sss_cache.c revision e7d1cd14ce1a427007b1a7e9789dcb7e9619f84f
5a580c3a38ced62d4bcc95b8ac7c4f2935b5d294Timo Sirainen/*
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen SSSD
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen sss_cache
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen Copyright (C) Jan Zeleny <jzeleny@redhat.com> 2011
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen This program is free software; you can redistribute it and/or modify
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen it under the terms of the GNU General Public License as published by
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen the Free Software Foundation; either version 3 of the License, or
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen (at your option) any later version.
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen This program is distributed in the hope that it will be useful,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen but WITHOUT ANY WARRANTY; without even the implied warranty of
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen GNU General Public License for more details.
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen You should have received a copy of the GNU General Public License
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen along with this program. If not, see <http://www.gnu.org/licenses/>.
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen*/
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include <stdio.h>
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include <stdlib.h>
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include <talloc.h>
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include <popt.h>
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include <sys/types.h>
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include "util/util.h"
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include "tools/sss_sync_ops.h"
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include "db/sysdb.h"
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include "db/sysdb_services.h"
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#include "db/sysdb_autofs.h"
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_NONE 0
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_USERS 1
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_GROUPS 2
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_NETGROUPS 4
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_SERVICES 8
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_AUTOFSMAPS 16
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#ifdef BUILD_AUTOFS
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_EVERYTHING (INVALIDATE_USERS | INVALIDATE_GROUPS | \
063254ba79239f1c0a78ea08d4aa22f8f11d984cTimo Sirainen INVALIDATE_NETGROUPS | INVALIDATE_SERVICES | \
063254ba79239f1c0a78ea08d4aa22f8f11d984cTimo Sirainen INVALIDATE_AUTOFSMAPS)
063254ba79239f1c0a78ea08d4aa22f8f11d984cTimo Sirainen#else
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen#define INVALIDATE_EVERYTHING (INVALIDATE_USERS | INVALIDATE_GROUPS | \
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen INVALIDATE_NETGROUPS | INVALIDATE_SERVICES)
e809db9220c804b16d4d74782433a1075da12274Timo Sirainen#endif
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
6ac48a4295edbeb6b962700be3c563ad015c0a4eTimo Sirainenenum sss_cache_entry {
8e1dbcb9b249c37d00b420705777b103ffa6145dTimo Sirainen TYPE_USER=0,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen TYPE_GROUP,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen TYPE_NETGROUP,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen TYPE_SERVICE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen TYPE_AUTOFSMAP
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen};
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainenstatic errno_t search_autofsmaps(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
81d3c215bb1fdbda2cf7ccd9519f6b4fd03c3791Timo Sirainen struct sss_domain_info *domain,
8ddc45fe2080010715c212ecbb2b12b6734f6d4bTimo Sirainen const char *sub_filter, const char **attrs,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen size_t *msgs_count, struct ldb_message ***msgs);
8ddc45fe2080010715c212ecbb2b12b6734f6d4bTimo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainenstruct cache_tool_ctx {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct confdb_ctx *confdb;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sss_domain_info *domains;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sss_names_ctx *nctx;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen char *user_filter;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen char *group_filter;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen char *netgroup_filter;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen char *service_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *autofs_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *user_name;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *group_name;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *netgroup_name;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *service_name;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen char *autofs_name;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen bool update_user_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen bool update_group_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen bool update_netgroup_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen bool update_service_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen bool update_autofs_filter;
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainen};
