[SSSD] [sssd PR#203][synchronized] IPA: Enhance debug logging for ipa s2n operations

Mon, 20 Mar 2017 10:33:07 -0700 

   URL: https://github.com/SSSD/sssd/pull/203
Author: justin-stephenson
 Title: #203: IPA: Enhance debug logging for ipa s2n operations
Action: synchronized

To pull the PR as Git branch:
git remote add ghsssd https://github.com/SSSD/sssd
git fetch ghsssd pull/203/head:pr203
git checkout pr203

From ccf50209ee5103e79b403487fffd85983de3c5f3 Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstep...@redhat.com>
Date: Mon, 20 Mar 2017 11:51:05 -0400
Subject: [PATCH 1/2] IPA: Add s2n request to string function

Add a function to convert request_types to string allowing the
ability to print request type information for ipa_s2n functions during
IPA client operations.
---
 src/providers/ipa/ipa_s2n_exop.c | 13 +++++++++++++
 1 file changed, 13 insertions(+)

diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index 07bbb2b..3350d83 100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -979,6 +979,19 @@ static errno_t s2n_response_to_attrs(TALLOC_CTX *mem_ctx,
     return ret;
 }
 
+static const char *ipa_s2n_reqtype2str(enum request_types request_type)
+{
+    if (request_type == REQ_SIMPLE) {
+        return "REQ_SIMPLE";
+    } else if (request_type == REQ_FULL) {
+        return "REQ_FULL";
+    } else if (request_type == REQ_FULL_WITH_MEMBERS) {
+        return "REQ_FULL_WITH_MEMBERS";
+    } else {
+        return "Unknown request type";
+    }
+}
+
 struct ipa_s2n_get_list_state {
     struct tevent_context *ev;
     struct ipa_id_ctx *ipa_ctx;

From 4fbd2bb4c1eaec9015747bf7ca279867e60db462 Mon Sep 17 00:00:00 2001
From: Justin Stephenson <jstep...@redhat.com>
Date: Thu, 16 Mar 2017 14:46:55 -0400
Subject: [PATCH 2/2] IPA: Enhance debug logging for ipa s2n operations

Add log messages to provide useful debug logging surrounding
IPA client extended operations to the IPA Server during AD trust
requests to retrieve information. Print more details about the
objects requested and received during the ipa_s2n operations.

This will improve log analysis and troubleshooting efforts during AD
trust user and group resolution failures on IPA clients, such as missing
groups.
---
 src/providers/ipa/ipa_s2n_exop.c | 24 ++++++++++++++++++++++++
 1 file changed, 24 insertions(+)

diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
index 3350d83..c45abd9 100644
--- a/src/providers/ipa/ipa_s2n_exop.c
+++ b/src/providers/ipa/ipa_s2n_exop.c
@@ -1153,6 +1153,13 @@ static errno_t ipa_s2n_get_list_step(struct tevent_req *req)
         need_v1 = true;
     }
 
+    if (state->req_input.type == REQ_INP_NAME
+            && state->req_input.inp.name != NULL) {
+        DEBUG(SSSDBG_TRACE_FUNC, "Sending request_type: [%s] for group [%s].\n",
+                                 ipa_s2n_reqtype2str(state->request_type),
+                                 state->list[state->list_idx]);
+    }
+
     subreq = ipa_s2n_exop_send(state, state->ev, state->sh, need_v1,
                                state->exop_timeout, bv_req);
     if (subreq == NULL) {
@@ -1191,6 +1198,9 @@ static void ipa_s2n_get_list_next(struct tevent_req *subreq)
         goto fail;
     }
 
+    DEBUG(SSSDBG_TRACE_FUNC, "Received [%s] attributes from IPA server.\n",
+                             state->attrs->a.name);
+
     if (is_default_view(state->ipa_ctx->view_name)) {
         ret = ipa_s2n_get_list_save_step(req);
         if (ret == EOK) {
@@ -1372,6 +1382,11 @@ struct tevent_req *ipa_s2n_get_acct_info_send(TALLOC_CTX *mem_ctx,
         goto fail;
     }
 
+    DEBUG(SSSDBG_TRACE_FUNC, "Sending request_type: [%s] for trust user [%s] "
+                            "to IPA server\n",
+                            ipa_s2n_reqtype2str(state->request_type),
+                            req_input->inp.name);
+
     subreq = ipa_s2n_exop_send(state, state->ev, state->sh, is_v1,
                                state->exop_timeout, bv_req);
     if (subreq == NULL) {
@@ -1611,6 +1626,7 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
     struct ipa_s2n_get_user_state *state = tevent_req_data(req,
                                                 struct ipa_s2n_get_user_state);
     int ret;
+    int c;
     char *retoid = NULL;
     struct berval *retdata = NULL;
     struct resp_attrs *attrs = NULL;
@@ -1658,6 +1674,14 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
         state->attrs = attrs;
 
         if (attrs->response_type == RESP_USER_GROUPLIST) {
+
+            DEBUG(SSSDBG_TRACE_FUNC, "Received [%lu] groups in group list from "
+                                     "IPA Server\n", attrs->ngroups);
+
+            for (c = 0; c < attrs->ngroups; c++) {
+                DEBUG(SSSDBG_TRACE_FUNC, "[%s].\n", attrs->groups[c]);
+            }
+
             ret = get_group_dn_list(state, state->dom,
                                     attrs->ngroups, attrs->groups,
                                     &group_dn_list, &missing_list);

_______________________________________________
sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org
To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org

Reply via email to