rpms/sssd
3
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
640e44ca24
sssd/0076-IFP-expose-user-and-group-unique-IDs-through-DBus.patch
Lukas Slebodnik 640e44ca24 Fix regression with krb5_map_user 
- Resolves: rhbz#1375552 - krb5_map_user doesn't seem effective anymore
- Resolves: rhbz#1349286 - authconfig fails with SSSDConfig.NoDomainError:
                           default if nonexistent domain is mentioned
2016-09-22 22:28:47 +02:00

240 lines
10 KiB
Diff
Raw Blame History

From 407eca9a7167145158272e3d41316b6079b4eb74 Mon Sep 17 00:00:00 2001
From: Thomas Equeter <firstname@lastname.com>
Date: Fri, 26 Aug 2016 10:35:30 +0200
Subject: [PATCH 76/79] IFP: expose user and group unique IDs through DBus
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
This adds a uniqueID property on User and Group InfoPipe objects. It has a
useful value on AD- and IPA-backed domains. For Active Directory, this is the
GUID.
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit e9a2e7afbd09c23dd8748246e09831ed7b17d7c5)
---
src/db/sysdb.h | 2 ++
src/responder/ifp/ifp_groups.c | 19 +++++++++++++++++++
src/responder/ifp/ifp_groups.h | 4 ++++
src/responder/ifp/ifp_iface.c | 2 ++
src/responder/ifp/ifp_iface.xml | 2 ++
src/responder/ifp/ifp_iface_generated.c | 18 ++++++++++++++++++
src/responder/ifp/ifp_iface_generated.h | 4 ++++
src/responder/ifp/ifp_users.c | 7 +++++++
src/responder/ifp/ifp_users.h | 4 ++++
9 files changed, 62 insertions(+)
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index 8713efa6e8fcc6fb620340fe152989a5dae58434..7de3acdf343e0c013ab39a249268c93cbb2d0dbc 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -224,6 +224,7 @@
SYSDB_OVERRIDE_DN, \
SYSDB_OVERRIDE_OBJECT_DN, \
SYSDB_DEFAULT_OVERRIDE_NAME, \
+ SYSDB_UUID, \
NULL}
#define SYSDB_GRSRC_ATTRS {SYSDB_NAME, SYSDB_GIDNUM, \
@@ -235,6 +236,7 @@
SYSDB_OVERRIDE_DN, \
SYSDB_OVERRIDE_OBJECT_DN, \
SYSDB_DEFAULT_OVERRIDE_NAME, \
+ SYSDB_UUID, \
NULL}
#define SYSDB_NETGR_ATTRS {SYSDB_NAME, SYSDB_NETGROUP_TRIPLE, \
diff --git a/src/responder/ifp/ifp_groups.c b/src/responder/ifp/ifp_groups.c
index babd8ec3f57b0469c8ca35f9f2464a0a32076967..29aebe45e710e53538c317a688077689ece4c979 100644
--- a/src/responder/ifp/ifp_groups.c
+++ b/src/responder/ifp/ifp_groups.c
@@ -751,6 +751,25 @@ void ifp_groups_group_get_gid_number(struct sbus_request *sbus_req,
return;
}
+void ifp_groups_group_get_unique_id(struct sbus_request *sbus_req,
+ void *data,
+ const char **_out)
+{
+ struct ldb_message *msg;
+ struct sss_domain_info *domain;
+ errno_t ret;
+
+ ret = ifp_groups_group_get(sbus_req, data, NULL, &domain, &msg);
+ if (ret != EOK) {
+ *_out = 0;
+ return;
+ }
+
+ *_out = sss_view_ldb_msg_find_attr_as_string(domain, msg, SYSDB_UUID, 0);
+
+ return;
+}
+
static errno_t
ifp_groups_group_get_members(TALLOC_CTX *mem_ctx,
struct sbus_request *sbus_req,
diff --git a/src/responder/ifp/ifp_groups.h b/src/responder/ifp/ifp_groups.h
index 4cfabb9d70df92cda02de02cd1dcf7cc5b071ba8..1e0377fae6101473f5fcc6f9f69f12c3adf33f79 100644
--- a/src/responder/ifp/ifp_groups.h
+++ b/src/responder/ifp/ifp_groups.h
@@ -64,6 +64,10 @@ void ifp_groups_group_get_gid_number(struct sbus_request *sbus_req,
