[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder jhrozek commented: """ OK, hopefully final CI run: http://sssd-ci.duckdns.org/logs/job/65/48/summary.html """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-289083382 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#136][comment] Tlog integration WIP
URL: https://github.com/SSSD/sssd/pull/136 Title: #136: Tlog integration WIP spbnick commented: """ Alright, this version loads override_space, and only does initgr request if there are groups to match. I think I'll maybe add checking for SYSDB_INITGR_EXPIRE to avoid firing initgr for entries which haven't expired yet. """ See the full comment at https://github.com/SSSD/sssd/pull/136#issuecomment-289055189 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#136][synchronized] Tlog integration WIP
URL: https://github.com/SSSD/sssd/pull/136 Author: spbnick Title: #136: Tlog integration WIP Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/136/head:pr136 git checkout pr136 From 32d6411ef99a1a2abd78314cc7131af8ddb69db7 Mon Sep 17 00:00:00 2001 From: Nikolai KondrashovDate: Fri, 24 Mar 2017 16:24:22 +0200 Subject: [PATCH 01/14] CACHE_REQ: Propagate num_results to cache_req_state The num_results field in struct cache_req_state was only set in case of well-known objects, set it also for the regular results for uniformity, and for later use by session recording code. --- src/responder/common/cache_req/cache_req.c | 9 +++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/src/responder/common/cache_req/cache_req.c b/src/responder/common/cache_req/cache_req.c index aca150d..077282e 100644 --- a/src/responder/common/cache_req/cache_req.c +++ b/src/responder/common/cache_req/cache_req.c @@ -536,7 +536,8 @@ static void cache_req_search_domains_done(struct tevent_req *subreq) static errno_t cache_req_search_domains_recv(TALLOC_CTX *mem_ctx, struct tevent_req *req, - struct cache_req_result ***_results) + struct cache_req_result ***_results, + size_t *_num_results) { struct cache_req_search_domains_state *state; @@ -547,6 +548,9 @@ cache_req_search_domains_recv(TALLOC_CTX *mem_ctx, if (_results != NULL) { *_results = talloc_steal(mem_ctx, state->results); } +if (_num_results != NULL) { +*_num_results = state->num_results; +} return EOK; } @@ -851,7 +855,8 @@ static void cache_req_done(struct tevent_req *subreq) req = tevent_req_callback_data(subreq, struct tevent_req); state = tevent_req_data(req, struct cache_req_state); -ret = cache_req_search_domains_recv(state, subreq, >results); +ret = cache_req_search_domains_recv(state, subreq, +>results, >num_results); talloc_zfree(subreq); if (ret == ENOENT && state->first_iteration) { From 6519d96c520aca0bd30c20d9cc40ce4e74f5b7cd Mon Sep 17 00:00:00 2001 From: Nikolai Kondrashov Date: Wed, 22 Mar 2017 14:32:35 +0200 Subject: [PATCH 02/14] NSS: Move output name formatting to utils Move NSS nss_get_name_from_msg and the core of sized_output_name to the utils to make them available to provider and other responders. --- src/responder/nss/nss_protocol_grent.c | 3 +- src/responder/nss/nss_protocol_pwent.c | 2 +- src/responder/nss/nss_utils.c | 55 +-- src/util/sss_nss.c | 68 ++ src/util/sss_nss.h | 10 + 5 files changed, 90 insertions(+), 48 deletions(-) diff --git a/src/responder/nss/nss_protocol_grent.c b/src/responder/nss/nss_protocol_grent.c index 283ab9f..5f208e0 100644 --- a/src/responder/nss/nss_protocol_grent.c +++ b/src/responder/nss/nss_protocol_grent.c @@ -19,6 +19,7 @@ */ #include "responder/nss/nss_protocol.h" +#include "util/sss_nss.h" static errno_t nss_get_grent(TALLOC_CTX *mem_ctx, @@ -41,7 +42,7 @@ nss_get_grent(TALLOC_CTX *mem_ctx, } /* Get fields. */ -name = nss_get_name_from_msg(domain, msg); +name = sss_nss_get_name_from_msg(domain, msg); gid = sss_view_ldb_msg_find_attr_as_uint64(domain, msg, SYSDB_GIDNUM, 0); if (name == NULL || gid == 0) { diff --git a/src/responder/nss/nss_protocol_pwent.c b/src/responder/nss/nss_protocol_pwent.c index edda9d3..c0b8e79 100644 --- a/src/responder/nss/nss_protocol_pwent.c +++ b/src/responder/nss/nss_protocol_pwent.c @@ -225,7 +225,7 @@ nss_get_pwent(TALLOC_CTX *mem_ctx, /* Get fields. */ upn = ldb_msg_find_attr_as_string(msg, SYSDB_UPN, NULL); -name = nss_get_name_from_msg(domain, msg); +name = sss_nss_get_name_from_msg(domain, msg); gid = nss_get_gid(domain, msg); uid = sss_view_ldb_msg_find_attr_as_uint64(domain, msg, SYSDB_UIDNUM, 0); diff --git a/src/responder/nss/nss_utils.c b/src/responder/nss/nss_utils.c index f839930..42fe33e 100644 --- a/src/responder/nss/nss_utils.c +++ b/src/responder/nss/nss_utils.c @@ -22,37 +22,11 @@ #include #include "util/util.h" +#include "util/sss_nss.h" #include "confdb/confdb.h" #include "responder/common/responder.h" #include "responder/nss/nss_private.h" -const char * -nss_get_name_from_msg(struct sss_domain_info *domain, - struct ldb_message *msg) -{ -const char *name; - -/* If domain has a view associated we return overridden name - * if possible. */ -if (DOM_HAS_VIEWS(domain)) { -name = ldb_msg_find_attr_as_string(msg, OVERRIDE_PREFIX SYSDB_NAME, - NULL); -if (name != NULL) { -
