sss_override.c revision 1b45fed9f629d47fefc3feaba01810ca2200fed3
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina Pavel Březina <pbrezina@redhat.com>
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina Copyright (C) 2015 Red Hat
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina This program is free software; you can redistribute it and/or modify
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina it under the terms of the GNU General Public License as published by
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina the Free Software Foundation; either version 3 of the License, or
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina (at your option) any later version.
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina This program is distributed in the hope that it will be useful,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina but WITHOUT ANY WARRANTY; without even the implied warranty of
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina GNU General Public License for more details.
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina You should have received a copy of the GNU General Public License
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina along with this program. If not, see <http://www.gnu.org/licenses/>.
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int parse_cmdline(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina require = options == NULL ? SSS_TOOL_OPT_OPTIONAL : SSS_TOOL_OPT_REQUIRED;
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sss_tool_popt_ex(cmdline, options, require,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina NULL, NULL, "NAME", _("Specify name of modified "
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command arguments\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sss_tool_parse_name(tool_ctx, tool_ctx, input_name,
4285cf181abd1d12dc144d5f86d73162bbd9cf05Pavel Březina fprintf(stderr, _("Unable to parse name %s.\n"), input_name);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int parse_cmdline_user_add(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"name", 'n', POPT_ARG_STRING, &user->name, 0, _("Override name"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"uid", 'u', POPT_ARG_INT, &user->uid, 0, _("Override uid (non-zero value)"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"gid", 'g', POPT_ARG_INT, &user->gid, 0, _("Override gid (non-zero value)"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"home", 'h', POPT_ARG_STRING, &user->home, 0, _("Override home directory"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"shell", 's', POPT_ARG_STRING, &user->shell, 0, _("Override shell"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"gecos", 'c', POPT_ARG_STRING, &user->gecos, 0, _("Override gecos"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return parse_cmdline(cmdline, tool_ctx, options, &user->input_name,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int parse_cmdline_user_del(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return parse_cmdline(cmdline, tool_ctx, NULL, &user->input_name,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int parse_cmdline_group_add(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"name", 'n', POPT_ARG_STRING, &group->name, 0, _("Override name"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina {"gid", 'g', POPT_ARG_INT, &group->gid, 0, _("Override gid"), NULL },
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return parse_cmdline(cmdline, tool_ctx, options, &group->input_name,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int parse_cmdline_group_del(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return parse_cmdline(cmdline, tool_ctx, NULL, &group->input_name,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březinastatic int parse_cmdline_find(struct sss_cmdline *cmdline,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina {"domain", 'd', POPT_ARG_STRING | POPT_ARGFLAG_OPTIONAL,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina ret = sss_tool_popt_ex(cmdline, options, SSS_TOOL_OPT_OPTIONAL,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command arguments\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina dom = find_domain_by_name(tool_ctx->domains, domname, true);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to find domain %s\n", domname);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina fprintf(stderr, _("Unable to find domain %s\n"), domname);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int parse_cmdline_import(struct sss_cmdline *cmdline,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina const char **_file)
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sss_tool_popt_ex(cmdline, NULL, SSS_TOOL_OPT_OPTIONAL,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina NULL, NULL, "FILE", "File to import the data from.",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command arguments\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int parse_cmdline_export(struct sss_cmdline *cmdline,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina const char **_file)
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sss_tool_popt_ex(cmdline, NULL, SSS_TOOL_OPT_OPTIONAL,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina NULL, NULL, "FILE", "File to export the data to.",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command arguments\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic errno_t prepare_view(struct sss_domain_info *domain)
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_get_view_name(NULL, domain->sysdb, &viewname);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "sysdb_get_view_name() failed.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "%s view is already present.\n", viewname);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_MINOR_FAILURE, "There already exists view %s. "
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina "Only one view is supported. Nothing to do.\n", viewname);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Creating %s view.\n", LOCALVIEW);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_update_view_name(domain->sysdb, LOCALVIEW);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina printf("SSSD needs to be restarted for the changes to take effect.\n");
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinaerrno_t prepare_view_msg(struct sss_domain_info *domain)
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina fprintf(stderr, _("Other than " LOCALVIEW " view already exist "