void *data,
uint32_t *_out);
+void ifp_groups_group_get_unique_id(struct sbus_request *sbus_req,
+ void *data,
+ const char **_out);
+
void ifp_groups_group_get_users(struct sbus_request *sbus_req,
void *data,
const char ***_out,
diff --git a/src/responder/ifp/ifp_iface.c b/src/responder/ifp/ifp_iface.c
index e6ddc687ba9db878ee39fee5868d1f924d58482d..ff306adf3243994ee7f71850226dc1c5e0831f16 100644
--- a/src/responder/ifp/ifp_iface.c
+++ b/src/responder/ifp/ifp_iface.c
@@ -104,6 +104,7 @@ struct iface_ifp_users_user iface_ifp_users_user = {
.get_gecos = ifp_users_user_get_gecos,
.get_homeDirectory = ifp_users_user_get_home_directory,
.get_loginShell = ifp_users_user_get_login_shell,
+ .get_uniqueID = ifp_users_user_get_unique_id,
.get_groups = ifp_users_user_get_groups,
.get_extraAttributes = ifp_users_user_get_extra_attributes
};
@@ -121,6 +122,7 @@ struct iface_ifp_groups_group iface_ifp_groups_group = {
.UpdateMemberList = ifp_groups_group_update_member_list,
.get_name = ifp_groups_group_get_name,
.get_gidNumber = ifp_groups_group_get_gid_number,
+ .get_uniqueID = ifp_groups_group_get_unique_id,
.get_users = ifp_groups_group_get_users,
.get_groups = ifp_groups_group_get_groups
};
diff --git a/src/responder/ifp/ifp_iface.xml b/src/responder/ifp/ifp_iface.xml
index 25b104ad70c0fd84b6c0fe9dbb0dc6e6439c1376..41e9f1d026fa434705ea50999ab3d9ad116f7f29 100644
--- a/src/responder/ifp/ifp_iface.xml
+++ b/src/responder/ifp/ifp_iface.xml
@@ -186,6 +186,7 @@
<property name="gecos" type="s" access="read" />
<property name="homeDirectory" type="s" access="read" />
<property name="loginShell" type="s" access="read" />
+ <property name="uniqueID" type="s" access="read" />
<property name="groups" type="ao" access="read" />
<property name="extraAttributes" type="a{sas}" access="read" />
</interface>
@@ -221,6 +222,7 @@
<property name="name" type="s" access="read" />
<property name="gidNumber" type="u" access="read" />
+ <property name="uniqueID" type="s" access="read" />
<property name="users" type="ao" access="read" />
<property name="groups" type="ao" access="read" />
</interface>
diff --git a/src/responder/ifp/ifp_iface_generated.c b/src/responder/ifp/ifp_iface_generated.c
index 6156ca2947434f301d206232f83cfc0647007707..ed018a044bd01c69554116946450aca7aacd5fd8 100644
--- a/src/responder/ifp/ifp_iface_generated.c
+++ b/src/responder/ifp/ifp_iface_generated.c
@@ -976,6 +976,15 @@ const struct sbus_property_meta iface_ifp_users_user__properties[] = {
NULL, /* no invoker */
},
{
+ "uniqueID", /* name */
+ "s", /* type */
+ SBUS_PROPERTY_READABLE,
+ offsetof(struct iface_ifp_users_user, get_uniqueID),
+ sbus_invoke_get_s,
+ 0, /* not writable */
+ NULL, /* no invoker */
+ },
+ {
"groups", /* name */
"ao", /* type */
SBUS_PROPERTY_READABLE,
@@ -1165,6 +1174,15 @@ const struct sbus_property_meta iface_ifp_groups_group__properties[] = {
NULL, /* no invoker */
},
{
+ "uniqueID", /* name */
+ "s", /* type */
+ SBUS_PROPERTY_READABLE,
+ offsetof(struct iface_ifp_groups_group, get_uniqueID),
+ sbus_invoke_get_s,
+ 0, /* not writable */
+ NULL, /* no invoker */
+ },
+ {
"users", /* name */
"ao", /* type */
SBUS_PROPERTY_READABLE,
