e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek/*
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek Authors:
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek Michal Židek <mzidek@redhat.com>
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek Copyright (C) 2016 Red Hat
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek This program is free software; you can redistribute it and/or modify
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek it under the terms of the GNU General Public License as published by
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek the Free Software Foundation; either version 3 of the License, or
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek (at your option) any later version.
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek This program is distributed in the hope that it will be useful,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek but WITHOUT ANY WARRANTY; without even the implied warranty of
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek GNU General Public License for more details.
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek You should have received a copy of the GNU General Public License
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek along with this program. If not, see <http://www.gnu.org/licenses/>.
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek*/
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "config.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include <popt.h>
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include <stdio.h>
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include <ini_configobj.h>
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "util/util.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "util/sss_ini.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "tools/common/sss_tools.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "tools/common/sss_process.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "tools/sssctl/sssctl.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#include "confdb/confdb.h"
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#ifdef HAVE_LIBINI_CONFIG_V1_3
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židekerrno_t sssctl_config_check(struct sss_cmdline *cmdline,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek struct sss_tool_ctx *tool_ctx,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek void *pvt)
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek{
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek errno_t ret;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek struct ini_errobj *errobj = NULL;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek struct sss_ini_initdata *init_data;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek struct ref_array *ra;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek char *msg;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek uint32_t i = 0;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek size_t num_errors;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek size_t num_ra_error;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek char **strs = NULL;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek TALLOC_CTX *tmp_ctx = NULL;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek ret = sss_tool_popt(cmdline, NULL, SSS_TOOL_OPT_OPTIONAL, NULL, NULL);
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek if (ret != EOK) {
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command arguments\n");
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek return ret;
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek }
55857e924977dbc66958f8033c6b38d6262ee631Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek tmp_ctx = talloc_new(NULL);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek init_data = sss_ini_initdata_init(tmp_ctx);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek if (!init_data) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek DEBUG(SSSDBG_FATAL_FAILURE, "Out of memory.\n");
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = ENOMEM;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek goto done;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Open config file */
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = sss_ini_config_file_open(init_data, SSSD_CONFIG_FILE);
955574eeb3a3b937abc3df150e9bbbb79b75c889Michal Židek if (ret == ENOENT) {
87de1e0fb0f1b40bc088540f7a24f0a20fecf618Lukas Slebodnik PRINT("File %1$s does not exist. SSSD will use default "
87de1e0fb0f1b40bc088540f7a24f0a20fecf618Lukas Slebodnik "configuration with files provider.\n", SSSD_CONFIG_FILE);
87de1e0fb0f1b40bc088540f7a24f0a20fecf618Lukas Slebodnik ret = EOK;
955574eeb3a3b937abc3df150e9bbbb79b75c889Michal Židek } else if (ret != EOK) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek DEBUG(SSSDBG_TRACE_FUNC,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek "sss_ini_config_file_open failed: %s [%d]\n",
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek sss_strerror(ret),
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek goto done;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Check the file permissions */
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = sss_ini_config_access_check(init_data);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek if (ret != EOK) {
9dc66cb6b96a885f7272a3c4aa6a44d60cdce82cMichal Židek printf(_("File ownership and permissions check failed. "
9dc66cb6b96a885f7272a3c4aa6a44d60cdce82cMichal Židek "Expected root:root and 0600.\n"));
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = EPERM;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek goto done;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = sss_ini_get_config(init_data,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek SSSD_CONFIG_FILE,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek CONFDB_DEFAULT_CONFIG_DIR);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek if (ret != EOK) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek DEBUG(SSSDBG_FATAL_FAILURE, "Failed to load configuration\n");
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek goto done;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Read rules */
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = sss_ini_call_validators_strs(tmp_ctx, init_data,
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek SSSDDATADIR"/cfg_rules.ini",
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek &strs, &num_errors);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek if (ret) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek goto done;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Output from validators */
cca5695e6cab64def52c009afc8f055a85f1fde4Lukas Slebodnik printf(_("Issues identified by validators: %zu\n"), num_errors);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek for (i = 0; i < num_errors; i++) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf("%s\n", strs[i]);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Merging issues */
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ra = sss_ini_get_ra_error_list(init_data);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek num_ra_error = ref_array_len(ra);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf("\n");
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf(_("Messages generated during configuration merging: %zu\n"),
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek num_ra_error);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek i = 0;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek while (ref_array_get(ra, i, &msg) != NULL) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf("%s\n", msg);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek i++;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek /* Used snippet files */
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ra = sss_ini_get_ra_success_list(init_data);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf("\n");
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf(_("Used configuration snippet files: %u\n"),
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ref_array_len(ra));
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek i = 0;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek while (ref_array_get(ra, i, &msg) != NULL) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek printf("%s\n", msg);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek i++;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek if (num_errors != 0 || num_ra_error != 0) {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = EINVAL;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek } else {
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ret = EOK;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek }
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židekdone:
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek ini_errobj_destroy(&errobj);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek sss_ini_config_destroy(init_data);
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek return ret;
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek}
e088912418fd4db750f2097dfde8ef9b77303f05Michal Židek#endif /* HAVE_LIBINI_CONFIG_V1_3 */