src/db/sysdb.h

	sysdb.h revision bba1a5fd62cffcae076d1351df5a83fbc4a6ec17
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/*
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   SSSD
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
6fe2db325e5923d8420a87e76d99fe114271ebbelgentis   System Database Header
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   This program is free software; you can redistribute it and/or modify
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   it under the terms of the GNU General Public License as published by
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   the Free Software Foundation; either version 3 of the License, or
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   (at your option) any later version.
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   This program is distributed in the hope that it will be useful,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   but WITHOUT ANY WARRANTY; without even the implied warranty of
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   GNU General Public License for more details.
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   You should have received a copy of the GNU General Public License
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor   along with this program.  If not, see <http://www.gnu.org/licenses/>.
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor*/
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#ifndef __SYS_DB_H__
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define __SYS_DB_H__
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#include "util/util.h"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#include "confdb/confdb.h"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#include <tevent.h>
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define CACHE_SYSDB_FILE "cache_%s.ldb"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define LOCAL_SYSDB_FILE "sssd.ldb"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_BASE "cn=sysdb"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_DOM_BASE "cn=%s,cn=sysdb"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_USERS_CONTAINER "cn=users"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_GROUPS_CONTAINER "cn=groups"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_CUSTOM_CONTAINER "cn=custom"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGROUP_CONTAINER "cn=Netgroups"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_RANGE_CONTAINER "cn=ranges"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_USER_BASE SYSDB_USERS_CONTAINER","SYSDB_DOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_GROUP_BASE SYSDB_GROUPS_CONTAINER","SYSDB_DOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_CUSTOM_BASE SYSDB_CUSTOM_CONTAINER","SYSDB_DOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_NETGROUP_BASE SYSDB_NETGROUP_CONTAINER","SYSDB_DOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_RANGE_BASE SYSDB_RANGE_CONTAINER","SYSDB_BASE
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SUBDOMAIN_CLASS "subdomain"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_USER_CLASS "user"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_GROUP_CLASS "group"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGROUP_CLASS "netgroup"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_HOST_CLASS "host"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_HOSTGROUP_CLASS "hostgroup"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SELINUX_USERMAP_CLASS "selinuxusermap"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_SELINUX_CLASS "selinux"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ID_RANGE_CLASS "idRange"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_DOMAIN_ID_RANGE_CLASS "domainIDRange"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_TRUSTED_AD_DOMAIN_RANGE_CLASS "TrustedADDomainRange"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NAME "name"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NAME_ALIAS "nameAlias"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_OBJECTCLASS "objectClass"
5a884cb4f4b177e207554c26334ef853c5665e79lgentis
5a884cb4f4b177e207554c26334ef853c5665e79lgentis#define SYSDB_NEXTID "nextID"
5a884cb4f4b177e207554c26334ef853c5665e79lgentis#define SYSDB_UIDNUM "uidNumber"
5a884cb4f4b177e207554c26334ef853c5665e79lgentis#define SYSDB_GIDNUM "gidNumber"
5a884cb4f4b177e207554c26334ef853c5665e79lgentis#define SYSDB_CREATE_TIME "createTimestamp"
5a884cb4f4b177e207554c26334ef853c5665e79lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_PWD "userPassword"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_FULLNAME "fullName"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_HOMEDIR "homeDirectory"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SHELL "loginShell"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_MEMBEROF "memberOf"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_DISABLED "disabled"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_MEMBER "member"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_MEMBERUID "memberUid"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GHOST "ghost"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_POSIX "isPosix"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_USER_CATEGORY "userCategory"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_HOST_CATEGORY "hostCategory"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GECOS "gecos"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_LAST_LOGIN "lastLogin"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_LAST_ONLINE_AUTH "lastOnlineAuth"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_LAST_FAILED_LOGIN "lastFailedLogin"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_FAILED_LOGIN_ATTEMPTS "failedLoginAttempts"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_LAST_UPDATE "lastUpdate"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_CACHE_EXPIRE "dataExpireTimestamp"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_INITGR_EXPIRE "initgrExpireTimestamp"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_AUTHORIZED_SERVICE "authorizedService"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_AUTHORIZED_HOST "authorizedHost"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGROUP_TRIPLE "netgroupTriple"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ORIG_NETGROUP_MEMBER "originalMemberNisNetgroup"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ORIG_NETGROUP_EXTERNAL_HOST "originalExternalHost"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_NETGROUP_DOMAIN "nisDomain"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGROUP_MEMBER "memberNisNetgroup"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_DESCRIPTION   "description"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_FQDN "fqdn"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SERVERHOSTNAME "serverHostname"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_CACHEDPWD "cachedPassword"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_UUID "uniqueID"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_SID "objectSID"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_PRIMARY_GROUP "ADPrimaryGroupID"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_SID_STR "objectSIDString"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_UPN "userPrincipalName"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_CCACHE_FILE "ccacheFile"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_ORIG_DN "originalDN"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ORIG_MODSTAMP "originalModifyTimestamp"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ORIG_MEMBEROF "originalMemberOf"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ORIG_MEMBER "orig_member"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_ORIG_MEMBER_USER "originalMemberUser"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_ORIG_MEMBER_HOST "originalMemberHost"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_USN "entryUSN"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_HIGH_USN "highestUSN"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
5a884cb4f4b177e207554c26334ef853c5665e79lgentis#define SYSDB_SSH_PUBKEY "sshPublicKey"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SUBDOMAIN_REALM "realmName"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SUBDOMAIN_FLAT "flatName"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SUBDOMAIN_ID "domainID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_BASE_ID "baseID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_ID_RANGE_SIZE "idRangeSize"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_BASE_RID "baseRID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_SECONDARY_BASE_RID "secondaryBaseRID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_DOMAIN_ID "domainID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NEXTID_FILTER "("SYSDB_NEXTID"=*)"
1f8ff58254f12b4a0756dc2bd173fcd4a401d3e2lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_UC "objectclass="SYSDB_USER_CLASS
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GC "objectclass="SYSDB_GROUP_CLASS
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NC "objectclass="SYSDB_NETGROUP_CLASS
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_MPGC "|("SYSDB_UC")("SYSDB_GC")"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_PWNAM_FILTER "(&("SYSDB_UC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_PWUID_FILTER "(&("SYSDB_UC")("SYSDB_UIDNUM"=%lu))"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_PWENT_FILTER "("SYSDB_UC")"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GRNAM_FILTER "(&("SYSDB_GC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GRGID_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=%lu))"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GRENT_FILTER "("SYSDB_GC")"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_GRNAM_MPG_FILTER "(&("SYSDB_MPGC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_GRGID_MPG_FILTER "(&("SYSDB_MPGC")("SYSDB_GIDNUM"=%lu))"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_GRENT_MPG_FILTER "("SYSDB_MPGC")"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_INITGR_FILTER "(&("SYSDB_GC")("SYSDB_GIDNUM"=*))"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGR_FILTER "(&("SYSDB_NC")(|("SYSDB_NAME_ALIAS"=%s)("SYSDB_NAME"=%s)))"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_NETGR_TRIPLES_FILTER "(|("SYSDB_NAME"=%s)("SYSDB_NAME_ALIAS"=%s)("SYSDB_MEMBEROF"=%s))"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_HAS_ENUMERATED "has_enumerated"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_DEFAULT_ATTRS SYSDB_LAST_UPDATE, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            SYSDB_CACHE_EXPIRE, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            SYSDB_INITGR_EXPIRE, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            SYSDB_OBJECTCLASS
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_PW_ATTRS {SYSDB_NAME, SYSDB_UIDNUM, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        SYSDB_GIDNUM, SYSDB_GECOS, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        SYSDB_HOMEDIR, SYSDB_SHELL, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        SYSDB_DEFAULT_ATTRS, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        NULL}
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_GRSRC_ATTRS {SYSDB_NAME, SYSDB_GIDNUM, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           SYSDB_MEMBERUID, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           SYSDB_GHOST, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           SYSDB_DEFAULT_ATTRS, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           NULL}
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_NETGR_ATTRS {SYSDB_NAME, SYSDB_NETGROUP_TRIPLE, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           SYSDB_NETGROUP_MEMBER, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           SYSDB_DEFAULT_ATTRS, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           NULL}
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_INITGR_ATTR SYSDB_MEMBEROF
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_INITGR_ATTRS {SYSDB_GIDNUM, SYSDB_POSIX, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            SYSDB_DEFAULT_ATTRS, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            SYSDB_ORIG_DN, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            NULL}
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_TMPL_USER SYSDB_NAME"=%s,"SYSDB_TMPL_USER_BASE
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_TMPL_GROUP SYSDB_NAME"=%s,"SYSDB_TMPL_GROUP_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_NETGROUP SYSDB_NAME"=%s,"SYSDB_TMPL_NETGROUP_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_CUSTOM_SUBTREE "cn=%s,"SYSDB_TMPL_CUSTOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_CUSTOM SYSDB_NAME"=%s,cn=%s,"SYSDB_TMPL_CUSTOM_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_TMPL_RANGE SYSDB_NAME"=%s,"SYSDB_TMPL_RANGE_BASE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_MOD_ADD LDB_FLAG_MOD_ADD
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_MOD_DEL LDB_FLAG_MOD_DELETE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_MOD_REP LDB_FLAG_MOD_REPLACE
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* sysdb version check macros */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_VERSION_ERROR_HINT \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    ERROR("Removing cache files in "DB_PATH" should fix the issue, " \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor          "but note that removing cache files will also remove all of your " \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor          "cached credentials.\n")
