sssd/0049-FILES-Reduce-code-duplication.patch
Fabiano Fidêncio 90dd145c92 Resolves: upstream#3520 - Files provider supports only BE_FILTER_ENUM
Also ...
Resolves: rhbz#1540703 - FreeIPA/SSSD implicit_file sssd_nss error: The Data
                         Provider returned an error
                         [org.freedesktop.sssd.Error.DataProvider.Fatal]

Signed-off-by: Fabiano Fidêncio <fidencio@redhat.com>
2018-04-27 22:12:12 +02:00

311 lines
9.3 KiB
Diff

From 601e30e9d6e7c0da2e1648dc2d9bc37bddf512d8 Mon Sep 17 00:00:00 2001
From: Jakub Hrozek <jhrozek@redhat.com>
Date: Tue, 17 Apr 2018 14:22:39 +0200
Subject: [PATCH] FILES: Reduce code duplication
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Reviewed-by: Pavel Březina <pbrezina@redhat.com>
(cherry picked from commit 1f8bfb6975becda07ff29f557f82b6ac1eaa0be9)
---
src/providers/files/files_ops.c | 213 +++++++++++++++-------------------------
1 file changed, 81 insertions(+), 132 deletions(-)
diff --git a/src/providers/files/files_ops.c b/src/providers/files/files_ops.c
index 95c4d2a06..370af1274 100644
--- a/src/providers/files/files_ops.c
+++ b/src/providers/files/files_ops.c
@@ -35,6 +35,10 @@
#define PWD_MAXSIZE 1024
#define GRP_MAXSIZE 2048
+#define SF_UPDATE_PASSWD 1<<0
+#define SF_UPDATE_GROUP 1<<1
+#define SF_UPDATE_BOTH (SF_UPDATE_PASSWD | SF_UPDATE_GROUP)
+
struct files_ctx {
struct files_ops_ctx *ops;
};
@@ -708,6 +712,70 @@ done:
return ret;
}
+static errno_t sf_enum_files(struct files_id_ctx *id_ctx,
+ uint8_t flags)
+{
+ errno_t ret;
+ errno_t tret;
+ bool in_transaction = false;
+
+ ret = sysdb_transaction_start(id_ctx->domain->sysdb);
+ if (ret != EOK) {
+ goto done;
+ }
+ in_transaction = true;
+
+ if (flags & SF_UPDATE_PASSWD) {
+ ret = delete_all_users(id_ctx->domain);
+ if (ret != EOK) {
+ goto done;
+ }
+
+ /* All users were deleted, therefore we need to enumerate each file again */
+ for (size_t i = 0; id_ctx->passwd_files[i] != NULL; i++) {
+ ret = sf_enum_users(id_ctx, id_ctx->passwd_files[i]);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot enumerate users\n");
+ goto done;
+ }
+ }
+ }
+
+ if (flags & SF_UPDATE_GROUP) {
+ ret = delete_all_groups(id_ctx->domain);
+ if (ret != EOK) {
+ goto done;
+ }
+
+ /* All groups were deleted, therefore we need to enumerate each file again */
+ for (size_t i = 0; id_ctx->group_files[i] != NULL; i++) {
+ ret = sf_enum_groups(id_ctx, id_ctx->group_files[i]);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE, "Cannot enumerate groups\n");
+ goto done;
+ }
+ }
+ }
+
+ ret = sysdb_transaction_commit(id_ctx->domain->sysdb);
+ if (ret != EOK) {
+ goto done;
+ }
+ in_transaction = false;
+
+ ret = EOK;
+done:
+ if (in_transaction) {
+ tret = sysdb_transaction_cancel(id_ctx->domain->sysdb);
+ if (tret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "Cannot cancel transaction: %d\n", ret);
+ }
+ }
+
+ return ret;
+}
+
static void sf_cb_done(struct files_id_ctx *id_ctx)
{
/* Only activate a domain when both callbacks are done */
@@ -722,8 +790,6 @@ static int sf_passwd_cb(const char *filename, uint32_t flags, void *pvt)
{
struct files_id_ctx *id_ctx;
errno_t ret;
- errno_t tret;
- bool in_transaction = false;
id_ctx = talloc_get_type(pvt, struct files_id_ctx);
if (id_ctx == NULL) {
@@ -740,49 +806,17 @@ static int sf_passwd_cb(const char *filename, uint32_t flags, void *pvt)
dp_sbus_reset_users_memcache(id_ctx->be->provider);
dp_sbus_reset_initgr_memcache(id_ctx->be->provider);
- ret = sysdb_transaction_start(id_ctx->domain->sysdb);
- if (ret != EOK) {
- goto done;
- }
- in_transaction = true;
-
- ret = delete_all_users(id_ctx->domain);
- if (ret != EOK) {
- goto done;
- }
-
- /* All users were deleted, therefore we need to enumerate each file again */
- for (size_t i = 0; id_ctx->passwd_files[i] != NULL; i++) {
- ret = sf_enum_users(id_ctx, id_ctx->passwd_files[i]);
- if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, "Cannot enumerate users\n");
- goto done;
- }
- }
-
- /* Covers the case when someone edits /etc/group, adds a group member and
+ /* Using SF_UDPATE_BOTH here the case when someone edits /etc/group, adds a group member and
* only then edits passwd and adds the user. The reverse is not needed,
* because member/memberof links are established when groups are saved.
*/
