82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek/*
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek SSSD
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek tools_mc_util - interface to the memcache for userspace tools
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek Copyright (C) Red Hat 2013
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek This program is free software; you can redistribute it and/or modify
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek it under the terms of the GNU General Public License as published by
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek the Free Software Foundation; either version 3 of the License, or
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek (at your option) any later version.
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek This program is distributed in the hope that it will be useful,
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek but WITHOUT ANY WARRANTY; without even the implied warranty of
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek GNU General Public License for more details.
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek You should have received a copy of the GNU General Public License
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek along with this program. If not, see <http://www.gnu.org/licenses/>.
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek*/
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek#include <talloc.h>
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek#include <fcntl.h>
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik#include <sys/stat.h>
cf098cbeef745b75d2efe8334d4d715bcef31883Lukas Slebodnik#include <signal.h>
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek#include "db/sysdb.h"
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek#include "util/util.h"
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek#include "tools/tools_util.h"
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek#include "util/mmap_cache.h"
11e8f3ecdddf8edd8b1bbe9f41b49ce8b709b92aPetr Cech#include "util/sss_cli_cmd.h"
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek#include "sss_client/sss_cli.h"
aea1d5c0ca9bb1470759b024c8b97b6c1f577193Pavel Březina#include "tools/common/sss_process.h"
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
714ba5f50551a42df324714358dc379b351d4a53Michal Zidek/* This is a copy of sss_mc_set_recycled present in
714ba5f50551a42df324714358dc379b351d4a53Michal Zidek * src/responder/nss/nsssrv_mmap_cache.c. If you modify this function,
714ba5f50551a42df324714358dc379b351d4a53Michal Zidek * you should modify the original function too. */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozekstatic errno_t sss_mc_set_recycled(int fd)
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek{
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek uint32_t w = SSS_MC_HEADER_RECYCLED;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek struct sss_mc_header h;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek off_t offset;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek off_t pos;
8e44ddfccebe61728d8a2c1dafce36dfa944bc90Jakub Hrozek ssize_t written;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek offset = MC_PTR_DIFF(&h.status, &h);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek pos = lseek(fd, offset, SEEK_SET);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (pos == -1) {
346d6d8bf5fdb446921d754c07c8a7d913a048d5René Genz /* What do we do now? */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return errno;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek errno = 0;
8e44ddfccebe61728d8a2c1dafce36dfa944bc90Jakub Hrozek written = sss_atomic_write_s(fd, (uint8_t *)&w, sizeof(h.status));
8e44ddfccebe61728d8a2c1dafce36dfa944bc90Jakub Hrozek if (written == -1) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return errno;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
8e44ddfccebe61728d8a2c1dafce36dfa944bc90Jakub Hrozek if (written != sizeof(h.status)) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek /* Write error */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EIO;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek}
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozekerrno_t sss_memcache_invalidate(const char *mc_filename)
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek{
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek int mc_fd = -1;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek errno_t ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek errno_t pret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek useconds_t t = 50000;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek int retries = 2;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (!mc_filename) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EINVAL;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek mc_fd = open(mc_filename, O_RDWR);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (mc_fd == -1) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = errno;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret == ENOENT) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC,"Memory cache file %s "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "does not exist.\n", mc_filename);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek } else {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Unable to open file %s: %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov mc_filename, strerror(ret));
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = sss_br_lock_file(mc_fd, 0, 1, retries, t);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret == EACCES) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek DEBUG(SSSDBG_TRACE_FUNC,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "File %s already locked by someone else.\n", mc_filename);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek goto done;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek } else if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to lock file %s.\n", mc_filename);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek goto done;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek /* Mark the mc file as recycled. */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = sss_mc_set_recycled(mc_fd);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to mark memory cache file %s "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "as recycled.\n", mc_filename);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek goto done;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozekdone:
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (mc_fd != -1) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek /* Closing the file also releases the lock */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek close(mc_fd);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
1091c0ae2f1596ceb161e5b765a91c23c413b369Yuri Chornoivan /* Only unlink the file if invalidation was successful */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret == EOK) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek pret = unlink(mc_filename);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (pret == -1) {
bc7991db97482eb2ac77f7105ee4bb3d329acff7Lukas Slebodnik pret = errno;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
bc7991db97482eb2ac77f7105ee4bb3d329acff7Lukas Slebodnik "Failed to unlink file %s, %d [%s]. "
bc7991db97482eb2ac77f7105ee4bb3d329acff7Lukas Slebodnik "Will be unlinked later by sssd_nss.\n",
bc7991db97482eb2ac77f7105ee4bb3d329acff7Lukas Slebodnik mc_filename, pret, strerror(pret));
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek}
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozekstatic int clear_fastcache(bool *sssd_nss_is_off)
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek{
