sysdb.h revision 17195241500e46272018d7897d6e87249870caf2
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/*
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SSSD
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor System Database Header
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor This program is free software; you can redistribute it and/or modify
7fb4c0766e858653c9776474005a6ae6d94828afgryzor it under the terms of the GNU General Public License as published by
7fb4c0766e858653c9776474005a6ae6d94828afgryzor the Free Software Foundation; either version 3 of the License, or
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen (at your option) any later version.
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen This program is distributed in the hope that it will be useful,
d29d9ab4614ff992b0e8de6e2b88d52b6f1f153erbowen but WITHOUT ANY WARRANTY; without even the implied warranty of
7fb4c0766e858653c9776474005a6ae6d94828afgryzor MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
7fb4c0766e858653c9776474005a6ae6d94828afgryzor GNU General Public License for more details.
d229f940abfb2490dee17979e9a5ff31b7012eb5rbowen
3f08db06526d6901aa08c110b5bc7dde6bc39905nd You should have received a copy of the GNU General Public License
7fb4c0766e858653c9776474005a6ae6d94828afgryzor along with this program. If not, see <http://www.gnu.org/licenses/>.
7fb4c0766e858653c9776474005a6ae6d94828afgryzor*/
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
3f08db06526d6901aa08c110b5bc7dde6bc39905nd#ifndef __SYS_DB_H__
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define __SYS_DB_H__
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung#include "util/util.h"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#include "confdb/confdb.h"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#include <tevent.h>
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
f9442c8a9869d3525a1ae6ed3e85c65d408e8a70sf#define CACHE_SYSDB_FILE "cache_%s.ldb"
f9442c8a9869d3525a1ae6ed3e85c65d408e8a70sf#define LOCAL_SYSDB_FILE "sssd.ldb"
f9442c8a9869d3525a1ae6ed3e85c65d408e8a70sf
f9442c8a9869d3525a1ae6ed3e85c65d408e8a70sf#define SYSDB_BASE "cn=sysdb"
f9442c8a9869d3525a1ae6ed3e85c65d408e8a70sf#define SYSDB_DOM_BASE "cn=%s,cn=sysdb"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_USERS_CONTAINER "cn=users"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_GROUPS_CONTAINER "cn=groups"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_CUSTOM_CONTAINER "cn=custom"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_NETGROUP_CONTAINER "cn=Netgroups"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_RANGE_CONTAINER "cn=ranges"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_TMPL_USER_BASE SYSDB_USERS_CONTAINER","SYSDB_DOM_BASE
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_TMPL_GROUP_BASE SYSDB_GROUPS_CONTAINER","SYSDB_DOM_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_CUSTOM_BASE SYSDB_CUSTOM_CONTAINER","SYSDB_DOM_BASE
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim#define SYSDB_TMPL_NETGROUP_BASE SYSDB_NETGROUP_CONTAINER","SYSDB_DOM_BASE
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh#define SYSDB_TMPL_RANGE_BASE SYSDB_RANGE_CONTAINER","SYSDB_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_CLASS "subdomain"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_USER_CLASS "user"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_GROUP_CLASS "group"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_NETGROUP_CLASS "netgroup"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_HOST_CLASS "host"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_HOSTGROUP_CLASS "hostgroup"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_SELINUX_USERMAP_CLASS "selinuxusermap"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_SELINUX_CLASS "selinux"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ID_RANGE_CLASS "idRange"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_DOMAIN_ID_RANGE_CLASS "domainIDRange"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_TRUSTED_AD_DOMAIN_RANGE_CLASS "TrustedADDomainRange"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NAME "name"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NAME_ALIAS "nameAlias"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_OBJECTCLASS "objectClass"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NEXTID "nextID"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_UIDNUM "uidNumber"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_GIDNUM "gidNumber"