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainenerrno_t init_domains(struct cache_tool_ctx *ctx, const char *domain);
13f6c879a84b3edd2fcc8f9832812be1f8c5d3b6Timo Sirainenerrno_t init_context(int argc, const char *argv[], struct cache_tool_ctx **tctx);
8ddc45fe2080010715c212ecbb2b12b6734f6d4bTimo Sirainenstatic errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
8ddc45fe2080010715c212ecbb2b12b6734f6d4bTimo Sirainen struct sss_domain_info *domain,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *name, int entry_type);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainenstatic bool invalidate_entries(TALLOC_CTX *ctx,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sss_domain_info *dinfo,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sysdb_ctx *sysdb,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen enum sss_cache_entry entry_type,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *filter, const char *name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainenstatic errno_t update_all_filters(struct cache_tool_ctx *tctx,
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen struct sss_domain_info *dinfo);
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainenint main(int argc, const char *argv[])
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen{
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen errno_t ret;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen struct cache_tool_ctx *tctx = NULL;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen struct sysdb_ctx *sysdb;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen bool skipped = true;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sss_domain_info *dinfo;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = init_context(argc, argv, &tctx);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ("Error initializing context for the application\n"));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen goto done;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen for (dinfo = tctx->domains; dinfo; dinfo = get_next_domain(dinfo, true)) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen sysdb = dinfo->sysdb;
81d3c215bb1fdbda2cf7ccd9519f6b4fd03c3791Timo Sirainen
81d3c215bb1fdbda2cf7ccd9519f6b4fd03c3791Timo Sirainen if (!IS_SUBDOMAIN(dinfo)) {
f87844c400cf9741abad57d9815121d0738a738fTimo Sirainen /* Update list of subdomains for this domain */
81d3c215bb1fdbda2cf7ccd9519f6b4fd03c3791Timo Sirainen ret = sysdb_update_subdomains(dinfo);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_MINOR_FAILURE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ("Failed to update subdomains for domain %s.\n", dinfo->name));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen }
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen sysdb = dinfo->sysdb;
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen /* Update filters for each domain */
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen ret = update_all_filters(tctx, dinfo);
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen if (ret != EOK) {
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to update filters.\n"));
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen goto done;
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen }
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen ret = sysdb_transaction_start(sysdb);
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen if (ret != EOK) {
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen DEBUG(SSSDBG_CRIT_FAILURE,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen ("Could not start the transaction!\n"));
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen goto done;
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen }
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen skipped &= !invalidate_entries(tctx, dinfo, sysdb, TYPE_USER,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->user_filter,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->user_name);
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen skipped &= !invalidate_entries(tctx, dinfo, sysdb, TYPE_GROUP,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->group_filter,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->group_name);
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen skipped &= !invalidate_entries(tctx, dinfo, sysdb, TYPE_NETGROUP,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->netgroup_filter,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->netgroup_name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen skipped &= !invalidate_entries(tctx, dinfo, sysdb, TYPE_SERVICE,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->service_filter,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->service_name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen skipped &= !invalidate_entries(tctx, dinfo, sysdb, TYPE_AUTOFSMAP,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->autofs_filter,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->autofs_name);
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen ret = sysdb_transaction_commit(sysdb);
ecd69c4e8371853667e01b0c16d436ef7f7393e2Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ("Could not commit the transaction!\n"));
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen ret = sysdb_transaction_cancel(sysdb);
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen if (ret != EOK) {
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE,
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen ("Failed to cancel transaction\n"));
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen }
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen }
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (skipped == true) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ERROR("No cache object matched the specified search\n");
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = ENOENT;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen goto done;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sss_memcache_clear_all();
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Failed to clear memory cache.\n"));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen goto done;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen ret = EOK;
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainendone:
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen if (tctx) talloc_free(tctx);
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen return ret;
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen}
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainenstatic errno_t update_filter(struct cache_tool_ctx *tctx,
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen struct sss_domain_info *dinfo,
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen char *name, bool update, const char *fmt,
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen bool force_case_sensitivity,
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen char **_filter)
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen{
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen errno_t ret;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen char *parsed_domain = NULL;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen char *parsed_name = NULL;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen TALLOC_CTX *tmp_ctx = NULL;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen char *use_name = NULL;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen char *filter;
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen if (!name || !update) {
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen /* Nothing to do */
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen return EOK;
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen }
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen tmp_ctx = talloc_new(NULL);
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen if (tmp_ctx == NULL) {
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory.\n"));
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen return ENOMEM;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sss_parse_name(tmp_ctx, tctx->nctx, name,
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen &parsed_domain, &parsed_name);
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("sss_parse_name failed\n"));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen goto done;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen }
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen if (!dinfo->case_sensitive && !force_case_sensitivity) {
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen use_name = sss_tc_utf8_str_tolower(tmp_ctx, parsed_name);
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen if (!use_name) {
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen ret = ENOMEM;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen goto done;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen use_name = parsed_name;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (parsed_domain) {
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen use_name = sss_get_domain_name(tmp_ctx, use_name, dinfo);
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen if (!use_name) {
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen ret = ENOMEM;
9ed77dd00248e88d731ec129116db5dddc0dd3b5Timo Sirainen goto done;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (!strcasecmp(dinfo->name, parsed_domain)) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (fmt) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter = talloc_asprintf(tmp_ctx, fmt,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen SYSDB_NAME, use_name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter = talloc_strdup(tmp_ctx, use_name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (filter == NULL) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = ENOMEM;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen goto done;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen /* We were able to parse the domain from given fqdn, but it
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen * does not match with currently processed domain. */
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter = NULL;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (fmt) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter = talloc_asprintf(tmp_ctx, fmt, SYSDB_NAME, name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen filter = talloc_strdup(tmp_ctx, name);
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen }
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen if (filter == NULL) {
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("Out of memory\n"));
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen ret = ENOMEM;
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen goto done;
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen }
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen }
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen talloc_free(*_filter);
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen *_filter = talloc_steal(tctx, filter);
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen ret = EOK;
27a44fcfd8d19bffe0f267f20a2b5d3fe7600fddTimo Sirainendone:
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen talloc_free(tmp_ctx);
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen return ret;