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_VERSION_LOWER_ERROR(ret) do { \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    if (ret == EUCLEAN) { \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis        ERROR("Lower version of database is expected!\n"); \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor        SYSDB_VERSION_ERROR_HINT; \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    } \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor} while(0)
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_VERSION_HIGHER_ERROR(ret) do { \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    if (ret == EMEDIUMTYPE) { \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor        ERROR("Higher version of database is expected!\n"); \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor        ERROR("In order to upgrade the database, you must run SSSD.\n"); \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis        SYSDB_VERSION_ERROR_HINT; \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis    } \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis} while(0)
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis/* use this in daemons */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_VERSION_ERROR_DAEMON(ret) \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_VERSION_LOWER_ERROR(ret)
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* use this in tools */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_VERSION_ERROR(ret) \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_VERSION_LOWER_ERROR(ret); \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_VERSION_HIGHER_ERROR(ret)
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct confdb_ctx;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct sysdb_ctx;
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisstruct sysdb_attrs {
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    int num;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    struct ldb_message_element *a;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor};
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* sysdb_attrs helper functions */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct sysdb_attrs *sysdb_new_attrs(TALLOC_CTX *mem_ctx);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct range_info {
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    char *name;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    uint32_t base_id;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    uint32_t id_range_size;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    uint32_t base_rid;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    uint32_t secondary_base_rid;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    char *trusted_dom_sid;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor};
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis/* values are copied in the structure, allocated on "attrs" */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_add_val(struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        const char *name, const struct ldb_val *val);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_add_string(struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char *name, const char *str);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_add_bool(struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *name, bool value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_add_long(struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *name, long value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_add_uint32(struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           const char *name, uint32_t value);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_add_time_t(struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           const char *name, time_t value);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_copy_values(struct sysdb_attrs *src,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            struct sysdb_attrs *dst,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            const char *name);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_get_el(struct sysdb_attrs *attrs, const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_message_element **el);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_get_el_ext(struct sysdb_attrs *attrs, const char *name,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           bool alloc, struct ldb_message_element **el);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_steal_string(struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             const char *name, char *str);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_get_string(struct sysdb_attrs *attrs, const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char **string);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_get_string_array(struct sysdb_attrs *attrs, const char *name,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 TALLOC_CTX *mem_ctx, const char ***string);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_attrs_get_bool(struct sysdb_attrs *attrs, const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             bool *value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_get_uint16_t(struct sysdb_attrs *attrs, const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             uint16_t *value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_attrs_get_uint32_t(struct sysdb_attrs *attrs, const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             uint32_t *value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_replace_name(struct sysdb_attrs *attrs, const char *oldname,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 const char *newname);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_attrs_users_from_str_list(struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                    const char *attr_name,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                    const char *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                    const char *const *list);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_attrs_primary_name(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 const char *ldap_attr,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 const char **_primary);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentiserrno_t sysdb_attrs_get_aliases(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                const char *primary,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                bool lowercase,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                const char ***_aliases);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_attrs_primary_name_list(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                      TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                      struct sysdb_attrs **attr_list,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                      size_t attr_count,