70f5253b24dd333c67fb6502d557a8b48ad3ba87igalic#define SYSDB_CREATE_TIME "createTimestamp"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PWD "userPassword"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_FULLNAME "fullName"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_HOMEDIR "homeDirectory"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SHELL "loginShell"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MEMBEROF "memberOf"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_DISABLED "disabled"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MEMBER "member"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MEMBERUID "memberUid"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GHOST "ghost"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_POSIX "isPosix"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_USER_CATEGORY "userCategory"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_HOST_CATEGORY "hostCategory"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GROUP_TYPE "groupType"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GECOS "gecos"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_LAST_LOGIN "lastLogin"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_LAST_ONLINE_AUTH "lastOnlineAuth"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_LAST_FAILED_LOGIN "lastFailedLogin"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_FAILED_LOGIN_ATTEMPTS "failedLoginAttempts"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_LAST_UPDATE "lastUpdate"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_CACHE_EXPIRE "dataExpireTimestamp"
9534272616b71aaea50aeec4162e749a96aebd7fsf#define SYSDB_INITGR_EXPIRE "initgrExpireTimestamp"
9534272616b71aaea50aeec4162e749a96aebd7fsf
9534272616b71aaea50aeec4162e749a96aebd7fsf#define SYSDB_AUTHORIZED_SERVICE "authorizedService"
9534272616b71aaea50aeec4162e749a96aebd7fsf#define SYSDB_AUTHORIZED_HOST "authorizedHost"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NETGROUP_TRIPLE "netgroupTriple"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_NETGROUP_MEMBER "originalMemberNisNetgroup"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_NETGROUP_EXTERNAL_HOST "originalExternalHost"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NETGROUP_DOMAIN "nisDomain"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NETGROUP_MEMBER "memberNisNetgroup"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_DESCRIPTION "description"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor#define SYSDB_FQDN "fqdn"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SERVERHOSTNAME "serverHostname"
e7eb98e34575dcf6536530bcf08e00d7ab3d3124gryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_CACHEDPWD "cachedPassword"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_UUID "uniqueID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SID "objectSID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PRIMARY_GROUP "ADPrimaryGroupID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PRIMARY_GROUP_GIDNUM "origPrimaryGroupGidNumber"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SID_STR "objectSIDString"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_UPN "userPrincipalName"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_CANONICAL_UPN "canonicalUserPrincipalName"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_CCACHE_FILE "ccacheFile"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_DN "originalDN"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_MODSTAMP "originalModifyTimestamp"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_MEMBEROF "originalMemberOf"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_MEMBER "orig_member"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_MEMBER_USER "originalMemberUser"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_ORIG_MEMBER_HOST "originalMemberHost"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_USN "entryUSN"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_HIGH_USN "highestUSN"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SSH_PUBKEY "sshPublicKey"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_REALM "realmName"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_FLAT "flatName"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_ID "domainID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_MPG "mpg"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_ENUM "enumerate"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SUBDOMAIN_FOREST "memberOfForest"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_BASE_ID "baseID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_ID_RANGE_SIZE "idRangeSize"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_BASE_RID "baseRID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SECONDARY_BASE_RID "secondaryBaseRID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_DOMAIN_ID "domainID"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_ID_RANGE_TYPE "idRangeType"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_NEXTID_FILTER "("SYSDB_NEXTID"=*)"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_UC "objectclass="SYSDB_USER_CLASS
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GC "objectclass="SYSDB_GROUP_CLASS
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_NC "objectclass="SYSDB_NETGROUP_CLASS
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MPGC "|("SYSDB_UC")("SYSDB_GC")"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PWNAM_FILTER "(&("SYSDB_UC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PWUID_FILTER "(&("SYSDB_UC")("SYSDB_UIDNUM"=%lu))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PWSID_FILTER "(&("SYSDB_UC")("SYSDB_SID_STR"=%s))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PWENT_FILTER "("SYSDB_UC")"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GRNAM_FILTER "(&("SYSDB_GC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GRGID_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=%lu))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_GRSID_FILTER "(&("SYSDB_GC")("SYSDB_SID_STR"=%s))"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_GRENT_FILTER "("SYSDB_GC")"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_GRNAM_MPG_FILTER "(&("SYSDB_MPGC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_GRGID_MPG_FILTER "(&("SYSDB_MPGC")("SYSDB_GIDNUM"=%lu))"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_GRENT_MPG_FILTER "("SYSDB_MPGC")"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_INITGR_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=*))"