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina fprintf(stderr, _("Unable to prepare " LOCALVIEW
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic char *build_anchor(TALLOC_CTX *mem_ctx, const char *obj_dn)
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_dn_sanitize(mem_ctx, obj_dn, &safe_dn);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_dn_sanitize() failed\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina anchor = talloc_asprintf(mem_ctx, ":%s:%s", LOCALVIEW, safe_dn);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic struct sysdb_attrs *build_attrs(TALLOC_CTX *mem_ctx,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_string(attrs, SYSDB_NAME, name);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_uint32(attrs, SYSDB_UIDNUM, uid);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_uint32(attrs, SYSDB_GIDNUM, gid);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_string(attrs, SYSDB_HOMEDIR, home);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_string(attrs, SYSDB_SHELL, shell);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_string(attrs, SYSDB_GECOS, gecos);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic struct sysdb_attrs *build_user_attrs(TALLOC_CTX *mem_ctx,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return build_attrs(mem_ctx, user->name, user->uid, user->gid, user->home,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic struct sysdb_attrs *build_group_attrs(TALLOC_CTX *mem_ctx,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina return build_attrs(mem_ctx, group->name, 0, group->gid, 0, NULL, NULL);
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina /* Get length. */
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina fqlen = sss_fqname(NULL, 0, domain->names, domain, name);
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina fqname = talloc_zero_array(mem_ctx, char, fqlen);
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero_array() failed\n");
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina check = sss_fqname(fqname, fqlen, domain->names, domain, name);
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Failed to generate a fully qualified name "
7eba58cfcf78e61af1c4ff98619aa97223eb7a5bPavel Březina "for user [%s] in [%s]! Skipping user.\n", name, domain->name);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina /* Ensure that the object is in cache. */
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported member type %d\n", type);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina /* Find domain if it is unknown. */
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Trying to find user %s@%s\n",
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_getpwnam(tmp_ctx, dom, name, &res);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Trying to find group %s@%s\n",
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_getgrnam(tmp_ctx, dom, name, &res);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported member type %d\n", type);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to find %s %s@%s [%d]: %s\n",
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina strtype, name, dom->name, ret, sss_strerror(ret));
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "More than one %s found?\n", strtype);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "No domain match for %s\n", name);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Domain of %s %s is %s\n",
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinastatic errno_t get_user_domain_msg(struct sss_tool_ctx *tool_ctx,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina newdom = get_object_domain(SYSDB_MEMBER_USER, user->orig_name,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina domname = user->domain == NULL ? "[unknown]" : user->domain->name;
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina fprintf(stderr, _("Unable to find user %s@%s.\n"),
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinastatic errno_t get_group_domain_msg(struct sss_tool_ctx *tool_ctx,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina newdom = get_object_domain(SYSDB_MEMBER_GROUP, group->orig_name,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina domname = group->domain == NULL ? "[unknown]" : group->domain->name;
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina fprintf(stderr, _("Unable to find group %s@%s.\n"),
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinastatic errno_t get_object_dn(TALLOC_CTX *mem_ctx,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina const char **_str_dn)
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ldb_dn = sysdb_user_dn(mem_ctx, domain, name);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ldb_dn = sysdb_group_dn(mem_ctx, domain, name);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported member type %d\n", type);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic errno_t override_object_add(struct sss_domain_info *domain,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ret = get_object_dn(tmp_ctx, domain, type, name, &ldb_dn, &str_dn);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_attrs_add_string(attrs, SYSDB_OVERRIDE_ANCHOR_UUID, anchor);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Creating override for %s\n", str_dn);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_store_override(domain, LOCALVIEW, type, attrs, ldb_dn);
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březinastatic errno_t override_fqn(TALLOC_CTX *mem_ctx,
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina const char **_name)
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina ret = sss_tool_parse_name(mem_ctx, tool_ctx, input, _name, &dom);
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "Unable to find domain from "
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina fprintf(stderr, _("Changing domain is not allowed!\n"));
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina } else if (ret == EOK && dom != NULL && dom != domain) {
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "Trying to change domain from "
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina "%s to %s, not allowed!\n", domain->name, dom->name);
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina fprintf(stderr, _("Changing domain is not allowed!\n"));
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse name %s [%d]: %s\n",
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinastatic errno_t override_user(struct sss_tool_ctx *tool_ctx,
