ipa_hbac_private.h revision ad07ed37b6b51ef134d4524edaf2259e19ac984f
/*
SSSD
Authors:
Stephen Gallagher <sgallagh@redhat.com>
Copyright (C) 2011 Red Hat
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#ifndef IPA_HBAC_PRIVATE_H_
#define IPA_HBAC_PRIVATE_H_
#include "providers/ipa/ipa_access.h"
#include "providers/ipa/ipa_hbac.h"
#define IPA_HBAC_RULE "ipaHBACRule"
#define IPA_HOST "ipaHost"
#define IPA_HOSTGROUP "ipaHostGroup"
#define IPA_HBAC_SERVICE "ipaHBACService"
#define IPA_HBAC_SERVICE_GROUP "ipaHBACServiceGroup"
#define IPA_HOST_SERVERHOSTNAME "serverHostName"
#define IPA_HOST_FQDN "fqdn"
#define IPA_UNIQUE_ID "ipauniqueid"
#define IPA_MEMBER "member"
#define SYSDB_ORIG_MEMBER "orig_member"
#define HBAC_HOSTS_SUBDIR "hbac_hosts"
#define HBAC_HOSTGROUPS_SUBDIR "hbac_hostgroups"
#define OBJECTCLASS "objectclass"
#define IPA_MEMBEROF "memberOf"
#define IPA_ACCESS_RULE_TYPE "accessRuleType"
#define IPA_HBAC_ALLOW "allow"
#define IPA_MEMBER_USER "memberUser"
#define IPA_USER_CATEGORY "userCategory"
#define IPA_SERVICE_NAME "serviceName"
#define IPA_SOURCE_HOST "sourceHost"
#define IPA_SOURCE_HOST_CATEGORY "sourceHostCategory"
#define IPA_EXTERNAL_HOST "externalHost"
#define IPA_ENABLED_FLAG "ipaenabledflag"
#define IPA_MEMBER_HOST "memberHost"
#define IPA_HOST_CATEGORY "hostCategory"
#define IPA_CN "cn"
#define IPA_MEMBER_SERVICE "memberService"
#define IPA_SERVICE_CATEGORY "serviceCategory"
#define IPA_TRUE_VALUE "TRUE"
#define IPA_HOST_BASE_TMPL "cn=computers,cn=accounts,%s"
#define IPA_HBAC_BASE_TMPL "cn=hbac,%s"
#define IPA_SERVICES_BASE_TMPL "cn=hbacservices,cn=accounts,%s"
#define HBAC_RULES_SUBDIR "hbac_rules"
#define HBAC_SERVICES_SUBDIR "hbac_services"
#define HBAC_SERVICEGROUPS_SUBDIR "hbac_servicegroups"
/* From ipa_hbac_common.c */
struct sysdb_attrs **list);
const char *primary_subdir, const char *attr_name,
const char *group_subdir, const char *groupattr_name,
replace_attribute_name(const char *old_name,
struct sysdb_attrs **list);
struct hbac_eval_req **request);
const char *category_attr,
const char *rule_name,
struct sysdb_attrs *rule_attrs,
struct hbac_rule_element **thosts);
const char *rule_name,
struct sysdb_attrs *rule_attrs,
bool support_srchost,
struct hbac_rule_element **source_hosts);
const char *host_dn,
char **hostgroupname);
/* From ipa_hbac_services.c */
struct tevent_req *
struct tevent_context *ev,
struct sdap_handle *sh,
struct sdap_options *opts,
struct sdap_search_base **search_bases);
struct sysdb_attrs ***services,
struct sysdb_attrs ***servicegroups);
const char *rule_name,
struct sysdb_attrs *rule_attrs,
struct hbac_rule_element **services);
const char *service_dn,
char **servicename);
/* From ipa_hbac_users.c */
const char *rule_name,
struct sysdb_attrs *rule_attrs,
struct hbac_rule_element **users);
const char *group_dn,
const char **groupname);
#endif /* IPA_HBAC_PRIVATE_H_ */