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen
00bf64c70c231f647c12c2fd49925ef73cb07f07Timo Sirainen}
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen/* This function updates all filters for specified domain using this
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen * domains regex to parse string into domain and name (if exists). */
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainenstatic errno_t update_all_filters(struct cache_tool_ctx *tctx,
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen struct sss_domain_info *dinfo)
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen{
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen errno_t ret;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen if (IS_SUBDOMAIN(dinfo)) {
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = sss_names_init(tctx, tctx->confdb, dinfo->parent->name,
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen &tctx->nctx);
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen } else {
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = sss_names_init(tctx, tctx->confdb, dinfo->name, &tctx->nctx);
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen }
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen if (ret != EOK) {
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen DEBUG(SSSDBG_CRIT_FAILURE, ("sss_names_init() failed\n"));
2ed248fba21fdd3abcc4bb4d07c2822b9ba3f66fTimo Sirainen return ret;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen }
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen /* Update user filter */
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = update_filter(tctx, dinfo, tctx->user_name,
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen tctx->update_user_filter, "(%s=%s)", false,
2ed248fba21fdd3abcc4bb4d07c2822b9ba3f66fTimo Sirainen &tctx->user_filter);
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen if (ret != EOK) {
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen return ret;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen }
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen /* Update group filter */
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = update_filter(tctx, dinfo, tctx->group_name,
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen tctx->update_group_filter, "(%s=%s)", false,
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen &tctx->group_filter);
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen if (ret != EOK) {
7c3f90095b4168d89a268ac1ec820c5925d48fd3Timo Sirainen return ret;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen }
2ed248fba21fdd3abcc4bb4d07c2822b9ba3f66fTimo Sirainen
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen /* Update netgroup filter */
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = update_filter(tctx, dinfo, tctx->netgroup_name,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->update_netgroup_filter, "(%s=%s)", false,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen &tctx->netgroup_filter);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen return ret;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen /* Update service filter */
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen ret = update_filter(tctx, dinfo, tctx->service_name,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen tctx->update_service_filter, "(%s=%s)", false,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen &tctx->service_filter);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen return ret;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
2ed248fba21fdd3abcc4bb4d07c2822b9ba3f66fTimo Sirainen
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen /* Update autofs filter */
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen ret = update_filter(tctx, dinfo, tctx->autofs_name,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen tctx->update_autofs_filter,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen "(&(objectclass="SYSDB_AUTOFS_MAP_OC")(%s=%s))", true,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen &tctx->autofs_filter);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen return ret;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen return EOK;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen}
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainenstatic bool invalidate_entries(TALLOC_CTX *ctx,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen struct sss_domain_info *dinfo,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen struct sysdb_ctx *sysdb,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen enum sss_cache_entry entry_type,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *filter, const char *name)
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen{
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *attrs[] = {SYSDB_NAME, NULL};
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen size_t msg_count;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen struct ldb_message **msgs;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *type_string = "unknown";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen errno_t ret = EINVAL;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen int i;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen const char *c_name;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen bool iret;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (!filter) return false;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen switch (entry_type) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen case TYPE_USER:
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string = "user";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sysdb_search_users(ctx, sysdb, dinfo,