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_NETGR_FILTER "(&("SYSDB_NC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_NETGR_TRIPLES_FILTER "(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_MEMBEROF"=%s))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_SID_FILTER "(&(|("SYSDB_UC")("SYSDB_GC"))("SYSDB_SID_STR"=%s))"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_HAS_ENUMERATED "has_enumerated"
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_DEFAULT_ATTRS SYSDB_LAST_UPDATE, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_CACHE_EXPIRE, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_INITGR_EXPIRE, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_OBJECTCLASS
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_PW_ATTRS {SYSDB_NAME, SYSDB_UIDNUM, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_GIDNUM, SYSDB_GECOS, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_HOMEDIR, SYSDB_SHELL, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_DEFAULT_ATTRS, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_PRIMARY_GROUP_GIDNUM, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_SID_STR, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh NULL}
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_GRSRC_ATTRS {SYSDB_NAME, SYSDB_GIDNUM, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_MEMBERUID, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_GHOST, \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_DEFAULT_ATTRS, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor NULL}
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_NETGR_ATTRS {SYSDB_NAME, SYSDB_NETGROUP_TRIPLE, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_NETGROUP_MEMBER, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_DEFAULT_ATTRS, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor NULL}
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_INITGR_ATTR SYSDB_MEMBEROF
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_INITGR_ATTRS {SYSDB_GIDNUM, SYSDB_POSIX, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_DEFAULT_ATTRS, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_ORIG_DN, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_SID_STR, \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor NULL}
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_USER SYSDB_NAME"=%s,"SYSDB_TMPL_USER_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_GROUP SYSDB_NAME"=%s,"SYSDB_TMPL_GROUP_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_NETGROUP SYSDB_NAME"=%s,"SYSDB_TMPL_NETGROUP_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_CUSTOM_SUBTREE "cn=%s,"SYSDB_TMPL_CUSTOM_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_CUSTOM SYSDB_NAME"=%s,cn=%s,"SYSDB_TMPL_CUSTOM_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_TMPL_RANGE SYSDB_NAME"=%s,"SYSDB_TMPL_RANGE_BASE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_MOD_ADD LDB_FLAG_MOD_ADD
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MOD_DEL LDB_FLAG_MOD_DELETE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_MOD_REP LDB_FLAG_MOD_REPLACE
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh/* sysdb version check macros */
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_VERSION_ERROR_HINT \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh ERROR("Removing cache files in "DB_PATH" should fix the issue, " \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh "but note that removing cache files will also remove all of your " \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh "cached credentials.\n")
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_VERSION_LOWER_ERROR(ret) do { \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh if (ret == EUCLEAN) { \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh ERROR("Lower version of database is expected!\n"); \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh SYSDB_VERSION_ERROR_HINT; \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh } \
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh} while(0)
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh#define SYSDB_VERSION_HIGHER_ERROR(ret) do { \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor if (ret == EMEDIUMTYPE) { \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor ERROR("Higher version of database is expected!\n"); \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor ERROR("In order to upgrade the database, you must run SSSD.\n"); \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_VERSION_ERROR_HINT; \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor } \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor} while(0)
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/* use this in daemons */
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_VERSION_ERROR_DAEMON(ret) \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_VERSION_LOWER_ERROR(ret)
