domain_info_utils.c revision 58dd26b1c5b60ee992dd5d1214bb168aebb42d54
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny Sumit Bose <sbose@redhat.com>
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny Copyright (C) 2012 Red Hat
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny This program is free software; you can redistribute it and/or modify
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny it under the terms of the GNU General Public License as published by
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny the Free Software Foundation; either version 3 of the License, or
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny (at your option) any later version.
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny This program is distributed in the hope that it will be useful,
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny but WITHOUT ANY WARRANTY; without even the implied warranty of
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny GNU General Public License for more details.
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny You should have received a copy of the GNU General Public License
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny along with this program. If not, see <http://www.gnu.org/licenses/>.
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek/* the directory domain - realm mappings are written to */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek#define KRB5_MAPPING_DIR PUBCONF_PATH"/krb5.include.d"
0232747f04b650796db56fd7b487aee8a96fab03Simo Sorcestruct sss_domain_info *get_next_domain(struct sss_domain_info *domain,
07b92f78d1751d8a2a538a440e1fdb24c59021e0Pavel Březina } else if (descend && IS_SUBDOMAIN(dom) && dom->parent->next) {
bba1a5fd62cffcae076d1351df5a83fbc4a6ec17Simo Sorcestruct sss_domain_info *find_subdomain_by_name(struct sss_domain_info *domain,
bba1a5fd62cffcae076d1351df5a83fbc4a6ec17Simo Sorce const char *name,
bba1a5fd62cffcae076d1351df5a83fbc4a6ec17Simo Sorce ((match_any == true) && (dom->flat_name != NULL) &&
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zelenystruct sss_domain_info *new_subdomain(TALLOC_CTX *mem_ctx,
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny const char *name,
b8dcd1216e5ea7065213c750a92dabfe01fa3b70Simo Sorce const char *realm,
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny const char *id)
aab938c5975f0e3b85c7c79a5d718e5fefed7217Simo Sorce ("Creating [%s] as subdomain of [%s]!\n", name, parent->name));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny dom = talloc_zero(mem_ctx, struct sss_domain_info);
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("talloc_zero failed.\n"));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy domain name.\n"));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny dom->provider = talloc_strdup(dom, parent->provider);
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy provider name.\n"));
d3f2fd9cb21cc10dce663a2f7d0deda07074e44eJan Zeleny dom->conn_name = talloc_strdup(dom, parent->conn_name);
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy connection name.\n"));
b8dcd1216e5ea7065213c750a92dabfe01fa3b70Simo Sorce DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy realm name.\n"));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy flat name.\n"));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Failed to copy id.\n"));
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny /* FIXME: get ranges from the server */
bf8cce77a35cb0a3cdb0d21fb9c39b7b6372bc11Jan Zeleny dom->pwd_expiration_warning = parent->pwd_expiration_warning;
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny dom->cache_credentials = parent->cache_credentials;
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny dom->netgroup_timeout = parent->netgroup_timeout;
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny dom->override_homedir = parent->override_homedir;
8ccb0de226ccb9330f5a6865de487d6f0313902dJan Zeleny dom->subdomain_homedir = parent->subdomain_homedir;
20d0bc6d587f346238062df4da5edfde815e59b1Jan Zeleny DEBUG(SSSDBG_OP_FAILURE, ("Missing sysdb context in parent domain.\n"));
234958be042980242fff6da936af674da877c5efSimo Sorce DEBUG(SSSDBG_OP_FAILURE, ("Error retrieving domain configuration.\n"));
234958be042980242fff6da936af674da877c5efSimo Sorce DEBUG(SSSDBG_OP_FAILURE, ("Sysdb context already initialized.\n"));
234958be042980242fff6da936af674da877c5efSimo Sorce ret = sysdb_domain_init(mem_ctx, dom, db_path, &sysdb);
234958be042980242fff6da936af674da877c5efSimo Sorce DEBUG(SSSDBG_OP_FAILURE, ("Error opening cache database.\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to change mtime of \"%s\" "
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozeksss_write_domain_mappings(struct sss_domain_info *domain)
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("No domain name provided\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek sanitized_domain = talloc_strdup(tmp_ctx, domain->name);
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("talloc_strdup() failed\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek /* only alpha-numeric chars, dashes and underscores are allowed in
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek * krb5 include directory */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek for (i = 0; sanitized_domain[i] != '\0'; i++) {
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek && sanitized_domain[i] != '-' && sanitized_domain[i] != '_') {
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek mapping_file = talloc_asprintf(tmp_ctx, "%s/domain_realm_%s",
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_FUNC_DATA, ("Mapping file for domain [%s] is [%s]\n",
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek tmp_file = talloc_asprintf(tmp_ctx, "%sXXXXXX", mapping_file);
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("creating the temp file [%s] for domain-realm "
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("fdopen failed [%d]: %s\n",
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("fclose failed [%d][%s].\n", ret, strerror(ret)));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek /* Nothing to do here, just report the failure */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_OP_FAILURE, ("fprintf failed\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek dom && IS_SUBDOMAIN(dom); /* if we get back to a parent, stop */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("fprintf failed\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("fclose failed [%d][%s].\n", ret, strerror(ret)));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("rename failed [%d][%s].\n", ret, strerror(ret)));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("fchmod failed [%d][%s].\n", ret, strerror(ret)));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek DEBUG(SSSDBG_CRIT_FAILURE, ("Unable to change last modification time "
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek "of krb5.conf. Created mappings may not be loaded.\n"));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek /* Ignore */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("fclose failed [%d][%s].\n", err, strerror(err)));
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek /* Nothing to do here, just report the failure */
58dd26b1c5b60ee992dd5d1214bb168aebb42d54Jakub Hrozek ("Could not remove file [%s]: [%d]: %s",