From 57720f0d0945262a13d9ab7d1ec8220837ab618f Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Wed, 29 Nov 2017 20:02:35 +0100
Subject: [PATCH 77/79] confdb: Fix starting of implicit files domain

We did not start implicit_files domain when sssd configuration
contains files domain which was disabled.
---
 src/confdb/confdb.c                   | 36 +++++++++++++++++++++++++++++++++--
 src/tests/intg/test_files_provider.py |  3 +++
 2 files changed, 37 insertions(+), 2 deletions(-)

diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index c41bd5087592ba15d8956e0279aaf72ba86936ed..ef1be4a6e6daee2644d535e561fac7735eb6a0b2 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1719,12 +1719,43 @@ done:
 }
 
 static bool need_implicit_files_domain(TALLOC_CTX *tmp_ctx,
+                                       struct confdb_ctx *cdb,
                                        struct ldb_result *doms)
 {
     const char *id_provider = NULL;
     unsigned int i;
+    errno_t ret;
+    char **domlist;
+    const char *val;
+
+    ret = confdb_get_string_as_list(cdb, tmp_ctx,
+                                    CONFDB_MONITOR_CONF_ENTRY,
+                                    CONFDB_MONITOR_ACTIVE_DOMAINS,
+                                    &domlist);
+    if (ret == ENOENT) {
+        return true;
+    } else if (ret != EOK) {
+        DEBUG(SSSDBG_CRIT_FAILURE,
+              "Cannot get active domains %d[%s]\n",
+              ret, sss_strerror(ret));
+        return false;
+    }
 
     for (i = 0; i < doms->count; i++) {
+        val = ldb_msg_find_attr_as_string(doms->msgs[i], CONFDB_DOMAIN_ATTR,
+                                          NULL);
+        if (val == NULL) {
+            DEBUG(SSSDBG_CRIT_FAILURE,
+                  "The object [%s] doesn't have a name\n",
+                  ldb_dn_get_linearized(doms->msgs[i]->dn));
+            continue;
+        }
+
+        /* skip disabled domain */
+        if (!string_in_list(val, domlist, false)) {
+            continue;
+        }
+
         id_provider = ldb_msg_find_attr_as_string(doms->msgs[i],
                                                   CONFDB_DOMAIN_ID_PROVIDER,
                                                   NULL);
@@ -1748,7 +1779,8 @@ static int confdb_has_files_domain(struct confdb_ctx *cdb)
     TALLOC_CTX *tmp_ctx = NULL;
     struct ldb_dn *dn = NULL;
     struct ldb_result *res = NULL;
-    static const char *attrs[] = { CONFDB_DOMAIN_ID_PROVIDER, NULL };
+    static const char *attrs[] = { CONFDB_DOMAIN_ID_PROVIDER,
+                                   CONFDB_DOMAIN_ATTR, NULL };
     int ret;
     bool need_files_dom;
 
@@ -1770,7 +1802,7 @@ static int confdb_has_files_domain(struct confdb_ctx *cdb)
         goto done;
     }
 
-    need_files_dom = need_implicit_files_domain(tmp_ctx, res);
+    need_files_dom = need_implicit_files_domain(tmp_ctx, cdb, res);
 
     ret = need_files_dom ? ENOENT : EOK;
 done:
diff --git a/src/tests/intg/test_files_provider.py b/src/tests/intg/test_files_provider.py
index e507ea10d78b9b35ee57178e78f4621372d0c2e5..169da713767b6495e117d805b29d8d6346237ebc 100644
--- a/src/tests/intg/test_files_provider.py
+++ b/src/tests/intg/test_files_provider.py
@@ -167,6 +167,9 @@ def no_files_domain(request):
 
         [domain/local]
         id_provider = local
+
+        [domain/disabled.files]
+        id_provider = files
     """).format(**locals())
     create_conf_fixture(request, conf)
     create_sssd_fixture(request)
-- 
2.15.1