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/* use this in tools */
7fb4c0766e858653c9776474005a6ae6d94828afgryzor#define SYSDB_VERSION_ERROR(ret) \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_VERSION_LOWER_ERROR(ret); \
7fb4c0766e858653c9776474005a6ae6d94828afgryzor SYSDB_VERSION_HIGHER_ERROR(ret)
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohstruct confdb_ctx;
7fb4c0766e858653c9776474005a6ae6d94828afgryzorstruct sysdb_ctx;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzorstruct sysdb_attrs {
7fb4c0766e858653c9776474005a6ae6d94828afgryzor int num;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor struct ldb_message_element *a;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor};
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/* sysdb_attrs helper functions */
7fb4c0766e858653c9776474005a6ae6d94828afgryzorstruct sysdb_attrs *sysdb_new_attrs(TALLOC_CTX *mem_ctx);
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohstruct range_info {
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh char *name;
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh uint32_t base_id;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor uint32_t id_range_size;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor uint32_t base_rid;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor uint32_t secondary_base_rid;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor char *trusted_dom_sid;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor char *range_type;
7fb4c0766e858653c9776474005a6ae6d94828afgryzor};
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/* values are copied in the structure, allocated on "attrs" */
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_val(struct sysdb_attrs *attrs,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const char *name, const struct ldb_val *val);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_string(struct sysdb_attrs *attrs,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const char *name, const char *str);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_mem(struct sysdb_attrs *attrs, const char *name,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const void *mem, size_t size);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_bool(struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *name, bool value);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_long(struct sysdb_attrs *attrs,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const char *name, long value);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_add_uint32(struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *name, uint32_t value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_add_time_t(struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *name, time_t value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_add_lc_name_alias(struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *value);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_copy_values(struct sysdb_attrs *src,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor struct sysdb_attrs *dst,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const char *name);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_get_el(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh struct ldb_message_element **el);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_get_el_ext(struct sysdb_attrs *attrs, const char *name,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor bool alloc, struct ldb_message_element **el);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_steal_string(struct sysdb_attrs *attrs,
7fb4c0766e858653c9776474005a6ae6d94828afgryzor const char *name, char *str);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_attrs_get_string(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char **string);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_get_string_array(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh TALLOC_CTX *mem_ctx, const char ***string);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooherrno_t sysdb_attrs_get_bool(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh bool *value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_get_uint16_t(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh uint16_t *value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_get_int32_t(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh int32_t *value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_get_uint32_t(struct sysdb_attrs *attrs, const char *name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh uint32_t *value);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_replace_name(struct sysdb_attrs *attrs, const char *oldname,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *newname);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedoohint sysdb_attrs_users_from_str_list(struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *attr_name,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *domain,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *const *list);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooherrno_t sysdb_attrs_primary_name(struct sysdb_ctx *sysdb,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *ldap_attr,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char **_primary);