d63adaad22c2f1639677506e340a5a683f63244flgentis                                      const char *ldap_attr,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                      char ***name_list);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            struct sss_domain_info *domain,
1f8ff58254f12b4a0756dc2bd173fcd4a401d3e2lgentis                            const char *name,
d63adaad22c2f1639677506e340a5a683f63244flgentis                            const char **_cname);
d63adaad22c2f1639677506e340a5a683f63244flgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_msg2attrs(TALLOC_CTX *mem_ctx, size_t count,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct ldb_message **msgs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct sysdb_attrs ***attrs);
d63adaad22c2f1639677506e340a5a683f63244flgentis
d63adaad22c2f1639677506e340a5a683f63244flgentis/* convert an ldb error into an errno error */
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_error_to_errno(int ldberr);
d63adaad22c2f1639677506e340a5a683f63244flgentis
d63adaad22c2f1639677506e340a5a683f63244flgentis/* DNs related helper functions */
d63adaad22c2f1639677506e340a5a683f63244flgentiserrno_t sysdb_get_rdn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
d63adaad22c2f1639677506e340a5a683f63244flgentis                      const char *_dn, char **_name, char **_val);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_user_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
d63adaad22c2f1639677506e340a5a683f63244flgentis                             struct sss_domain_info *dom, const char *name);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_group_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
d63adaad22c2f1639677506e340a5a683f63244flgentis                              struct sss_domain_info *dom, const char *name);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_netgroup_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
d63adaad22c2f1639677506e340a5a683f63244flgentis                                 struct sss_domain_info *dom, const char *name);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_netgroup_base_dn(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                      TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                      struct sss_domain_info *dom);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_group_dn_name(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            const char *dn_str, char **name);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct ldb_dn *sysdb_domain_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                               struct sss_domain_info *dom);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_base_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx);
d63adaad22c2f1639677506e340a5a683f63244flgentisstruct ldb_dn *sysdb_custom_dn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
d63adaad22c2f1639677506e340a5a683f63244flgentis                               struct sss_domain_info *dom,
d63adaad22c2f1639677506e340a5a683f63244flgentis                               const char *object_name,
d63adaad22c2f1639677506e340a5a683f63244flgentis                               const char *subtree_name);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct ldb_dn *sysdb_custom_subtree_dn(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                       TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                       struct sss_domain_info *dom,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                       const char *subtree_name);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorchar *sysdb_user_strdn(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *domain, const char *name);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentischar *sysdb_group_strdn(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char *domain, const char *name);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
5a884cb4f4b177e207554c26334ef853c5665e79lgentisstruct ldb_context *sysdb_ctx_get_ldb(struct sysdb_ctx *sysdb);
5a884cb4f4b177e207554c26334ef853c5665e79lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint compare_ldb_dn_comp_num(const void *m1, const void *m2);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* functions to start and finish transactions */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_transaction_start(struct sysdb_ctx *sysdb);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_transaction_commit(struct sysdb_ctx *sysdb);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_transaction_cancel(struct sysdb_ctx *sysdb);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis/* functions related to subdomains */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_domain_create(struct sysdb_ctx *sysdb, const char *domain_name);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_subdomain_store(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                              const char *name, const char *realm,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                              const char *flat_name, const char *domain_id);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_update_subdomains(struct sss_domain_info *domain);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_master_domain_update(struct sss_domain_info *domain);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_master_domain_add_info(struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                     const char *realm, const char *flat,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                                     const char *id);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_subdomain_delete(struct sysdb_ctx *sysdb, const char *name);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentiserrno_t sysdb_get_ranges(TALLOC_CTX *mem_ctx, struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             size_t *range_count,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             struct range_info ***range_list);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_range_create(struct sysdb_ctx *sysdb, struct range_info *range);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_update_ranges(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            struct range_info **ranges);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Sysdb initialization.
