139 lines
4.1 KiB
Diff
139 lines
4.1 KiB
Diff
From 318bdcab400cbe714115e945d016c81037eef18c Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
|
|
Date: Fri, 18 Dec 2015 12:34:21 +0100
|
|
Subject: [PATCH 29/49] IPA SUDO: Remember USN
|
|
|
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
|
(cherry picked from commit d06cc0974e59cd6cf1da45cc8c60d6e822b731c2)
|
|
---
|
|
src/providers/ipa/ipa_sudo_async.c | 50 ++++++++++++++++++++++++++++++++++++--
|
|
1 file changed, 48 insertions(+), 2 deletions(-)
|
|
|
|
diff --git a/src/providers/ipa/ipa_sudo_async.c b/src/providers/ipa/ipa_sudo_async.c
|
|
index cea85cdbfc21598164557b70a7055fd4b786ba8a..d52b97da17337b224c4be4b4fb65b0a99000e4b6 100644
|
|
--- a/src/providers/ipa/ipa_sudo_async.c
|
|
+++ b/src/providers/ipa/ipa_sudo_async.c
|
|
@@ -23,6 +23,7 @@
|
|
#include <dhash.h>
|
|
|
|
#include "providers/ldap/sdap_ops.h"
|
|
+#include "providers/ldap/sdap_sudo_shared.h"
|
|
#include "providers/ipa/ipa_common.h"
|
|
#include "providers/ipa/ipa_hosts.h"
|
|
#include "providers/ipa/ipa_sudo.h"
|
|
@@ -133,6 +134,32 @@ fail:
|
|
return NULL;
|
|
}
|
|
|
|
+static errno_t
|
|
+ipa_sudo_highest_usn(TALLOC_CTX *mem_ctx,
|
|
+ struct sysdb_attrs **attrs,
|
|
+ size_t num_attrs,
|
|
+ char **current_usn)
|
|
+{
|
|
+ errno_t ret;
|
|
+ char *usn;
|
|
+
|
|
+ ret = sysdb_get_highest_usn(mem_ctx, attrs, num_attrs, &usn);
|
|
+ if (ret != EOK) {
|
|
+ DEBUG(SSSDBG_MINOR_FAILURE, "Unable to get highest USN [%d]: %s\n",
|
|
+ ret, sss_strerror(ret));
|
|
+ return ret;
|
|
+ }
|
|
+
|
|
+ if (sysdb_compare_usn(usn, *current_usn) > 0) {
|
|
+ talloc_free(*current_usn);
|
|
+ *current_usn = usn;
|
|
+ return EOK;
|
|
+ }
|
|
+
|
|
+ talloc_free(usn);
|
|
+ return EOK;
|
|
+}
|
|
+
|
|
struct ipa_sudo_fetch_state {
|
|
struct tevent_context *ev;
|
|
struct sysdb_ctx *sysdb;
|
|
@@ -150,6 +177,7 @@ struct ipa_sudo_fetch_state {
|
|
struct ipa_sudo_conv *conv;
|
|
struct sysdb_attrs **rules;
|
|
size_t num_rules;
|
|
+ char *usn;
|
|
};
|
|
|
|
static errno_t ipa_sudo_fetch_rules(struct tevent_req *req);
|
|
@@ -292,6 +320,11 @@ ipa_sudo_fetch_rules_done(struct tevent_req *subreq)
|
|
goto done;
|
|
}
|
|
|
|
+ ret = ipa_sudo_highest_usn(state, attrs, num_attrs, &state->usn);
|
|
+ if (ret != EOK) {
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
ret = ipa_sudo_fetch_cmdgroups(req);
|
|
|
|
done:
|
|
@@ -366,6 +399,11 @@ ipa_sudo_fetch_cmdgroups_done(struct tevent_req *subreq)
|
|
goto done;
|
|
}
|
|
|
|
+ ret = ipa_sudo_highest_usn(state, attrs, num_attrs, &state->usn);
|
|
+ if (ret != EOK) {
|
|
+ goto done;
|
|
+ }
|
|
+
|
|
ret = ipa_sudo_fetch_cmds(req);
|
|
|
|
done:
|
|
@@ -482,7 +520,8 @@ static errno_t
|
|
ipa_sudo_fetch_recv(TALLOC_CTX *mem_ctx,
|
|
struct tevent_req *req,
|
|
struct sysdb_attrs ***_rules,
|
|
- size_t *_num_rules)
|
|
+ size_t *_num_rules,
|
|
+ char **_usn)
|
|
{
|
|
struct ipa_sudo_fetch_state *state = NULL;
|
|
state = tevent_req_data(req, struct ipa_sudo_fetch_state);
|
|
@@ -491,6 +530,7 @@ ipa_sudo_fetch_recv(TALLOC_CTX *mem_ctx,
|
|
|
|
*_rules = talloc_steal(mem_ctx, state->rules);
|
|
*_num_rules = state->num_rules;
|
|
+ *_usn = talloc_steal(mem_ctx, state->usn);
|
|
|
|
return EOK;
|
|
}
|
|
@@ -697,6 +737,7 @@ ipa_sudo_refresh_done(struct tevent_req *subreq)
|
|
{
|
|
struct ipa_sudo_refresh_state *state;
|
|
struct tevent_req *req;
|
|
+ char *usn = NULL;
|
|
bool in_transaction = false;
|
|
errno_t sret;
|
|
int ret;
|
|
@@ -704,7 +745,8 @@ ipa_sudo_refresh_done(struct tevent_req *subreq)
|
|
req = tevent_req_callback_data(subreq, struct tevent_req);
|
|
state = tevent_req_data(req, struct ipa_sudo_refresh_state);
|
|
|
|
- ret = ipa_sudo_fetch_recv(state, subreq, &state->rules, &state->num_rules);
|
|
+ ret = ipa_sudo_fetch_recv(state, subreq, &state->rules,
|
|
+ &state->num_rules, &usn);
|
|
talloc_zfree(subreq);
|
|
|
|
ret = sdap_id_op_done(state->sdap_op, ret, &state->dp_error);
|
|
@@ -745,6 +787,10 @@ ipa_sudo_refresh_done(struct tevent_req *subreq)
|
|
}
|
|
in_transaction = false;
|
|
|
|
+ if (usn != NULL) {
|
|
+ sdap_sudo_set_usn(state->sudo_ctx->id_ctx->srv_opts, usn);
|
|
+ }
|
|
+
|
|
DEBUG(SSSDBG_TRACE_FUNC, "Sudo rules are successfully stored in cache\n");
|
|
|
|
done:
|
|
--
|
|
2.5.0
|
|
|