URL: https://github.com/SSSD/sssd/pull/683 Author: jhrozek Title: #683: PYSSS: Re-add the pysss.getgrouplist() interface Action: opened
PR body: """ Related: https://pagure.io/SSSD/sssd/issue/3493 Commit 0e211b8ba30c3adcdeef21ca1339b194cbfffb04 was supposed to remove only the parts of the pysss API that relate to the local domain. But it removed also the getgrouplist() method by accident. This method is very important to IPA, so we need to add it back. """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/683/head:pr683 git checkout pr683
From 143a0e38314db784e85ad50e08d91d8b2f285e93 Mon Sep 17 00:00:00 2001 From: Jakub Hrozek <jhro...@redhat.com> Date: Wed, 24 Oct 2018 09:41:44 +0200 Subject: [PATCH] PYSSS: Re-add the pysss.getgrouplist() interface Related: https://pagure.io/SSSD/sssd/issue/3493 Commit 0e211b8ba30c3adcdeef21ca1339b194cbfffb04 was supposed to remove only the parts of the pysss API that relate to the local domain. But it removed also the getgrouplist() method by accident. This method is very important to IPA, so we need to add it back. --- src/python/pysss.c | 83 ++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 83 insertions(+) diff --git a/src/python/pysss.c b/src/python/pysss.c index e92653a9e4..78b8de0739 100644 --- a/src/python/pysss.c +++ b/src/python/pysss.c @@ -215,12 +215,95 @@ static PyTypeObject pysss_password_type = { .tp_doc = sss_py_const_p(char, "SSS password obfuscation"), }; +/* + * Get list of groups user belongs to + */ +PyDoc_STRVAR(py_sss_getgrouplist__doc__, + "Get list of groups user belongs to.\n\n" + "NOTE: The interface uses the system NSS calls and is not limited to " + "users served by the SSSD!\n" + ":param username: name of user to get list for\n"); + +static PyObject *py_sss_getgrouplist(PyObject *self, PyObject *args) +{ + char *username = NULL; + gid_t *groups = NULL; + struct passwd *pw; + struct group *gr; + int ngroups; + int ret; + Py_ssize_t i, idx; + PyObject *groups_tuple; + + if(!PyArg_ParseTuple(args, discard_const_p(char, "s"), &username)) { + goto fail; + } + + pw = getpwnam(username); + if (pw == NULL) { + goto fail; + } + + ngroups = 32; + groups = malloc(sizeof(gid_t) * ngroups); + if (groups == NULL) { + goto fail; + } + + do { + ret = getgrouplist(username, pw->pw_gid, groups, &ngroups); + if (ret < ngroups) { + gid_t *tmp_groups = realloc(groups, ngroups * sizeof(gid_t)); + if (tmp_groups == NULL) { + goto fail; + } + groups = tmp_groups; + } + } while (ret != ngroups); + + groups_tuple = PyTuple_New((Py_ssize_t) ngroups); + if (groups_tuple == NULL) { + goto fail; + } + + /* Populate a tuple with names of groups + * In unlikely case of group not being able to resolve, skip it + * We also need to resize resulting tuple to avoid empty elements there */ + idx = 0; + for (i = 0; i < ngroups; i++) { + gr = getgrgid(groups[i]); + if (gr) { + PyTuple_SetItem(groups_tuple, idx, +#ifdef IS_PY3K + PyUnicode_FromString(gr->gr_name) +#else + PyString_FromString(gr->gr_name) +#endif + ); + idx++; + } + } + free(groups); + groups = NULL; + + if (i != idx) { + _PyTuple_Resize(&groups_tuple, idx); + } + + return groups_tuple; + +fail: + free(groups); + return NULL; +} + /* ==================== the sss module initialization =======================*/ /* * Module methods */ static PyMethodDef module_methods[] = { + {"getgrouplist", py_sss_getgrouplist, METH_VARARGS, py_sss_getgrouplist__doc__}, {NULL, NULL, 0, NULL} /* Sentinel */ };
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedorahosted.org/archives/list/sssd-devel@lists.fedorahosted.org