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * call this function *only* once to initialize the database and get
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * the sysdb ctx */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_init(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor               struct sss_domain_info *domains,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor               const char *alt_db_path,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor               bool allow_upgrade);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* used to initialize only one domain database.
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * Do NOT use if sysdb_init has already been called */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_domain_init(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      const char *db_path,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      struct sysdb_ctx **_ctx);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* functions to retrieve information from sysdb
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * These functions automatically starts an operation
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * therefore they cannot be called within a transaction */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_getpwnam(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_getpwuid(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   uid_t uid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct ldb_result **res);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_enumpwent(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_getgrnam(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_getgrgid(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   gid_t gid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_enumgrent(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorstruct sysdb_netgroup_ctx {
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    enum {SYSDB_NETGROUP_TRIPLE_VAL, SYSDB_NETGROUP_GROUP_VAL} type;
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis    union {
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis        struct {
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor            char *hostname;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor            char *username;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor            char *domainname;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor        } triple;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor        char *groupname;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    } value;
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor};
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_getnetgr(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *netgroup,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_initgroups(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     struct ldb_result **res);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_get_user_attr(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char **attributes,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        struct ldb_result **res);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_get_netgroup_attr(TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            const char *netgrname,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            const char **attributes,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                            struct ldb_result **res);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis/* functions that modify the databse
c3a2738228cb6ba4a48c425711e728d3410a458elgentis * they have to be called within a transaction
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis * See sysdb_transaction_send()/_recv() */
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis/* Permissive modify */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sss_ldb_modify_permissive(struct ldb_context *ldb,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                              struct ldb_message *msg);
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis/* Delete Entry */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_delete_entry(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                       struct ldb_dn *dn,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                       bool ignore_not_found);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_delete_recursive(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           struct ldb_dn *dn,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           bool ignore_not_found);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Search Entry */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_search_entry(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_dn *base_dn,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       int scope,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *filter,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char **attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                       size_t *msgs_count,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                       struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis/* Search User (by uid or name) */
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_search_user_by_name(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                              struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                              struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                              const char *name,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              const char **attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              struct ldb_message **msg);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_search_user_by_uid(TALLOC_CTX *mem_ctx,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                             struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                             struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                             uid_t uid,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                             const char **attrs,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                             struct ldb_message **msg);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentis/* Search Group (by gid or name) */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_search_group_by_name(TALLOC_CTX *mem_ctx,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                               struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                               struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                               const char *name,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                               const char **attrs,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                               struct ldb_message **msg);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentisint sysdb_search_group_by_gid(TALLOC_CTX *mem_ctx,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              gid_t gid,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              const char **attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                              struct ldb_message **msg);
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentis/* Search Netgroup (by name) */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_search_netgroup_by_name(TALLOC_CTX *mem_ctx,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                                  struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                                  struct sss_domain_info *domain,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                                  const char *name,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                                  const char **attrs,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                                  struct ldb_message **msg);
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis/* Replace entry attrs */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_set_entry_attr(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         struct ldb_dn *entry_dn,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         struct sysdb_attrs *attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         int mod_op);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentis/* Replace user attrs */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_set_user_attr(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                        struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                        const char *name,
25cbd52bee363a7adb7068e44cd92fdbfad2b6f2lgentis                        struct sysdb_attrs *attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                        int mod_op);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentis/* Replace group attrs */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_set_group_attr(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         const char *name,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         struct sysdb_attrs *attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                         int mod_op);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