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder lslebodn commented: """ retest this please """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-289045128 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder jhrozek commented: """ I also squashed Lukas' patch to fix some python3 issues. I'm just waiting for our CI to finish. """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-289036591 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder jhrozek commented: """ @lslebodn I pushed a new patchset that should fix the warning in the kcm_queue test, can you verify if all warnings you saw are fixed? """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-289021612 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder simo5 commented: """ All looks good to go. """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-289009240 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][+Accepted] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder Label: +Accepted ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder mzidek-rh commented: """ All my concerns have been addressed (and If I am not mistaken also Simo's). ACK from me. """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-288987732 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#208][synchronized] IFP: Filter with * in Users.ListByName method
URL: https://github.com/SSSD/sssd/pull/208 Author: celestian Title: #208: IFP: Filter with * in Users.ListByName method Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/208/head:pr208 git checkout pr208 From 799ee6a4fb9349e28bba1efeacb5a51ae8b4511c Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C4=8Cech?=Date: Thu, 23 Mar 2017 09:17:55 +0100 Subject: [PATCH] IFP: Filter with * in infopipe methods This patch fixes asterisk in filter of those methods: * org.freedesktop.sssd.infopipe.Users.ListByName * org.freedesktop.sssd.infopipe.Groups.ListByName * org.freedesktop.sssd.infopipe.Users.ListByDomainAndName In those cases, functions ifp_[users|groups]_list_copy() were called with NULL pointer. Resolves: https://pagure.io/SSSD/sssd/issue/3305 --- src/responder/ifp/ifp_groups.c | 26 +++--- src/responder/ifp/ifp_users.c | 14 -- 2 files changed, 23 insertions(+), 17 deletions(-) diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c index 94d1e84..fe3c641 100644 --- a/src/responder/ifp/ifp_groups.c +++ b/src/responder/ifp/ifp_groups.c @@ -302,12 +302,14 @@ static void ifp_groups_list_by_name_done(struct tevent_req *req) return; } -ret = ifp_groups_list_copy(list_ctx, result->ldb_result); -if (ret != EOK) { -error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, - "Failed to copy domain result"); -sbus_request_fail_and_finish(sbus_req, error); -return; +if (ret == EOK) { +ret = ifp_groups_list_copy(list_ctx, result->ldb_result); +if (ret != EOK) { +error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, + "Failed to copy domain result"); +sbus_request_fail_and_finish(sbus_req, error); +return; +} } list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); @@ -388,11 +390,13 @@ static void ifp_groups_list_by_domain_and_name_done(struct tevent_req *req) goto done; } -ret = ifp_groups_list_copy(list_ctx, result->ldb_result); -if (ret != EOK) { -error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, - "Failed to copy domain result"); -goto done; +if (ret == EOK) { +ret = ifp_groups_list_copy(list_ctx, result->ldb_result); +if (ret != EOK) { +error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, + "Failed to copy domain result"); +goto done; +} } done: diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c index cc78300..961a8fa 100644 --- a/src/responder/ifp/ifp_users.c +++ b/src/responder/ifp/ifp_users.c @@ -805,12 +805,14 @@ static void ifp_users_list_by_name_done(struct tevent_req *req) return; } -ret = ifp_users_list_copy(list_ctx, result->ldb_result); -if (ret != EOK) { -error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, - "Failed to copy domain result"); -sbus_request_fail_and_finish(sbus_req, error); -return; +if (ret == EOK) { +ret = ifp_users_list_copy(list_ctx, result->ldb_result); +if (ret != EOK) { +error = sbus_error_new(sbus_req, SBUS_ERROR_INTERNAL, + "Failed to copy domain result"); +sbus_request_fail_and_finish(sbus_req, error); +return; +} } list_ctx->dom = get_next_domain(list_ctx->dom, SSS_GND_DESCEND); ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#206][comment] IFP: Fix of names in GetUserGroups method