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina /* We need to parse the name and ensure that domain did not change. */
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina ret = override_fqn(tmp_ctx, tool_ctx, user.domain, user.name, &user.name);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to build sysdb attrs.\n");
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina ret = override_object_add(user.domain, SYSDB_MEMBER_USER, attrs,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add override object.\n");
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březinastatic errno_t override_group(struct sss_tool_ctx *tool_ctx,
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina /* We need to parse the name and ensure that domain did not change. */
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina ret = override_fqn(tmp_ctx, tool_ctx, group.domain, group.name,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to build sysdb attrs.\n");
4649f19ea4b11c428ca75803beda8d495a0c9335Pavel Březina ret = override_object_add(group.domain, SYSDB_MEMBER_GROUP, attrs,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add override object.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic errno_t override_object_del(struct sss_domain_info *domain,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina struct ldb_context *ldb = sysdb_ctx_get_ldb(domain->sysdb);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ret = get_object_dn(tmp_ctx, domain, type, name, &ldb_dn, &str_dn);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_TRACE_FUNC, "Removing override for %s\n", str_dn);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "sysdb_transaction_start() failed.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_delete_entry(domain->sysdb, override_dn, true);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "sysdb_delete_entry() failed.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = ldb_msg_add_empty(msg, SYSDB_OVERRIDE_DN, LDB_FLAG_MOD_DELETE, NULL);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_empty() failed\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina if (ret != LDB_SUCCESS && ret != LDB_ERR_NO_SUCH_ATTRIBUTE) {
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina "ldb_modify() failed: [%s](%d)[%s]\n",
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = sysdb_transaction_commit(domain->sysdb);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Failed to commit transaction\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina sret = sysdb_transaction_cancel(domain->sysdb);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Could not cancel transaction\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic errno_t append_name(struct sss_domain_info *domain,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina struct ldb_context *ldb = sysdb_ctx_get_ldb(domain->sysdb);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina dn = ldb_msg_find_attr_as_dn(ldb, tmp_ctx, override,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Missing overrideObjectDN?\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sysdb_search_entry(tmp_ctx, domain->sysdb, dn, LDB_SCOPE_BASE,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_search_entry() failed [%d]: %s\n",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "More than one user found?\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina name = ldb_msg_find_attr_as_string(msgs[0], SYSDB_NAME, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Object with no name?\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get fqname\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = ldb_msg_add_string(override, ORIGNAME, fqname);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add attribute to msg\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic errno_t list_overrides(TALLOC_CTX *mem_ctx,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina const char **attrs,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina struct ldb_context *ldb = sysdb_ctx_get_ldb(domain->sysdb);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina /* Acquire list of override objects. */
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina dn = ldb_dn_new_fmt(tmp_ctx, ldb, SYSDB_TMPL_VIEW_SEARCH_BASE, LOCALVIEW);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_OP_FAILURE, "ldb_dn_new_fmt() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sysdb_search_entry(tmp_ctx, domain->sysdb, dn, LDB_SCOPE_SUBTREE,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_search_entry() failed [%d]: %s\n",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina /* Amend messages with original name. */
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina for (i = 0; i < count; i++) {
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to append name [%d]: %s\n",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = list_overrides(tmp_ctx, "(objectClass=" SYSDB_OVERRIDE_USER_CLASS ")",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs = talloc_zero_array(tmp_ctx, struct override_user, count + 1);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina for (i = 0; i < count; i++) {
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].orig_name = ldb_msg_find_attr_as_string(msgs[i], ORIGNAME,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Missing name?!\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].name = ldb_msg_find_attr_as_string(msgs[i], SYSDB_NAME, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].uid = ldb_msg_find_attr_as_uint(msgs[i], SYSDB_UIDNUM, 0);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].gid = ldb_msg_find_attr_as_uint(msgs[i], SYSDB_GIDNUM, 0);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].home = ldb_msg_find_attr_as_string(msgs[i], SYSDB_HOMEDIR, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].shell = ldb_msg_find_attr_as_string(msgs[i], SYSDB_SHELL, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].gecos = ldb_msg_find_attr_as_string(msgs[i], SYSDB_GECOS, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = list_overrides(tmp_ctx, "(objectClass=" SYSDB_OVERRIDE_GROUP_CLASS ")",
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs = talloc_zero_array(tmp_ctx, struct override_group, count + 1);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina for (i = 0; i < count; i++) {