c3a2738228cb6ba4a48c425711e728d3410a458elgentis/* Replace netgroup attrs */
c3a2738228cb6ba4a48c425711e728d3410a458elgentisint sysdb_set_netgroup_attr(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                            struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                            const char *name,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                            struct sysdb_attrs *attrs,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                            int mod_op);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Allocate a new id */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_get_new_id(struct sysdb_ctx *sysdb,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                     struct sss_domain_info *domain,
c3a2738228cb6ba4a48c425711e728d3410a458elgentis                     uint32_t *id);
c3a2738228cb6ba4a48c425711e728d3410a458elgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Add user (only basic attrs and w/o checks) */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_add_basic_user(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *name,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                         uid_t uid, gid_t gid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *gecos,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *homedir,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                         const char *shell);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Add user (all checks) */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_add_user(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   const char *name,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   uid_t uid, gid_t gid,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   const char *gecos,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   const char *homedir,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   const char *shell,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                   const char *orig_dn,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   int cache_timeout,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                   time_t now);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Add group (only basic attrs and w/o checks) */
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_add_basic_group(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                          struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                          const char *name, gid_t gid);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* Add group (all checks) */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_add_group(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    const char *name, gid_t gid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                    int cache_timeout,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                    time_t now);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_add_incomplete_group(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                               struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                               const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                               gid_t gid,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                               const char *original_dn, bool posix,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                               time_t now);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis/* Add netgroup (only basic attrs and w/o checks) */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_add_basic_netgroup(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             const char *name, const char *description);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_add_netgroup(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                       struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *description,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       char **missing,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       int cache_timeout,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                       time_t now);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* mod_op must be either LDB_FLAG_MOD_ADD or LDB_FLAG_MOD_DELETE */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_mod_group_member(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           struct ldb_dn *member_dn,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           struct ldb_dn *group_dn,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           int mod_op);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_store_user(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     const char *pwd,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     uid_t uid, gid_t gid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     const char *gecos,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char *homedir,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char *shell,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char *orig_dn,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     struct sysdb_attrs *attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     char **remove_attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                     uint64_t cache_timeout,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     time_t now);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_store_group(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      gid_t gid,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      struct sysdb_attrs *attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      uint64_t cache_timeout,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                      time_t now);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorenum sysdb_member_type {
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_MEMBER_USER,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis    SYSDB_MEMBER_GROUP,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_MEMBER_NETGROUP,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis    SYSDB_MEMBER_SERVICE,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis};
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_add_group_member(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char *group,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char *member,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           enum sysdb_member_type type);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_remove_group_member(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                              struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                              const char *group,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                              const char *member,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                              enum sysdb_member_type type);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentiserrno_t sysdb_update_members(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             const char *member,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             enum sysdb_member_type type,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             const char *const *add_groups,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             const char *const *del_groups);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis/* Password caching function.
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis * If you are in a transaction ignore sysdb and pass in the handle.
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis * If you are not in a transaction pass NULL in handle and provide sysdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis * in this case a transaction will be automatically started and the
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor * function will be completely wrapped in it's own sysdb transaction */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_cache_password(struct sysdb_ctx *sysdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                         struct sss_domain_info *domain,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                         const char *username,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                         const char *password);
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentiserrno_t check_failed_login_attempts(struct confdb_ctx *cdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                                    struct ldb_message *ldb_msg,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                                    uint32_t *failed_login_attempts,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                                    time_t *delayed_until);
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentisint sysdb_cache_auth(struct sysdb_ctx *sysdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     struct sss_domain_info *domain,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     const char *name,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     const char *password,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     struct confdb_ctx *cdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     bool just_check,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     time_t *_expire_date,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                     time_t *_delayed_until);