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooherrno_t sysdb_attrs_get_aliases(TALLOC_CTX *mem_ctx,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh struct sysdb_attrs *attrs,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char *primary,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh bool lowercase,
888cb40bdeec5abf452bd85d6bf63b26d5913d4chumbedooh const char ***_aliases);
7fb4c0766e858653c9776474005a6ae6d94828afgryzorerrno_t sysdb_attrs_primary_name_list(struct sysdb_ctx *sysdb,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim TALLOC_CTX *mem_ctx,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim struct sysdb_attrs **attr_list,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim size_t attr_count,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim const char *ldap_attr,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim char ***name_list);
b03f9485e6dfcf9326e6122f91eaa1ced8939818jimerrno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim struct sss_domain_info *domain,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim const char *name,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim const char **_cname);
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim
b03f9485e6dfcf9326e6122f91eaa1ced8939818jimerrno_t sysdb_msg2attrs(TALLOC_CTX *mem_ctx, size_t count,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim struct ldb_message **msgs,
b03f9485e6dfcf9326e6122f91eaa1ced8939818jim struct sysdb_attrs ***attrs);
7fb4c0766e858653c9776474005a6ae6d94828afgryzor
7fb4c0766e858653c9776474005a6ae6d94828afgryzor/* convert an ldb error into an errno error */
7fb4c0766e858653c9776474005a6ae6d94828afgryzorint sysdb_error_to_errno(int ldberr);
f086b4b402fa9a2fefc7dda85de2a3cc1cd0a654rjung
727872d18412fc021f03969b8641810d8896820bhumbedooh/* DNs related helper functions */
0d0ba3a410038e179b695446bb149cce6264e0abnderrno_t sysdb_get_rdn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
727872d18412fc021f03969b8641810d8896820bhumbedooh const char *dn, char **_name, char **_val);
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedoohstruct ldb_dn *sysdb_user_dn(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom,
0d0ba3a410038e179b695446bb149cce6264e0abnd const char *name);
cc7e1025de9ac63bd4db6fe7f71c158b2cf09fe4humbedoohstruct ldb_dn *sysdb_group_dn(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom,
727872d18412fc021f03969b8641810d8896820bhumbedooh const char *name);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_netgroup_dn(TALLOC_CTX *mem_ctx,
0d0ba3a410038e179b695446bb149cce6264e0abnd struct sss_domain_info *dom, const char *name);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_netgroup_base_dn(TALLOC_CTX *mem_ctx,
727872d18412fc021f03969b8641810d8896820bhumbedooh struct sss_domain_info *dom);
0d0ba3a410038e179b695446bb149cce6264e0abnderrno_t sysdb_group_dn_name(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
0d0ba3a410038e179b695446bb149cce6264e0abnd const char *dn_str, char **name);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_domain_dn(TALLOC_CTX *mem_ctx,
727872d18412fc021f03969b8641810d8896820bhumbedooh struct sss_domain_info *dom);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_base_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_custom_dn(TALLOC_CTX *mem_ctx,
30471a4650391f57975f60bbb6e4a90be7b284bfhumbedooh struct sss_domain_info *dom,
5effc8b39fae5cd169d17f342bfc265705840014rbowen const char *object_name,
d229f940abfb2490dee17979e9a5ff31b7012eb5rbowen const char *subtree_name);
0d0ba3a410038e179b695446bb149cce6264e0abndstruct ldb_dn *sysdb_custom_subtree_dn(TALLOC_CTX *mem_ctx,
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd struct sss_domain_info *dom,
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd const char *subtree_name);
7fec19672a491661b2fe4b29f685bc7f4efa64d4nd
7fb4c0766e858653c9776474005a6ae6d94828afgryzorchar *sysdb_user_strdn(TALLOC_CTX *mem_ctx,
const char *domain, const char *name);
char *sysdb_group_strdn(TALLOC_CTX *mem_ctx,
const char *domain, const char *name);
struct ldb_context *sysdb_ctx_get_ldb(struct sysdb_ctx *sysdb);
int compare_ldb_dn_comp_num(const void *m1, const void *m2);
/* functions to start and finish transactions */
int sysdb_transaction_start(struct sysdb_ctx *sysdb);
int sysdb_transaction_commit(struct sysdb_ctx *sysdb);
int sysdb_transaction_cancel(struct sysdb_ctx *sysdb);
/* functions related to subdomains */
errno_t sysdb_domain_create(struct sysdb_ctx *sysdb, const char *domain_name);
errno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb,
const char *name, const char *realm,
const char *flat_name, const char *domain_id,
bool mpg, bool enumerate, const char *forest);
errno_t sysdb_update_subdomains(struct sss_domain_info *domain);
errno_t sysdb_master_domain_update(struct sss_domain_info *domain);
errno_t sysdb_master_domain_add_info(struct sss_domain_info *domain,
const char *flat, const char *id,
const char* forest);
errno_t sysdb_subdomain_delete(struct sysdb_ctx *sysdb, const char *name);
errno_t sysdb_get_ranges(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
size_t *range_count,
struct range_info ***range_list);
errno_t sysdb_range_create(struct sysdb_ctx *sysdb, struct range_info *range);
errno_t sysdb_update_ranges(struct sysdb_ctx *sysdb,
struct range_info **ranges);
/* Sysdb initialization.