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].orig_name = ldb_msg_find_attr_as_string(msgs[i], ORIGNAME,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Missing name?!\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].name = ldb_msg_find_attr_as_string(msgs[i], SYSDB_NAME, NULL);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina objs[i].gid = ldb_msg_find_attr_as_uint(msgs[i], SYSDB_GIDNUM, 0);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březinastatic errno_t user_export(const char *filename,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina db = sss_colondb_open(tmp_ctx, SSS_COLONDB_WRITE, filename);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get override objects\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina * Format: orig_name:name:uid:gid:gecos:home:shell
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina {SSS_COLONDB_STRING, {.str = objs[i].orig_name}},
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina {SSS_COLONDB_UINT32, {.uint32 = objs[i].uid}},
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina {SSS_COLONDB_UINT32, {.uint32 = objs[i].gid}},
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to write line to db\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina /* All overrides are under the same subtree, so we don't want to
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina * descent into subdomains. */
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int override_user_add(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = parse_cmdline_user_add(cmdline, tool_ctx, &user);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int override_user_del(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = parse_cmdline_user_del(cmdline, tool_ctx, &user);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ret = override_object_del(user.domain, SYSDB_MEMBER_USER, user.orig_name);
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to delete override object.\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březinastatic int override_user_find(struct sss_cmdline *cmdline,
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina ret = parse_cmdline_find(cmdline, tool_ctx, &dom);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to export users\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int override_user_import(struct sss_cmdline *cmdline,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina * Format: orig_name:name:uid:gid:gecos:home:shell
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina {SSS_COLONDB_STRING, {.str = &obj.input_name}},
c12cd2d95d08c9316bc358c2f7707d92551b6909Pavel Reichl ret = parse_cmdline_import(cmdline, &filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina db = sss_colondb_open(tool_ctx, SSS_COLONDB_READ, filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Unable to open %s.\n"), filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina while ((ret = sss_colondb_readline(tmp_ctx, db, table)) == EOK) {
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sss_tool_parse_name(tool_ctx, tool_ctx, obj.input_name,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Unable to parse name %s.\n"), obj.input_name);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Invalid format on line %d. "
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina "Use --debug option for more information.\n"), linenum);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int override_user_export(struct sss_cmdline *cmdline,
c12cd2d95d08c9316bc358c2f7707d92551b6909Pavel Reichl ret = parse_cmdline_export(cmdline, &filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina ret = user_export(filename, tool_ctx->domains, true);
1b45fed9f629d47fefc3feaba01810ca2200fed3Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to export users\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int override_group_add(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = parse_cmdline_group_add(cmdline, tool_ctx, &group);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březinastatic int override_group_del(struct sss_cmdline *cmdline,
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina ret = parse_cmdline_group_del(cmdline, tool_ctx, &group);
b69cb1787209e85cc246eb9a944242689bfe0c46Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina ret = override_object_del(group.domain, SYSDB_MEMBER_GROUP,
5df5a6b852eccaafc8a3fb4eb31296d9587be483Pavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to delete override object.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int override_group_import(struct sss_cmdline *cmdline,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina * Format: orig_name:name:gid
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina {SSS_COLONDB_STRING, {.str = &obj.input_name}},
c12cd2d95d08c9316bc358c2f7707d92551b6909Pavel Reichl ret = parse_cmdline_import(cmdline, &filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina db = sss_colondb_open(tool_ctx, SSS_COLONDB_READ, filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Unable to open %s.\n"), filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina while ((ret = sss_colondb_readline(tmp_ctx, db, table)) == EOK) {
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina ret = sss_tool_parse_name(tool_ctx, tool_ctx, obj.input_name,
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Unable to parse name %s.\n"), obj.input_name);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Invalid format on line %d. "
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina "Use --debug option for more information.\n"), linenum);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březinastatic int override_group_export(struct sss_cmdline *cmdline,
c12cd2d95d08c9316bc358c2f7707d92551b6909Pavel Reichl ret = parse_cmdline_export(cmdline, &filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina db = sss_colondb_open(tool_ctx, SSS_COLONDB_WRITE, filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina fprintf(stderr, _("Unable to open %s.\n"), filename);
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get override objects\n");
1bf0ada00f59c153fe00853394508021d0ff9b24Pavel Březina * Format: orig_name:name:gid
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina {SSS_COLONDB_STRING, {.str = objs[i].orig_name}},
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina {SSS_COLONDB_UINT32, {.uint32 = objs[i].gid}},
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina DEBUG(SSSDBG_CRIT_FAILURE, "Unable to write line to db\n");
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina /* All overrides are under the same subtree, so we don't want to
23fb01bf67a6058fb508da6d81515e8b18634bebPavel Březina * descent into subdomains. */