Re: [Freeipa-devel] [PATCH] 87 extdom: handle INP_POSIX_UID and INP_POSIX_GID requests

[Martin Kosek]

On 10/17/2012 02:15 PM, Alexander Bokovoy wrote:
 On Thu, 11 Oct 2012, Sumit Bose wrote:
 Hi,

 I found this issue while working on a related sssd bug
 https://fedorahosted.org/sssd/ticket/1561 .

 This patch allows the clients to send a request map a UID or GID for a
 trusted user to the name of the user. To achieve this the Posix ID is
 mapped to the corresponding SID and then the SID is looked up.

 FreeIPA ticket is https://fedorahosted.org/freeipa/ticket/3166 .
 ACK.

Pushed to master, ipa-3-0.

Martin


___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

Re: [Freeipa-devel] [PATCH] 87 extdom: handle INP_POSIX_UID and INP_POSIX_GID requests

[Alexander Bokovoy]

On Thu, 11 Oct 2012, Sumit Bose wrote:

Hi,

I found this issue while working on a related sssd bug
https://fedorahosted.org/sssd/ticket/1561 .

This patch allows the clients to send a request map a UID or GID for a
trusted user to the name of the user. To achieve this the Posix ID is
mapped to the corresponding SID and then the SID is looked up.

FreeIPA ticket is https://fedorahosted.org/freeipa/ticket/3166 .

ACK.


--
/ Alexander Bokovoy

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel

[Freeipa-devel] [PATCH] 87 extdom: handle INP_POSIX_UID and INP_POSIX_GID requests

[Sumit Bose]

Hi,

I found this issue while working on a related sssd bug
https://fedorahosted.org/sssd/ticket/1561 .

This patch allows the clients to send a request map a UID or GID for a
trusted user to the name of the user. To achieve this the Posix ID is
mapped to the corresponding SID and then the SID is looked up.

FreeIPA ticket is https://fedorahosted.org/freeipa/ticket/3166 .

bye,
Sumit
From 014f92f1beda9788721282f54fae285f57f29f95 Mon Sep 17 00:00:00 2001
From: Sumit Bose sb...@redhat.com
Date: Thu, 11 Oct 2012 12:13:53 +0200
Subject: [PATCH] extdom: handle INP_POSIX_UID and INP_POSIX_GID requests

Fixes https://fedorahosted.org/freeipa/ticket/3166
---
 .../ipa-extdom-extop/ipa_extdom_common.c   | 38 ++
 1 Datei geändert, 32 Zeilen hinzugefügt(+), 6 Zeilen entfernt(-)

diff --git a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c 
b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
index 
47d4d68d1d7f5e4f02ad68849b840eaa63f7c33d..0c054fb84d375b4e429b35af8f2dc896a475cb2b
 100644
--- a/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
+++ b/daemons/ipa-slapi-plugins/ipa-extdom-extop/ipa_extdom_common.c
@@ -329,20 +329,46 @@ int handle_request(struct ipa_extdom_ctx *ctx, struct 
extdom_req *req,
 char *name;
 enum wbcSidType name_type;
 struct domain_info *domain_info = NULL;
+uint32_t id;
+enum idmap_error_code err;
+char *sid_str;
 
 ret = get_domain_info(ctx, req-data.name.domain_name, domain_info);
 if (ret != 0) {
 return LDAP_OPERATIONS_ERROR;
 }
+if (req-input_type == INP_POSIX_UID || req-input_type == INP_POSIX_GID) {
+if (req-input_type == INP_POSIX_UID) {
+id = req-data.posix_uid.uid;
+} else {
+id = req-data.posix_gid.gid;
+}
+
+err = sss_idmap_unix_to_sid(domain_info-idmap_ctx, id, sid_str);
+if (err != IDMAP_SUCCESS) {
+ret = LDAP_OPERATIONS_ERROR;
+goto done;
+}
+
+werr = wbcStringToSid(sid_str, sid);
+free(sid_str);
+if (!WBC_ERROR_IS_OK(werr)) {
+ret = LDAP_OPERATIONS_ERROR;
+goto done;
+}
+
+} else if (req-input_type == INP_SID) {
+werr = wbcStringToSid(req-data.sid, sid);
+if (!WBC_ERROR_IS_OK(werr)) {
+ret = LDAP_OPERATIONS_ERROR;
+goto done;
+}
+}
 
 switch (req-input_type) {
+case INP_POSIX_UID:
+case INP_POSIX_GID:
 case INP_SID:
-werr = wbcStringToSid(req-data.sid, sid);
-if (!WBC_ERROR_IS_OK(werr)) {
-ret = LDAP_OPERATIONS_ERROR;
-goto done;
-}
-
 werr = wbcLookupSid(sid, domain_name, name, name_type);
 if (!WBC_ERROR_IS_OK(werr)) {
 ret = LDAP_OPERATIONS_ERROR;
-- 
1.7.11.4

___
Freeipa-devel mailing list
Freeipa-devel@redhat.com
https://www.redhat.com/mailman/listinfo/freeipa-devel