* call this function *only* once to initialize the database and get
* the sysdb ctx */
int sysdb_init(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domains,
bool allow_upgrade);
/* used to initialize only one domain database.
* Do NOT use if sysdb_init has already been called */
int sysdb_domain_init(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *db_path,
struct sysdb_ctx **_ctx);
/* functions to retrieve information from sysdb
* These functions automatically starts an operation
* therefore they cannot be called within a transaction */
int sysdb_getpwnam(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
struct ldb_result **res);
int sysdb_getpwuid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
uid_t uid,
struct ldb_result **res);
int sysdb_enumpwent(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
struct ldb_result **res);
int sysdb_getgrnam(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
struct ldb_result **res);
int sysdb_getgrgid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
gid_t gid,
struct ldb_result **res);
int sysdb_enumgrent(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
struct ldb_result **res);
struct sysdb_netgroup_ctx {
enum {SYSDB_NETGROUP_TRIPLE_VAL, SYSDB_NETGROUP_GROUP_VAL} type;
union {
struct {
char *hostname;
char *username;
char *domainname;
} triple;
char *groupname;
} value;
};
errno_t sysdb_getnetgr(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *netgroup,
struct ldb_result **res);
int sysdb_initgroups(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
struct ldb_result **res);
int sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
const char **attributes,
struct ldb_result **res);
int sysdb_get_netgroup_attr(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *netgrname,
const char **attributes,
struct ldb_result **res);
/* functions that modify the databse
* they have to be called within a transaction
* See sysdb_transaction_send()/_recv() */
/* Permissive modify */
int sss_ldb_modify_permissive(struct ldb_context *ldb,
struct ldb_message *msg);
/* Delete Entry */
int sysdb_delete_entry(struct sysdb_ctx *sysdb,
struct ldb_dn *dn,
bool ignore_not_found);
int sysdb_delete_recursive(struct sysdb_ctx *sysdb,
struct ldb_dn *dn,
bool ignore_not_found);
/* Search Entry */
int sysdb_search_entry(TALLOC_CTX *mem_ctx,
struct sysdb_ctx *sysdb,
struct ldb_dn *base_dn,
int scope,
const char *filter,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
/* Search User (by uid, sid or name) */
int sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_message **msg);
int sysdb_search_user_by_uid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
uid_t uid,
const char **attrs,
struct ldb_message **msg);
int sysdb_search_user_by_sid_str(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sid_str,
const char **attrs,
struct ldb_message **msg);
/* Search Group (by gid, sid or name) */
int sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_message **msg);
int sysdb_search_group_by_gid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
gid_t gid,
const char **attrs,
struct ldb_message **msg);
int sysdb_search_group_by_sid_str(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sid_str,
const char **attrs,
struct ldb_message **msg);
/* Search Netgroup (by name) */
int sysdb_search_netgroup_by_name(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name,
const char **attrs,
