23932ef9d52cf4eb32ddec2d0a9b3af9a9ebJan Zeleny ret = sysdb_set_group_attr(sysdb, name, sys_attrs,
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(3, ("Could not add expiration time to attributes\n"));
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(3, ("Could not create sysdb attributes\n"));
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozekerrno_t init_domains(struct cache_tool_ctx *ctx, const char *domain)
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny confdb_path = talloc_asprintf(ctx, "%s/%s", DB_PATH, CONFDB_FILE);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny /* Connect to the conf db */
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny ret = confdb_init(ctx, &ctx->confdb, confdb_path);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(1, ("Could not initialize connection to the confdb\n"));
d2d2d6ae0c436461bcc8f881df059eb036314c44Sumit Bose ret = sysdb_init_domain_and_sysdb(ctx, ctx->confdb, domain, DB_PATH,
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(1, ("Could not initialize connection to the sysdb\n"));
72aa8e7b1d234b6b68446d42efa1cff22b70c81bSimo Sorce ret = confdb_get_domains(ctx->confdb, &ctx->domains);
72aa8e7b1d234b6b68446d42efa1cff22b70c81bSimo Sorce ret = sysdb_init(ctx, ctx->domains, NULL, false);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(1, ("Could not initialize connection to the sysdb\n"));
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zelenyerrno_t init_context(int argc, const char *argv[], struct cache_tool_ctx **tctx)
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny { "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &debug,
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny { "netgroup", 'n', POPT_ARG_STRING, &netgroup, 0,
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek { "service", 's', POPT_ARG_STRING, &service, 0,
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek { "autofs-maps", 'A', POPT_ARG_NONE, NULL, 'a',
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek#endif /* BUILD_AUTOFS */
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny _("Only invalidate entries from a particular domain"), NULL },
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny pc = poptGetContext(NULL, argc, argv, long_options, 0);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek if (idb == INVALIDATE_NONE && !user && !group &&
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek _("Please select at least one object to invalidate\n"),
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny DEBUG(1, ("Could not allocate memory for tools context\n"));
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny ctx->user_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny } else if (user) {
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny ctx->group_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny } else if (group) {
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny ctx->netgroup_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
c737e1444fb186e349e59bfa9dac4995b720b4b1Jan Zeleny } else if (netgroup) {
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ctx->netgroup_name = talloc_strdup(ctx, netgroup);
e3ce042be3a6c66aa720fc139f557b065ae6dc5eSimo Sorce ctx->service_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek } else if (service) {
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ctx->service_name = talloc_strdup(ctx, service);
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek ctx->autofs_filter = talloc_asprintf(ctx, "(&(objectclass=%s)(%s=*))",
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek } else if (map) {
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek if (((idb & INVALIDATE_USERS) && !ctx->user_filter) ||
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ((idb & INVALIDATE_GROUPS) && !ctx->group_filter) ||
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ((idb & INVALIDATE_NETGROUPS) && !ctx->netgroup_filter) ||
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ((idb & INVALIDATE_SERVICES) && !ctx->service_filter) ||
d27d11b360b92f1728206802005bb3da359e1ea4Michal Zidek ((idb & INVALIDATE_AUTOFSMAPS) && !ctx->autofs_filter) ||
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek (user && !ctx->user_name) || (group && !ctx->group_name) ||
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek (netgroup && !ctx->netgroup_name) || (map && !ctx->autofs_name) ||
95cc95749a5e783f2b5d2124d783f85820baf937Stephen Gallagher ERROR("Could not open domain %1$s\n", domain);
da0b829a2002987339aadaa01b85adbb5ddba20dJakub Hrozek ("Initialization of sysdb connections failed\n"));
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozeksearch_autofsmaps(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek size_t *msgs_count, struct ldb_message ***msgs)
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek return sysdb_search_custom(mem_ctx, sysdb, sub_filter,
82b5429d1438392c45e70a0f84dd4d0f5fa1a171Jakub Hrozek#endif /* BUILD_AUTOFS */