Stephen Gallagher <sgall...@redhat.com> wrote:
> On 04/12/2011 04:41 AM, Jan Zelený wrote:
> > I'm sending three patches with the cache-cleaning utility and some
> > updates in sysdb which this utility depends on.
>
> I haven't done a full review of this feature yet, but at a glance I
> notice that it doesn't have support for expiring netgroups. This should
> be added.
Done. Patches in attachment.
Jan
From 55651c1d1f07dc65cfbcb1a225c4c188529ba0e3 Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Mon, 11 Apr 2011 09:46:30 -0400
Subject: [PATCH 2/3] Some minor fixes and changes in sysdb_ops
---
src/db/sysdb_ops.c | 53 +++++++++++++++++++++++++++++++++++----------------
1 files changed, 36 insertions(+), 17 deletions(-)
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index 7eb4b48c959c8d40d19b1179cbdbadbb0c4448f1..e74bcfa6ad5122fde32742b095bf09e9646d1026 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -531,6 +531,10 @@ int sysdb_set_netgroup_attr(struct sysdb_ctx *ctx,
return ENOMEM;
}
+ if (domain == NULL) {
+ domain = ctx->domain;
+ }
+
dn = sysdb_netgroup_dn(ctx, tmp_ctx, domain->name, name);
if (!dn) {
ret = ENOMEM;
@@ -1383,6 +1387,18 @@ int sysdb_store_user(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
+ if (!domain) {
+ domain = ctx->domain;
+ }
+
+ if (!attrs) {
+ attrs = sysdb_new_attrs(tmpctx);
+ if (!attrs) {
+ ret = ENOMEM;
+ goto done;
+ }
+ }
+
if (pwd && (domain->legacy_passwords || !*pwd)) {
ret = sysdb_attrs_add_string(attrs, SYSDB_PWD, pwd);
if (ret) goto done;
@@ -1407,14 +1423,6 @@ int sysdb_store_user(TALLOC_CTX *mem_ctx,
}
/* the user exists, let's just replace attributes when set */
- if (!attrs) {
- attrs = sysdb_new_attrs(tmpctx);
- if (!attrs) {
- ret = ENOMEM;
- goto done;
- }
- }
-
if (uid) {
ret = sysdb_attrs_add_uint32(attrs, SYSDB_UIDNUM, uid);
if (ret) goto done;
@@ -1516,6 +1524,10 @@ int sysdb_store_group(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
+ if (!domain) {
+ domain = ctx->domain;
+ }
+
ret = sysdb_search_group_by_name(tmpctx, ctx,
domain, name, src_attrs, &msg);
if (ret && ret != ENOENT) {
@@ -1525,6 +1537,14 @@ int sysdb_store_group(TALLOC_CTX *mem_ctx,
new_group = true;
}
+ if (!attrs) {
+ attrs = sysdb_new_attrs(tmpctx);
+ if (!attrs) {
+ ret = ENOMEM;
+ goto done;
+ }
+ }
+
/* FIXME: use the remote modification timestamp to know if the
* group needs any update */
@@ -1536,15 +1556,6 @@ int sysdb_store_group(TALLOC_CTX *mem_ctx,
}
/* the group exists, let's just replace attributes when set */
-
- if (!attrs) {
- attrs = sysdb_new_attrs(tmpctx);
- if (!attrs) {
- ret = ENOMEM;
- goto done;
- }
- }
-
if (gid) {
ret = sysdb_attrs_add_uint32(attrs, SYSDB_GIDNUM, gid);
if (ret) goto done;
@@ -2088,6 +2099,10 @@ int sysdb_search_users(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
+ if (!domain) {
+ domain = sysdb->domain;
+ }
+
basedn = ldb_dn_new_fmt(tmpctx, sysdb->ldb,