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek int ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = sss_memcache_invalidate(SSS_NSS_MCACHE_DIR"/passwd");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != EOK) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret == EACCES) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek *sssd_nss_is_off = false;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek } else {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = sss_memcache_invalidate(SSS_NSS_MCACHE_DIR"/group");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != EOK) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret == EACCES) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek *sssd_nss_is_off = false;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek } else {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik ret = sss_memcache_invalidate(SSS_NSS_MCACHE_DIR"/initgroups");
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik if (ret != EOK) {
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik if (ret == EACCES) {
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik *sssd_nss_is_off = false;
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik return EOK;
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik } else {
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik return ret;
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik }
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik }
b08bcc387ad99b9c408183960c127dc77975b6ffLukas Slebodnik
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek *sssd_nss_is_off = true;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek}
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnikstatic errno_t wait_till_nss_responder_invalidate_cache(void)
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik{
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik struct stat stat_buf = { 0 };
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik const time_t max_wait = 1000000; /* 1 second */
346d6d8bf5fdb446921d754c07c8a7d913a048d5René Genz const time_t step_time = 5000; /* 5 milliseconds */
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik const size_t steps_count = max_wait / step_time;
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik int ret;
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik for (size_t i = 0; i < steps_count; ++i) {
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik ret = stat(SSS_NSS_MCACHE_DIR "/" CLEAR_MC_FLAG, &stat_buf);
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik if (ret == -1) {
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik ret = errno;
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik if (ret == ENOENT) {
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik /* nss responder has already invalidated memory caches */
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik return EOK;
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik }
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik DEBUG(SSSDBG_CRIT_FAILURE,
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik "stat failed: %s (%d)\n", sss_strerror(ret), ret);
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik }
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik usleep(step_time);
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik }
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik return EAGAIN;
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik}
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozekerrno_t sss_memcache_clear_all(void)
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek{
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek errno_t ret;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek bool sssd_nss_is_off = false;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek FILE *clear_mc_flag;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = clear_fastcache(&sssd_nss_is_off);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_CRIT_FAILURE, "Failed to clear caches.\n");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EIO;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (!sssd_nss_is_off) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek /* sssd_nss is running -> signal monitor to invalidate fastcache */
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek clear_mc_flag = fopen(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG, "w");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (clear_mc_flag == NULL) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to create clear_mc_flag file. "
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Memory cache will not be cleared.\n");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EIO;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = fclose(clear_mc_flag);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != 0) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek ret = errno;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Unable to close file descriptor: %s\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov strerror(ret));
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EIO;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_TRACE_FUNC, "Sending SIGHUP to monitor.\n");
aea1d5c0ca9bb1470759b024c8b97b6c1f577193Pavel Březina ret = sss_signal(SIGHUP);
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek if (ret != EOK) {
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Failed to send SIGHUP to monitor.\n");
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EIO;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik ret = wait_till_nss_responder_invalidate_cache();
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik if (ret != EOK) {
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik ERROR("The fast memory caches was not invalidated by NSS "
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik "responder.\n");
32c6db689a0206e062b799dfd32c34ba878ff044Lukas Slebodnik }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek }
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek return EOK;
82dc11348718bf8e2ff07da696f91f6703293c24Jakub Hrozek}
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekenum sss_tools_ent {
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek SSS_TOOLS_USER,
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek SSS_TOOLS_GROUP
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek};
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekstatic errno_t sss_mc_refresh_ent(const char *name, enum sss_tools_ent ent)
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek{
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek enum sss_cli_command cmd;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek struct sss_cli_req_data rd;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek uint8_t *repbuf = NULL;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek size_t replen;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek enum nss_status nret;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek errno_t ret;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek cmd = SSS_CLI_NULL;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek switch (ent) {
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek case SSS_TOOLS_USER:
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek cmd = SSS_NSS_GETPWNAM;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek break;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek case SSS_TOOLS_GROUP:
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek cmd = SSS_NSS_GETGRNAM;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek break;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek }
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek if (cmd == SSS_CLI_NULL) {
11e8f3ecdddf8edd8b1bbe9f41b49ce8b709b92aPetr Cech DEBUG(SSSDBG_OP_FAILURE, "Unknown object [%d][%s] to refresh\n",
11e8f3ecdddf8edd8b1bbe9f41b49ce8b709b92aPetr Cech cmd, sss_cmd2str(cmd));
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek return EINVAL;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek }
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek rd.data = name;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek rd.len = strlen(name) + 1;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek sss_nss_lock();