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentisint sysdb_store_custom(struct sysdb_ctx *sysdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                       struct sss_domain_info *domain,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                       const char *object_name,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                       const char *subtree_name,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                       struct sysdb_attrs *attrs);
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentisint sysdb_search_custom(TALLOC_CTX *mem_ctx,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                        struct sysdb_ctx *sysdb,
fb25b82560b7fcaffa006cb4738d86acc561b6f4lgentis                        struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char *filter,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char *subtree_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char **attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        size_t *msgs_count,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
1b1b6ae3d9cf8a22cd74249fe56d4fab443f9e21lgentisint sysdb_search_custom_by_name(TALLOC_CTX *mem_ctx,
1b1b6ae3d9cf8a22cd74249fe56d4fab443f9e21lgentis                                struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                const char *object_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                const char *subtree_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                const char **attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                size_t *_count,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                struct ldb_message ***_msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_delete_custom(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        struct sss_domain_info *domain,
1b1b6ae3d9cf8a22cd74249fe56d4fab443f9e21lgentis                        const char *object_name,
1b1b6ae3d9cf8a22cd74249fe56d4fab443f9e21lgentis                        const char *subtree_name);
1b1b6ae3d9cf8a22cd74249fe56d4fab443f9e21lgentis
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentisint sysdb_asq_search(TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     struct ldb_dn *base_dn,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char *expression,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char *asq_attribute,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     const char **attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     size_t *msgs_count,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                     struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_search_users(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *sub_filter,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char **attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       size_t *msgs_count,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_delete_user(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                      const char *name, uid_t uid);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_search_groups(TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        const char *sub_filter,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                        const char **attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        size_t *msgs_count,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                        struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_delete_group(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *name, gid_t gid);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_search_netgroups(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char *sub_filter,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char **attrs,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           size_t *msgs_count,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           struct ldb_message ***msgs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorint sysdb_delete_netgroup(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                          struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                          const char *name);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_attrs_to_list(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            struct sysdb_attrs **attrs,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                            int attr_count,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            const char *attr_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                            char ***_list);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_netgr_to_entries(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                               struct ldb_result *res,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                               struct sysdb_netgroup_ctx ***entries);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_dn_sanitize(TALLOC_CTX *mem_ctx, const char *input,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                          char **sanitized);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3670f762ba6e3c38c29ea8a90fcdd5281ab13d53lgentiserrno_t sysdb_get_bool(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_dn *dn,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *attr_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       bool *value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_set_bool(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       struct ldb_dn *dn,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                       const char *cn_value,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       const char *attr_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                       bool value);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_has_enumerated(struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                             struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             bool *has_enumerated);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentiserrno_t sysdb_set_enumerated(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                             bool enumerated);
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_remove_attrs(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                           enum sysdb_member_type type,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                           char **remove_attrs);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentiserrno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 struct sysdb_ctx *sysdb,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 struct sss_domain_info *dom,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                 enum sysdb_member_type mtype,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                 const char *name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                 char ***_direct_parents);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor/* === Functions related to ID-mapping === */
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_CONTAINER "cn=id_mappings"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_SUBTREE "idmap"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_MAPPING_OC "id_mapping"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_FILTER "(objectClass="SYSDB_IDMAP_MAPPING_OC")"
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_IDMAP_SID_ATTR "objectSID"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_SLICE_ATTR "slice"
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor#define SYSDB_IDMAP_ATTRS { \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_NAME, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_IDMAP_SID_ATTR, \
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor    SYSDB_IDMAP_SLICE_ATTR, \
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis    NULL }
f6edf426ed6b8912be700db47d65a001d091909flgentis
f6edf426ed6b8912be700db47d65a001d091909flgentis#define SYSDB_TMPL_IDMAP_BASE SYSDB_IDMAP_CONTAINER",cn=%s,"SYSDB_BASE
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#define SYSDB_TMPL_IDMAP SYSDB_IDMAP_SID_ATTR"=%s,"SYSDB_TMPL_IDMAP_BASE
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_idmap_store_mapping(struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                  struct sss_domain_info *domain,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                  const char *dom_name,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                  const char *dom_sid,
f6edf426ed6b8912be700db47d65a001d091909flgentis                                  id_t slice_num);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzorerrno_t sysdb_idmap_get_mappings(TALLOC_CTX *mem_ctx,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                 struct sysdb_ctx *sysdb,
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor                                 struct sss_domain_info *domain,
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis                                 struct ldb_result **_result);
ee310fab1ff1ed24942136c5e7423bfae0ff01eagryzor
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis#endif /* __SYS_DB_H__ */
3016c72ae8173bcfc0989ff1b297d4f27f445108lgentis