SYSDB_TMPL_USER_BASE, domain->name);
if (!basedn) {
@@ -2202,6 +2217,10 @@ int sysdb_search_groups(TALLOC_CTX *mem_ctx,
return ENOMEM;
}
+ if (!domain) {
+ domain = sysdb->domain;
+ }
+
basedn = ldb_dn_new_fmt(tmpctx, sysdb->ldb,
SYSDB_TMPL_GROUP_BASE, domain->name);
if (!basedn) {
--
1.7.4.1
From c37ec6fb92d23f9c94123c1a0de404af8b8616bc Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Wed, 13 Apr 2011 08:16:37 -0400
Subject: [PATCH 3/3] Cache cleaning tool
https://fedorahosted.org/sssd/ticket/787
---
Makefile.am | 10 ++-
contrib/sssd.spec.in | 1 +
src/tools/sss_cache.c | 346 +++++++++++++++++++++++++++++++++++++++++++++++++
3 files changed, 356 insertions(+), 1 deletions(-)
create mode 100644 src/tools/sss_cache.c
diff --git a/Makefile.am b/Makefile.am
index d8eb28d3ef507bc72439ae95dfc335d60139fc5d..014293dfd4d07ca1f1cf383307b1350a29bbbffb 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -54,7 +54,8 @@ sbin_PROGRAMS = \
sss_groupdel \
sss_usermod \
sss_groupmod \
- sss_groupshow
+ sss_groupshow \
+ sss_cache
sssdlibexec_PROGRAMS = \
sssd_nss \
@@ -476,6 +477,13 @@ sss_groupshow_SOURCES = \
sss_groupshow_LDADD = \
$(TOOLS_LIBS)
+sss_cache_SOURCES = \
+ src/tools/sss_cache.c \
+ $(SSSD_UTIL_OBJ) \
+ $(SSSD_TOOLS_OBJ)
+sss_cache_LDADD = \
+ $(TOOLS_LIBS)
+
#################
# Feature Tests #
#################
diff --git a/contrib/sssd.spec.in b/contrib/sssd.spec.in
index 338151ddb20a5258aa5a851cec7bf6b1546d6f69..56e36f4d5948043c70b144c38bd28010f4a5f7b7 100644
--- a/contrib/sssd.spec.in
+++ b/contrib/sssd.spec.in
@@ -249,6 +249,7 @@ rm -rf $RPM_BUILD_ROOT
%{_sbindir}/sss_groupmod
%{_sbindir}/sss_groupshow
%{_sbindir}/sss_obfuscate
+%{_sbindir}/sss_cache
%{_mandir}/man8/sss_groupadd.8*
%{_mandir}/man8/sss_groupdel.8*
%{_mandir}/man8/sss_groupmod.8*
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
new file mode 100644
index 0000000000000000000000000000000000000000..df04a805961fbae85ff9ec9b32dc395e5e04f62e
--- /dev/null
+++ b/src/tools/sss_cache.c
@@ -0,0 +1,346 @@
+/*
+ SSSD
+
+ sss_cache
+
+ Copyright (C) Jan Zeleny <jzel...@redhat.com> 2011
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include <stdio.h>
+#include <stdlib.h>
+#include <talloc.h>
+#include <popt.h>
+#include <sys/types.h>
+
+#include "util/util.h"
+#include "tools/sss_sync_ops.h"
+#include "db/sysdb.h"
+
+#define INVALIDATE_NONE 0
+#define INVALIDATE_USERS 1
+#define INVALIDATE_GROUPS 2
+#define INVALIDATE_NETGROUPS 4
+
+struct cache_tool_ctx {
+ struct confdb_ctx *confdb;
+ struct sss_domain_info *domains;
+ struct sysdb_ctx_list *sysdb_list;
+
+ char *user_filter;
+ char *group_filter;
+ char *netgroup_filter;
+};
+
+errno_t init_domains(struct cache_tool_ctx *ctx, const char *domain);
+errno_t init_context(struct cache_tool_ctx **tctx, int argc, const char *argv[]);
+
+int main(int argc, const char *argv[])
+{
+ errno_t ret;
+ struct cache_tool_ctx *tctx = NULL;