struct ldb_message **msg);
/* Replace entry attrs */
int sysdb_set_entry_attr(struct sysdb_ctx *sysdb,
struct ldb_dn *entry_dn,
struct sysdb_attrs *attrs,
int mod_op);
/* Replace user attrs */
int sysdb_set_user_attr(struct sss_domain_info *domain,
const char *name,
struct sysdb_attrs *attrs,
int mod_op);
/* Replace group attrs */
int sysdb_set_group_attr(struct sss_domain_info *domain,
const char *name,
struct sysdb_attrs *attrs,
int mod_op);
/* Replace netgroup attrs */
int sysdb_set_netgroup_attr(struct sss_domain_info *domain,
const char *name,
struct sysdb_attrs *attrs,
int mod_op);
/* Allocate a new id */
int sysdb_get_new_id(struct sss_domain_info *domain,
uint32_t *id);
/* Add user (only basic attrs and w/o checks) */
int sysdb_add_basic_user(struct sss_domain_info *domain,
const char *name,
uid_t uid, gid_t gid,
const char *gecos,
const char *homedir,
const char *shell);
/* Add user (all checks) */
int sysdb_add_user(struct sss_domain_info *domain,
const char *name,
uid_t uid, gid_t gid,
const char *gecos,
const char *homedir,
const char *shell,
const char *orig_dn,
struct sysdb_attrs *attrs,
int cache_timeout,
time_t now);
/* Add group (only basic attrs and w/o checks) */
int sysdb_add_basic_group(struct sss_domain_info *domain,
const char *name, gid_t gid);
/* Add group (all checks) */
int sysdb_add_group(struct sss_domain_info *domain,
const char *name, gid_t gid,
struct sysdb_attrs *attrs,
int cache_timeout,
time_t now);
int sysdb_add_incomplete_group(struct sss_domain_info *domain,
const char *name,
gid_t gid,
const char *original_dn,
const char *sid_str,
bool posix,
time_t now);
/* Add netgroup (only basic attrs and w/o checks) */
int sysdb_add_basic_netgroup(struct sss_domain_info *domain,
const char *name, const char *description);
int sysdb_add_netgroup(struct sss_domain_info *domain,
const char *name,
const char *description,
struct sysdb_attrs *attrs,
char **missing,
int cache_timeout,
time_t now);
/* mod_op must be either LDB_FLAG_MOD_ADD or LDB_FLAG_MOD_DELETE */
int sysdb_mod_group_member(struct sss_domain_info *domain,
struct ldb_dn *member_dn,
struct ldb_dn *group_dn,
int mod_op);
int sysdb_store_user(struct sss_domain_info *domain,
const char *name,
const char *pwd,
uid_t uid, gid_t gid,
const char *gecos,
const char *homedir,
const char *shell,
const char *orig_dn,
struct sysdb_attrs *attrs,
char **remove_attrs,
uint64_t cache_timeout,
time_t now);
int sysdb_store_group(struct sss_domain_info *domain,
const char *name,
gid_t gid,
struct sysdb_attrs *attrs,
uint64_t cache_timeout,
time_t now);
enum sysdb_member_type {
SYSDB_MEMBER_USER,
SYSDB_MEMBER_GROUP,
SYSDB_MEMBER_NETGROUP,
SYSDB_MEMBER_SERVICE,
};
int sysdb_add_group_member(struct sss_domain_info *domain,
const char *group,
const char *member,
enum sysdb_member_type type,
bool is_dn);
int sysdb_remove_group_member(struct sss_domain_info *domain,
const char *group,
const char *member,
enum sysdb_member_type type,
bool is_dn);
errno_t sysdb_update_members(struct sss_domain_info *domain,
const char *member,
enum sysdb_member_type type,
const char *const *add_groups,
const char *const *del_groups);
errno_t sysdb_update_members_dn(struct sss_domain_info *member_domain,
const char *member,
enum sysdb_member_type type,
const char *const *add_groups,
const char *const *del_groups);
/* Password caching function.
* If you are in a transaction ignore sysdb and pass in the handle.