URL: https://github.com/SSSD/sssd/pull/206 Title: #206: IFP: Fix of names in GetUserGroups method celestian commented: """ Updated -- I just added "resolves" link to the commit message. """ See the full comment at https://github.com/SSSD/sssd/pull/206#issuecomment-288980755 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#206][synchronized] IFP: Fix of names in GetUserGroups method
URL: https://github.com/SSSD/sssd/pull/206 Author: celestian Title: #206: IFP: Fix of names in GetUserGroups method Action: synchronized To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/206/head:pr206 git checkout pr206 From 09934cbda4fb740d33d37de75f4bb02d11d65057 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20=C4=8Cech?=Date: Wed, 22 Mar 2017 15:40:00 +0100 Subject: [PATCH] IFP: Fix of names in GetUserGroups method This patch adds code which chooses the right domain for creation of output group's name. Resolves: https://pagure.io/SSSD/sssd/issue/3268 --- src/responder/ifp/ifpsrv_cmd.c | 16 +--- src/util/usertools.c | 42 ++ src/util/util.h| 5 + 3 files changed, 60 insertions(+), 3 deletions(-) diff --git a/src/responder/ifp/ifpsrv_cmd.c b/src/responder/ifp/ifpsrv_cmd.c index 07edcdd..d0df8d0 100644 --- a/src/responder/ifp/ifpsrv_cmd.c +++ b/src/responder/ifp/ifpsrv_cmd.c @@ -373,6 +373,8 @@ ifp_user_get_groups_reply(struct sss_domain_info *domain, const char *name; const char **groupnames; char *out_name; +struct sss_domain_info *recent_domain; +errno_t ret; /* one less, the first one is the user entry */ num = res->count - 1; @@ -396,9 +398,17 @@ ifp_user_get_groups_reply(struct sss_domain_info *domain, continue; } -if (domain->fqnames) { -groupnames[i] = sss_tc_fqname(groupnames, domain->names, - domain, out_name); +ret = sss_get_domain_by_name(groupnames, ireq->ifp_ctx->rctx->domains, + name, _domain); +if (ret != EOK) { +DEBUG(SSSDBG_MINOR_FAILURE, "sss_get_domain_by_name() failed " + "[%d]: %s\n", ret, sss_strerror(ret)); +continue; +} + +if (recent_domain->fqnames) { +groupnames[i] = sss_tc_fqname(groupnames, recent_domain->names, + recent_domain, out_name); if (out_name == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "sss_tc_fqname failed\n"); continue; diff --git a/src/util/usertools.c b/src/util/usertools.c index 7b87c56..f818c95 100644 --- a/src/util/usertools.c +++ b/src/util/usertools.c @@ -377,6 +377,48 @@ static struct sss_domain_info * match_any_domain_or_subdomain_name( return find_domain_by_name(dom, dmatch, true); } +int sss_get_domain_by_name(TALLOC_CTX *memctx, + struct sss_domain_info *domains, + const char *orig_fqname, + struct sss_domain_info **_domain) +{ +struct sss_domain_info *dom, *match = NULL; +char *dmatch, *nmatch; +TALLOC_CTX *tmp_ctx; +int ret; + +tmp_ctx = talloc_new(NULL); +if (tmp_ctx == NULL) { +return ENOMEM; +} + +for (dom = domains; dom != NULL; dom = get_next_domain(dom, 0)) { +ret = sss_parse_name(tmp_ctx, dom->names, orig_fqname, , ); +if (ret == EOK) { +if (dmatch != NULL) { +match = match_any_domain_or_subdomain_name (dom, dmatch); +if (match != NULL) { +DEBUG(SSSDBG_FUNC_DATA, "name '%s' matched expression for " +"domain '%s'\n", +orig_fqname, match->name); +break; +} +} +/* EINVAL is returned when name doesn't match */ +} else if (ret != EINVAL) { +goto done; +} +} + +*_domain = match; + +ret = EOK; +done: +talloc_free(tmp_ctx); + +return ret; +} + int sss_parse_name_for_domains(TALLOC_CTX *memctx, struct sss_domain_info *domains, const char *default_domain, diff --git a/src/util/util.h b/src/util/util.h index a2dc89b..e61138d 100644 --- a/src/util/util.h +++ b/src/util/util.h @@ -239,6 +239,11 @@ int sss_parse_name(TALLOC_CTX *memctx, struct sss_names_ctx *snctx, const char *orig, char **_domain, char **_name); +int sss_get_domain_by_name(TALLOC_CTX *memctx, + struct sss_domain_info *domains, + const char *orig_fqname, + struct sss_domain_info **_domain); + int sss_parse_name_for_domains(TALLOC_CTX *memctx, struct sss_domain_info *domains, const char *default_domain, ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org
[SSSD] [sssd PR#197][comment] KCM responder
URL: https://github.com/SSSD/sssd/pull/197 Title: #197: KCM responder jhrozek commented: """ CI on the rebased patches: http://sssd-ci.duckdns.org/logs/job/65/45/summary.html """ See the full comment at https://github.com/SSSD/sssd/pull/197#issuecomment-288949515 ___ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org