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek nret = sss_nss_make_request(cmd, &rd, &repbuf, &replen, &ret);
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek sss_nss_unlock();
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek free(repbuf);
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek if (nret != NSS_STATUS_SUCCESS && nret != NSS_STATUS_NOTFOUND) {
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek return EIO;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek }
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek return EOK;
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek}
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekerrno_t sss_mc_refresh_user(const char *username)
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek{
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek return sss_mc_refresh_ent(username, SSS_TOOLS_USER);
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek}
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozekerrno_t sss_mc_refresh_group(const char *groupname)
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek{
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek return sss_mc_refresh_ent(groupname, SSS_TOOLS_GROUP);
543676afec3c08fdc0a5a794976adc8dfdca974bJakub Hrozek}
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židekstatic errno_t sss_mc_refresh_nested_group(struct tools_ctx *tctx,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek const char *shortname)
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek{
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek errno_t ret;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek struct ldb_message *msg = NULL;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek struct ldb_message_element *el;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek const char *attrs[] = { SYSDB_MEMBEROF,
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek SYSDB_NAME,
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek NULL };
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek size_t i;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek char *parent_internal_name;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek char *parent_outname;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek char *internal_name;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek TALLOC_CTX *tmpctx;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek tmpctx = talloc_new(tctx);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek if (tmpctx == NULL) {
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek return ENOMEM;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek }
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek internal_name = sss_create_internal_fqname(tmpctx, shortname,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek tctx->local->name);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek if (internal_name == NULL) {
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = ENOMEM;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek goto done;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = sss_mc_refresh_group(shortname);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek if (ret != EOK) {
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek "Cannot refresh group %s from memory cache\n", shortname);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek /* try to carry on */
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = sysdb_search_group_by_name(tmpctx, tctx->local, internal_name, attrs,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek &msg);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek if (ret) {
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Search failed: %s (%d)\n", strerror(ret), ret);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek goto done;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek el = ldb_msg_find_element(msg, SYSDB_MEMBEROF);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek if (!el || el->num_values == 0) {
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek DEBUG(SSSDBG_TRACE_INTERNAL, "Group %s has no parents\n",
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek internal_name);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = EOK;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek goto done;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek /* This group is nested. We need to invalidate all its parents, too */
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek for (i=0; i < el->num_values; i++) {
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = sysdb_group_dn_name(tctx->sysdb, tmpctx,
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek (const char *) el->values[i].data,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek &parent_internal_name);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek if (ret != EOK) {
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov DEBUG(SSSDBG_MINOR_FAILURE, "Malformed DN [%s]? Skipping\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov (const char *) el->values[i].data);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek talloc_free(parent_internal_name);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek continue;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek parent_outname = sss_output_name(tmpctx, parent_internal_name,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek tctx->local->case_preserve, 0);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek if (parent_outname == NULL) {
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = ENOMEM;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek goto done;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek }
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = sss_mc_refresh_group(parent_outname);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek talloc_free(parent_internal_name);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek talloc_free(parent_outname);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek if (ret != EOK) {
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek "Cannot refresh group %s from memory cache\n", parent_outname);
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek /* try to carry on */
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek }
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek ret = EOK;
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židekdone:
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek talloc_free(tmpctx);
cb54dbad6be907d277ce6aa39524338643e2f5a4Michal Židek return ret;
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek}
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozekerrno_t sss_mc_refresh_grouplist(struct tools_ctx *tctx,
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek char **groupnames)
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek{
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek int i;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek errno_t ret;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek bool failed = false;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek if (!groupnames) return EOK;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek for (i = 0; groupnames[i]; i++) {
7a92ae1598735ff69e36c72a7be60292ccad41d3Jakub Hrozek ret = sss_mc_refresh_nested_group(tctx, groupnames[i]);
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek if (ret != EOK) {
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek DEBUG(SSSDBG_MINOR_FAILURE,
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov "Cannot refresh group %s from memory cache\n",
a3c8390d19593b1e5277d95bfb4ab206d4785150Nikolai Kondrashov groupnames[i]);
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek failed = true;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek continue;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek }
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek }
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek return failed ? EIO : EOK;
2bb2eadf2b1b7854f430e37689b3e7a25bedfebdJakub Hrozek}