+ struct sysdb_ctx *sysdb;
+ int i, j;
+ const char *attrs[] = {SYSDB_NAME, NULL};
+ struct sysdb_attrs *sys_attrs = NULL;
+ size_t msg_count;
+ struct ldb_message **msgs;
+ const char *c_name;
+
+ ret = init_context(&tctx, argc, argv);
+ if (ret != EOK) {
+ DEBUG(2, ("Error initializing context for the application\n"));
+ goto done;
+ }
+
+ for (i = 0; i<tctx->sysdb_list->num_dbs; i++) {
+ sysdb = tctx->sysdb_list->dbs[i];
+ ret = sysdb_transaction_start(sysdb);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not start the transaction!\n"));
+ goto done;
+ }
+
+ if (tctx->user_filter) {
+ ret = sysdb_search_users(tctx, sysdb, NULL, tctx->user_filter, attrs,
+ &msg_count, &msgs);
+ if (ret != EOK) {
+ DEBUG(3, ("Finding users with filter %s failed\n", tctx->user_filter));
+ }
+
+ for (j=0 ; j<msg_count ; j++) {
+ c_name = ldb_msg_find_attr_as_string(msgs[j], SYSDB_NAME, NULL);
+ if (c_name == NULL) {
+ DEBUG(1, ("Something bad happenned, can't find attribute %s",
+ SYSDB_NAME));
+ } else {
+ ret = sysdb_store_user(tctx, sysdb, NULL, c_name, NULL, 0, 0,
+ NULL, NULL, NULL, NULL, NULL, 0);
+ if (ret != EOK) {
+ DEBUG(5, ("Couldn't invalidate user %s", c_name));
+ }
+ }
+ }
+ talloc_free(msgs);
+ }
+
+ if (tctx->group_filter) {
+ ret = sysdb_search_groups(tctx, sysdb, NULL, tctx->group_filter,
+ attrs, &msg_count, &msgs);
+ if (ret != EOK) {
+ DEBUG(3, ("Finding groups with filter %s failed\n",
+ tctx->group_filter));
+ }
+
+ for (j=0 ; j<msg_count ; j++) {
+ c_name = ldb_msg_find_attr_as_string(msgs[j], SYSDB_NAME, NULL);
+ if (c_name == NULL) {
+ DEBUG(1, ("Something bad happenned, can't find attribute %s",
+ SYSDB_NAME));
+ } else {
+ ret = sysdb_store_group(tctx, sysdb, NULL, c_name, 0, NULL, 0);
+ if (ret != EOK) {
+ DEBUG(5, ("Couldn't invalidate group %s", c_name));
+ }
+ }
+ }
+ talloc_free(msgs);
+ }
+
+ if (tctx->netgroup_filter) {
+ ret = sysdb_search_netgroups(tctx, sysdb, NULL, tctx->netgroup_filter,
+ attrs, &msg_count, &msgs);
+ if (ret != EOK) {
+ DEBUG(3, ("Finding netgroups with filter %s failed\n",
+ tctx->netgroup_filter));
+ }
+
+ for (j=0 ; j<msg_count ; j++) {
+ c_name = ldb_msg_find_attr_as_string(msgs[j], SYSDB_NAME, NULL);
+ if (c_name == NULL) {
+ DEBUG(1, ("Something bad happenned, can't find attribute %s",
+ SYSDB_NAME));
+ } else {
+
+ sys_attrs = sysdb_new_attrs(tctx);
+ if (sys_attrs) {
+ ret = sysdb_attrs_add_time_t(sys_attrs,
+ SYSDB_CACHE_EXPIRE, 0);
+ if (ret == EOK) {
+ ret = sysdb_set_netgroup_attr(sysdb, NULL, c_name,
+ sys_attrs,
+ SYSDB_MOD_REP);
+ if (ret != EOK) {
+ DEBUG(3, ("Could not invalidate netgroup %s\n",
+ c_name));
+ }
+ } else {
+ DEBUG(3, ("Could not add expiration time to "
+ "netgroup attributes\n"));
+ }
+ talloc_zfree(sys_attrs);
+ } else {
+ DEBUG(1, ("Could not create sysdb attributes\n"));
+ }
+ }
+ }
+ talloc_free(msgs);
+ }
+