b1a2d2042e8c7e99983175eb462b82cc7a8cb70bTimo Sirainen filter, attrs, &msg_count, &msgs);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen break;
530f80fcbfa8be7378ff0d36ec7ecef41f198e2cTimo Sirainen case TYPE_GROUP:
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string = "group";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sysdb_search_groups(ctx, sysdb, dinfo,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter, attrs, &msg_count, &msgs);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen break;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen case TYPE_NETGROUP:
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string = "netgroup";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sysdb_search_netgroups(ctx, sysdb, dinfo,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter, attrs, &msg_count, &msgs);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen break;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen case TYPE_SERVICE:
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen type_string = "service";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = sysdb_search_services(ctx, sysdb, dinfo,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter, attrs, &msg_count, &msgs);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen break;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen case TYPE_AUTOFSMAP:
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string = "autofs map";
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ret = search_autofsmaps(ctx, sysdb, dinfo,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen filter, attrs, &msg_count, &msgs);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen break;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen if (ret == ENOENT) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_TRACE_FUNC, ("'%s' %s: Not found in domain '%s'\n",
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string, name ? name : "", dinfo->name));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen } else {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_CRIT_FAILURE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ("Searching for %s in domain %s with filter %s failed\n",
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen type_string, dinfo->name, filter));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen return false;
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen }
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen iret = true;
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen for (i = 0; i < msg_count; i++) {
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen c_name = ldb_msg_find_attr_as_string(msgs[i], SYSDB_NAME, NULL);
adcb46fe2c6d1139dfbd8ab08a8fbe96e53f8fd6Timo Sirainen if (c_name == NULL) {
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen DEBUG(SSSDBG_MINOR_FAILURE,
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen ("Something bad happened, can't find attribute %s", SYSDB_NAME));
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen ERROR("Couldn't invalidate %1$s", type_string);
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen iret = false;
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen } else {
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen ret = invalidate_entry(ctx, sysdb, dinfo, c_name, entry_type);
df452e9628fe8d3356c42dd644b020ea9733c0c1Timo Sirainen if (ret != EOK) {
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen DEBUG(SSSDBG_MINOR_FAILURE,
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ("Couldn't invalidate %s %s", type_string, c_name));
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen ERROR("Couldn't invalidate %1$s %2$s", type_string, c_name);
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen iret = false;
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
8e1dbcb9b249c37d00b420705777b103ffa6145dTimo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen }
e15b305e90c9834734ccf35ed78f0ad29d570ee9Timo Sirainen talloc_zfree(msgs);
return iret;
}
static errno_t invalidate_entry(TALLOC_CTX *ctx, struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *name, int entry_type)
{
struct sysdb_attrs *sys_attrs = NULL;
errno_t ret;
sys_attrs = sysdb_new_attrs(ctx);
if (sys_attrs) {
ret = sysdb_attrs_add_time_t(sys_attrs,
SYSDB_CACHE_EXPIRE, 1);
if (ret == EOK) {
switch (entry_type) {
case TYPE_USER:
ret = sysdb_set_user_attr(sysdb, domain, name, sys_attrs,
SYSDB_MOD_REP);
break;
case TYPE_GROUP:
ret = sysdb_set_group_attr(sysdb, domain, name, sys_attrs,
SYSDB_MOD_REP);
break;
case TYPE_NETGROUP:
ret = sysdb_set_netgroup_attr(sysdb, domain, name,
sys_attrs, SYSDB_MOD_REP);
break;
case TYPE_SERVICE:
ret = sysdb_set_service_attr(sysdb, domain, name,
sys_attrs, SYSDB_MOD_REP);
break;
case TYPE_AUTOFSMAP:
ret = sysdb_set_autofsmap_attr(domain, name,
sys_attrs, SYSDB_MOD_REP);
break;
default:
return EINVAL;
}
if (ret != EOK) {
DEBUG(3, ("Could not set entry attributes\n"));
}
} else {
DEBUG(3, ("Could not add expiration time to attributes\n"));
}
talloc_zfree(sys_attrs);
} else {
DEBUG(3, ("Could not create sysdb attributes\n"));
ret = ENOMEM;
}
return ret;
}
errno_t init_domains(struct cache_tool_ctx *ctx, const char *domain)
{
char *confdb_path;
int ret;
confdb_path = talloc_asprintf(ctx, "%s/%s", DB_PATH, CONFDB_FILE);
if (confdb_path == NULL) {
return ENOMEM;
}
/* Connect to the conf db */
ret = confdb_init(ctx, &ctx->confdb, confdb_path);
talloc_free(confdb_path);
if (ret != EOK) {
DEBUG(1, ("Could not initialize connection to the confdb\n"));
return ret;
}
if (domain) {
ret = sssd_domain_init(ctx, ctx->confdb,
domain, DB_PATH, &ctx->domains);