- ret = delete_all_groups(id_ctx->domain);
- if (ret != EOK) {
- goto done;
- }
-
- /* All groups were deleted, therefore we need to enumerate each file again */
- for (size_t i = 0; id_ctx->group_files[i] != NULL; i++) {
- ret = sf_enum_groups(id_ctx, id_ctx->group_files[i]);
- if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, "Cannot enumerate groups\n");
- goto done;
- }
- }
-
- ret = sysdb_transaction_commit(id_ctx->domain->sysdb);
+ ret = sf_enum_files(id_ctx, SF_UPDATE_BOTH);
if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Could not update files: [%d]: %s\n",
+ ret, sss_strerror(ret));
goto done;
}
- in_transaction = false;
id_ctx->updating_passwd = false;
sf_cb_done(id_ctx);
@@ -790,14 +824,6 @@ static int sf_passwd_cb(const char *filename, uint32_t flags, void *pvt)
ret = EOK;
done:
- if (in_transaction) {
- tret = sysdb_transaction_cancel(id_ctx->domain->sysdb);
- if (tret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Cannot cancel transaction: %d\n", ret);
- }
- }
-
return ret;
}
@@ -805,8 +831,6 @@ static int sf_group_cb(const char *filename, uint32_t flags, void *pvt)
{
struct files_id_ctx *id_ctx;
errno_t ret;
- errno_t tret;
- bool in_transaction = false;
id_ctx = talloc_get_type(pvt, struct files_id_ctx);
if (id_ctx == NULL) {
@@ -823,47 +847,20 @@ static int sf_group_cb(const char *filename, uint32_t flags, void *pvt)
dp_sbus_reset_groups_memcache(id_ctx->be->provider);
dp_sbus_reset_initgr_memcache(id_ctx->be->provider);
- ret = sysdb_transaction_start(id_ctx->domain->sysdb);
- if (ret != EOK) {
- goto done;
- }
- in_transaction = true;
-
- ret = delete_all_groups(id_ctx->domain);
- if (ret != EOK) {
- goto done;
- }
-
- /* All groups were deleted, therefore we need to enumerate each file again */
- for (size_t i = 0; id_ctx->group_files[i] != NULL; i++) {
- ret = sf_enum_groups(id_ctx, id_ctx->group_files[i]);
- if (ret != EOK) {
- DEBUG(SSSDBG_OP_FAILURE, "Cannot enumerate groups\n");
- goto done;
- }
- }
-
- ret = sysdb_transaction_commit(id_ctx->domain->sysdb);
+ ret = sf_enum_files(id_ctx, SF_UPDATE_GROUP);
if (ret != EOK) {
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Could not update files: [%d]: %s\n",
+ ret, sss_strerror(ret));
goto done;
}
- in_transaction = false;
id_ctx->updating_groups = false;
sf_cb_done(id_ctx);
files_account_info_finished(id_ctx, BE_REQ_GROUP, ret);
ret = EOK;
-
done:
- if (in_transaction) {
- tret = sysdb_transaction_cancel(id_ctx->domain->sysdb);
- if (tret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Cannot cancel transaction: %d\n", ret);
- }
- }
-
return ret;
}
@@ -873,62 +870,14 @@ static void startup_enum_files(struct tevent_context *ev,
{
struct files_id_ctx *id_ctx = talloc_get_type(pvt, struct files_id_ctx);
errno_t ret;
- errno_t tret;
- bool in_transaction = false;
talloc_zfree(imm);
- ret = sysdb_transaction_start(id_ctx->domain->sysdb);
- if (ret != EOK) {
- goto done;
- }
- in_transaction = true;
-
- ret = delete_all_users(id_ctx->domain);
- if (ret != EOK) {
- goto done;
- }
-
- ret = delete_all_groups(id_ctx->domain);
+ ret = sf_enum_files(id_ctx, SF_UPDATE_BOTH);
if (ret != EOK) {
- goto done;
- }
-
- for (size_t i = 0; id_ctx->passwd_files[i] != NULL; i++) {
- DEBUG(SSSDBG_TRACE_FUNC,
- "Startup user enumeration of [%s]\n", id_ctx->passwd_files[i]);
- ret = sf_enum_users(id_ctx, id_ctx->passwd_files[i]);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Enumerating users failed, data might be inconsistent!\n");
- goto done;
- }
- }
-
- for (size_t i = 0; id_ctx->group_files[i] != NULL; i++) {
- DEBUG(SSSDBG_TRACE_FUNC,
- "Startup group enumeration of [%s]\n", id_ctx->group_files[i]);
- ret = sf_enum_groups(id_ctx, id_ctx->group_files[i]);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Enumerating groups failed, data might be inconsistent!\n");
- goto done;
- }
- }
-
- ret = sysdb_transaction_commit(id_ctx->domain->sysdb);
- if (ret != EOK) {
- goto done;
- }
- in_transaction = false;
-
-done:
- if (in_transaction) {
- tret = sysdb_transaction_cancel(id_ctx->domain->sysdb);
- if (tret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Cannot cancel transaction: %d\n", ret);
- }
+ DEBUG(SSSDBG_OP_FAILURE,
+ "Could not update files after startup: [%d]: %s\n",
+ ret, sss_strerror(ret));
}
}
--
2.14.3