* If you are not in a transaction pass NULL in handle and provide sysdb,
* in this case a transaction will be automatically started and the
* function will be completely wrapped in it's own sysdb transaction */
int sysdb_cache_password(struct sss_domain_info *domain,
const char *username,
const char *password);
errno_t check_failed_login_attempts(struct confdb_ctx *cdb,
struct ldb_message *ldb_msg,
uint32_t *failed_login_attempts,
time_t *delayed_until);
int sysdb_cache_auth(struct sss_domain_info *domain,
const char *name,
const char *password,
struct confdb_ctx *cdb,
bool just_check,
time_t *_expire_date,
time_t *_delayed_until);
int sysdb_store_custom(struct sss_domain_info *domain,
const char *object_name,
const char *subtree_name,
struct sysdb_attrs *attrs);
int sysdb_search_custom(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *filter,
const char *subtree_name,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
int sysdb_search_custom_by_name(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *object_name,
const char *subtree_name,
const char **attrs,
size_t *_count,
struct ldb_message ***_msgs);
int sysdb_delete_custom(struct sss_domain_info *domain,
const char *object_name,
const char *subtree_name);
int sysdb_asq_search(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
struct ldb_dn *base_dn,
const char *expression,
const char *asq_attribute,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
int sysdb_search_users(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
int sysdb_delete_user(struct sss_domain_info *domain,
const char *name, uid_t uid);
int sysdb_search_groups(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
int sysdb_delete_group(struct sss_domain_info *domain,
const char *name, gid_t gid);
int sysdb_search_netgroups(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sub_filter,
const char **attrs,
size_t *msgs_count,
struct ldb_message ***msgs);
int sysdb_delete_netgroup(struct sss_domain_info *domain,
const char *name);
int sysdb_delete_by_sid(struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *sid_str);
errno_t sysdb_attrs_to_list(TALLOC_CTX *mem_ctx,
struct sysdb_attrs **attrs,
int attr_count,
const char *attr_name,
char ***_list);
errno_t sysdb_netgr_to_entries(TALLOC_CTX *mem_ctx,
struct ldb_result *res,
struct sysdb_netgroup_ctx ***entries);
errno_t sysdb_dn_sanitize(TALLOC_CTX *mem_ctx, const char *input,
char **sanitized);
errno_t sysdb_get_bool(struct sysdb_ctx *sysdb,
struct ldb_dn *dn,
const char *attr_name,
bool *value);
errno_t sysdb_set_bool(struct sysdb_ctx *sysdb,
struct ldb_dn *dn,
const char *cn_value,
const char *attr_name,
bool value);
errno_t sysdb_has_enumerated(struct sss_domain_info *domain,
bool *has_enumerated);
errno_t sysdb_set_enumerated(struct sss_domain_info *domain,
bool enumerated);
errno_t sysdb_remove_attrs(struct sss_domain_info *domain,
const char *name,
enum sysdb_member_type type,
char **remove_attrs);
errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx,
struct sss_domain_info *dom,
enum sysdb_member_type mtype,
const char *name,
char ***_direct_parents);
/* === Functions related to ID-mapping === */
#define SYSDB_IDMAP_CONTAINER "cn=id_mappings"
#define SYSDB_IDMAP_SUBTREE "idmap"
#define SYSDB_IDMAP_MAPPING_OC "id_mapping"
#define SYSDB_IDMAP_FILTER "(objectClass="SYSDB_IDMAP_MAPPING_OC")"
#define SYSDB_IDMAP_SID_ATTR "objectSID"
#define SYSDB_IDMAP_SLICE_ATTR "slice"
#define SYSDB_IDMAP_ATTRS { \
SYSDB_NAME, \
SYSDB_IDMAP_SID_ATTR, \
SYSDB_IDMAP_SLICE_ATTR, \
NULL }
#define SYSDB_TMPL_IDMAP_BASE SYSDB_IDMAP_CONTAINER",cn=%s,"SYSDB_BASE
#define SYSDB_TMPL_IDMAP SYSDB_IDMAP_SID_ATTR"=%s,"SYSDB_TMPL_IDMAP_BASE
errno_t sysdb_idmap_store_mapping(struct sss_domain_info *domain,
const char *dom_name,
const char *dom_sid,
id_t slice_num);
errno_t sysdb_idmap_get_mappings(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
struct ldb_result **_result);
errno_t sysdb_search_object_by_sid(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *sid_str,
const char **attrs,
struct ldb_result **msg);
#endif /* __SYS_DB_H__ */