if (ret != EOK) {
SYSDB_VERSION_ERROR(ret);
DEBUG(1, ("Could not initialize connection to the sysdb\n"));
return ret;
}
} else {
ret = confdb_get_domains(ctx->confdb, &ctx->domains);
if (ret != EOK) {
DEBUG(1, ("Could not initialize domains\n"));
return ret;
}
ret = sysdb_init(ctx, ctx->domains, false);
SYSDB_VERSION_ERROR(ret);
if (ret != EOK) {
DEBUG(1, ("Could not initialize connection to the sysdb\n"));
return ret;
}
}
return EOK;
}
errno_t init_context(int argc, const char *argv[], struct cache_tool_ctx **tctx)
{
struct cache_tool_ctx *ctx = NULL;
int idb = INVALIDATE_NONE;
char *user = NULL;
char *group = NULL;
char *netgroup = NULL;
char *service = NULL;
char *map = NULL;
char *domain = NULL;
int debug = SSSDBG_DEFAULT;
errno_t ret = EOK;
poptContext pc = NULL;
struct poptOption long_options[] = {
POPT_AUTOHELP
{ "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &debug,
0, _("The debug level to run with"), NULL },
{ "everything", 'E', POPT_ARG_NONE, NULL, 'e',
_("Invalidate all cached entries except for sudo rules"), NULL },
{ "user", 'u', POPT_ARG_STRING, &user, 0,
_("Invalidate particular user"), NULL },
{ "users", 'U', POPT_ARG_NONE, NULL, 'u',
_("Invalidate all users"), NULL },
{ "group", 'g', POPT_ARG_STRING, &group, 0,
_("Invalidate particular group"), NULL },
{ "groups", 'G', POPT_ARG_NONE, NULL, 'g',
_("Invalidate all groups"), NULL },
{ "netgroup", 'n', POPT_ARG_STRING, &netgroup, 0,
_("Invalidate particular netgroup"), NULL },
{ "netgroups", 'N', POPT_ARG_NONE, NULL, 'n',
_("Invalidate all netgroups"), NULL },
{ "service", 's', POPT_ARG_STRING, &service, 0,
_("Invalidate particular service"), NULL },
{ "services", 'S', POPT_ARG_NONE, NULL, 's',
_("Invalidate all services"), NULL },
#ifdef BUILD_AUTOFS
{ "autofs-map", 'a', POPT_ARG_STRING, &map, 0,
_("Invalidate particular autofs map"), NULL },
{ "autofs-maps", 'A', POPT_ARG_NONE, NULL, 'a',
_("Invalidate all autofs maps"), NULL },
#endif /* BUILD_AUTOFS */
{ "domain", 'd', POPT_ARG_STRING, &domain, 0,
_("Only invalidate entries from a particular domain"), NULL },
POPT_TABLEEND
};
ret = set_locale();
if (ret != EOK) {
DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
ERROR("Error setting the locale\n");
goto fini;
}
pc = poptGetContext(NULL, argc, argv, long_options, 0);
while ((ret = poptGetNextOpt(pc)) > 0) {
switch (ret) {
case 'u':
idb |= INVALIDATE_USERS;
break;
case 'g':
idb |= INVALIDATE_GROUPS;
break;
case 'n':
idb |= INVALIDATE_NETGROUPS;
break;
case 's':
idb |= INVALIDATE_SERVICES;
break;
case 'a':
idb |= INVALIDATE_AUTOFSMAPS;
break;
case 'e':
idb = INVALIDATE_EVERYTHING;
break;
}
}
DEBUG_INIT(debug);
debug_prg_name = argv[0];
if (ret != -1) {
BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
}
if (idb == INVALIDATE_NONE && !user && !group &&
!netgroup && !service && !map) {
BAD_POPT_PARAMS(pc,
_("Please select at least one object to invalidate\n"),
ret, fini);
}
CHECK_ROOT(ret, debug_prg_name);
ctx = talloc_zero(NULL, struct cache_tool_ctx);
if (ctx == NULL) {
DEBUG(1, ("Could not allocate memory for tools context\n"));
ret = ENOMEM;
goto fini;
}
if (idb & INVALIDATE_USERS) {
ctx->user_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
ctx->update_user_filter = false;
} else if (user) {
ctx->user_name = talloc_strdup(ctx, user);
ctx->update_user_filter = true;
}
if (idb & INVALIDATE_GROUPS) {
ctx->group_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
ctx->update_group_filter = false;
} else if (group) {
ctx->group_name = talloc_strdup(ctx, group);
ctx->update_group_filter = true;
}
if (idb & INVALIDATE_NETGROUPS) {
ctx->netgroup_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
ctx->update_netgroup_filter = false;
} else if (netgroup) {
ctx->netgroup_name = talloc_strdup(ctx, netgroup);
ctx->update_netgroup_filter = true;
}
if (idb & INVALIDATE_SERVICES) {
ctx->service_filter = talloc_asprintf(ctx, "(%s=*)", SYSDB_NAME);
ctx->update_service_filter = false;
} else if (service) {
ctx->service_name = talloc_strdup(ctx, service);
ctx->update_service_filter = true;
}
if (idb & INVALIDATE_AUTOFSMAPS) {
ctx->autofs_filter = talloc_asprintf(ctx, "(&(objectclass=%s)(%s=*))",
SYSDB_AUTOFS_MAP_OC, SYSDB_NAME);
ctx->update_autofs_filter = false;
} else if (map) {
ctx->autofs_name = talloc_strdup(ctx, map);
ctx->update_autofs_filter = true;
}
if (((idb & INVALIDATE_USERS) && !ctx->user_filter) ||
((idb & INVALIDATE_GROUPS) && !ctx->group_filter) ||
((idb & INVALIDATE_NETGROUPS) && !ctx->netgroup_filter) ||
((idb & INVALIDATE_SERVICES) && !ctx->service_filter) ||
((idb & INVALIDATE_AUTOFSMAPS) && !ctx->autofs_filter) ||
(user && !ctx->user_name) || (group && !ctx->group_name) ||
(netgroup && !ctx->netgroup_name) || (map && !ctx->autofs_name) ||
(service && !ctx->service_name)) {
DEBUG(1, ("Construction of filters failed\n"));
ret = ENOMEM;
goto fini;
}
ret = init_domains(ctx, domain);
if (ret != EOK) {
if (domain) {
ERROR("Could not open domain %1$s. If the domain is a subdomain "
"(trusted domain), use fully qualified name instead of "
"--domain/-d parameter.\n", domain);
} else {
ERROR("Could not open available domains\n");
}
DEBUG(SSSDBG_OP_FAILURE,
("Initialization of sysdb connections failed\n"));
goto fini;
}
ret = EOK;
fini:
poptFreeContext(pc);
free(user);
free(group);
free(netgroup);
free(domain);
if (ret != EOK && ctx) {
talloc_zfree(ctx);
}
if (ret == EOK) {
*tctx = ctx;
}
return ret;
}
static errno_t
search_autofsmaps(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *sub_filter, const char **attrs,
size_t *msgs_count, struct ldb_message ***msgs)
{
#ifdef BUILD_AUTOFS
return sysdb_search_custom(mem_ctx, sysdb, domain, sub_filter,
AUTOFS_MAP_SUBDIR, attrs,
msgs_count, msgs);
#else
return ENOSYS;
#endif /* BUILD_AUTOFS */
}