diff --git a/src/responder/ifp/ifp_iface_generated.h b/src/responder/ifp/ifp_iface_generated.h
index 141348249d2da5447fa04495564a8c6a55d67a1b..0c6fd151cd674cdbd4582cb95ef43c9fcc133d6f 100644
--- a/src/responder/ifp/ifp_iface_generated.h
+++ b/src/responder/ifp/ifp_iface_generated.h
@@ -88,6 +88,7 @@
#define IFACE_IFP_USERS_USER_GECOS "gecos"
#define IFACE_IFP_USERS_USER_HOMEDIRECTORY "homeDirectory"
#define IFACE_IFP_USERS_USER_LOGINSHELL "loginShell"
+#define IFACE_IFP_USERS_USER_UNIQUEID "uniqueID"
#define IFACE_IFP_USERS_USER_GROUPS "groups"
#define IFACE_IFP_USERS_USER_EXTRAATTRIBUTES "extraAttributes"
@@ -103,6 +104,7 @@
#define IFACE_IFP_GROUPS_GROUP_UPDATEMEMBERLIST "UpdateMemberList"
#define IFACE_IFP_GROUPS_GROUP_NAME "name"
#define IFACE_IFP_GROUPS_GROUP_GIDNUMBER "gidNumber"
+#define IFACE_IFP_GROUPS_GROUP_UNIQUEID "uniqueID"
#define IFACE_IFP_GROUPS_GROUP_USERS "users"
#define IFACE_IFP_GROUPS_GROUP_GROUPS "groups"
@@ -294,6 +296,7 @@ struct iface_ifp_users_user {
void (*get_gecos)(struct sbus_request *, void *data, const char **);
void (*get_homeDirectory)(struct sbus_request *, void *data, const char **);
void (*get_loginShell)(struct sbus_request *, void *data, const char **);
+ void (*get_uniqueID)(struct sbus_request *, void *data, const char **);
void (*get_groups)(struct sbus_request *, void *data, const char ***, int *);
void (*get_extraAttributes)(struct sbus_request *, void *data, hash_table_t **);
};
@@ -328,6 +331,7 @@ struct iface_ifp_groups_group {
int (*UpdateMemberList)(struct sbus_request *req, void *data);
void (*get_name)(struct sbus_request *, void *data, const char **);
void (*get_gidNumber)(struct sbus_request *, void *data, uint32_t*);
+ void (*get_uniqueID)(struct sbus_request *, void *data, const char **);
void (*get_users)(struct sbus_request *, void *data, const char ***, int *);
void (*get_groups)(struct sbus_request *, void *data, const char ***, int *);
};
diff --git a/src/responder/ifp/ifp_users.c b/src/responder/ifp/ifp_users.c
index 5481413ef908785ecf276aad7154e4a7b511fd45..a2bafff5853683443f25f857124214a048132c4a 100644
--- a/src/responder/ifp/ifp_users.c
+++ b/src/responder/ifp/ifp_users.c
@@ -774,6 +774,13 @@ void ifp_users_user_get_login_shell(struct sbus_request *sbus_req,
ifp_users_get_as_string(sbus_req, data, SYSDB_SHELL, _out);
}
+void ifp_users_user_get_unique_id(struct sbus_request *sbus_req,
+ void *data,
+ const char **_out)
+{
+ ifp_users_get_as_string(sbus_req, data, SYSDB_UUID, _out);
+}
+
void ifp_users_user_get_groups(struct sbus_request *sbus_req,
void *data,
const char ***_out,
diff --git a/src/responder/ifp/ifp_users.h b/src/responder/ifp/ifp_users.h
index 99114fe9562f237204b3121ae3fe1f29dbc256a8..6a3a66951ff2c68cdc220364d28651d53b9d6a68 100644
--- a/src/responder/ifp/ifp_users.h
+++ b/src/responder/ifp/ifp_users.h
@@ -84,6 +84,10 @@ void ifp_users_user_get_login_shell(struct sbus_request *sbus_req,
void *data,
const char **_out);
+void ifp_users_user_get_unique_id(struct sbus_request *sbus_req,
+ void *data,
+ const char **_out);
+
void ifp_users_user_get_groups(struct sbus_request *sbus_req,
void *data,
const char ***_out,
--
2.9.3
Reference in New Issue View Git Blame Copy Permalink