+ ret = sysdb_transaction_commit(sysdb);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not commit the transaction!\n"));
+ }
+ }
+
+done:
+ if (tctx) talloc_free(tctx);
+ return ret;
+}
+
+
+errno_t init_domains(struct cache_tool_ctx *ctx, const char *domain) {
+ char *confdb_path;
+ int ret;
+ struct sysdb_ctx *db_ctx = NULL;
+
+ confdb_path = talloc_asprintf(ctx, "%s/%s", DB_PATH, CONFDB_FILE);
+ if (confdb_path == NULL) {
+ return ENOMEM;
+ }
+
+ /* Connect to the conf db */
+ ret = confdb_init(ctx, &ctx->confdb, confdb_path);
+ talloc_free(confdb_path);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not initialize connection to the confdb\n"));
+ return ret;
+ }
+
+ if (domain) {
+ ret = confdb_get_domain(ctx->confdb, domain, &ctx->domains);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not get '%s' domain: [%d] [%s]\n",
+ domain, ret, strerror(ret)));
+ goto fail;
+ }
+
+ ret = sysdb_domain_init(ctx, ctx->domains, DB_PATH, &db_ctx);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not initialize connection to the sysdb\n"));
+ goto fail;
+ }
+
+ ret = sysdb_list_init(ctx, DB_PATH, db_ctx, &ctx->sysdb_list);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not initialize the list of connections\n"));
+ goto fail;
+ }
+ } else {
+ ret = sysdb_init(ctx, ctx->confdb, NULL, false, &ctx->sysdb_list);
+ if (ret != EOK) {
+ DEBUG(1, ("Could not initialize connection to the sysdb\n"));
+ goto fail;
+ }
+ }
+
+ return EOK;
+fail:
+ if (ctx->confdb) talloc_zfree(ctx->confdb);
+ if (ctx->domains) talloc_zfree(ctx->domains);
+ if (ctx->sysdb_list) {
+ talloc_zfree(ctx->sysdb_list);
+ } else {
+ if (db_ctx) talloc_free(db_ctx);
+ }
+ return ret;
+}
+
+errno_t init_context(struct cache_tool_ctx **tctx, int argc, const char *argv[])
+{
+ struct cache_tool_ctx *ctx = NULL;
+ int idb = INVALIDATE_NONE;
+ char *user = NULL;
+ char *group = NULL;
+ char *netgroup = NULL;
+ char *domain = NULL;
+ int debug = 0;
+ errno_t ret = EOK;
+
+ poptContext pc = NULL;
+ struct poptOption long_options[] = {
+ POPT_AUTOHELP
+ { "debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_DOC_HIDDEN, &debug,
+ 0, _("The debug level to run with"), NULL },
+ { "user", 'u', POPT_ARG_STRING, &user, 0,
+ _("Invalidate particular user"), NULL },
+ { "users", 'U', POPT_ARG_NONE, NULL, 'u',
+ _("Invalidate all users"), NULL },
+ { "group", 'g', POPT_ARG_STRING, &group, 0,
+ _("Invalidate particular group"), NULL },
+ { "groups", 'G', POPT_ARG_NONE, NULL, 'g',
+ _("Invalidate all groups"), NULL },
+ { "netgroup", 'n', POPT_ARG_STRING, &netgroup, 0,
+ _("Invalidate particular netgroup"), NULL },
+ { "netgroups", 'N', POPT_ARG_NONE, NULL, 'n',
+ _("Invalidate all netgroups"), NULL },
+ { "domain", 'd', POPT_ARG_STRING, &domain, 0,
+ _("Only invalidate entries from a particular domain"), NULL },
+ POPT_TABLEEND
+ };
+
+ ret = set_locale();
+ if (ret != EOK) {
+ DEBUG(1, ("set_locale failed (%d): %s\n", ret, strerror(ret)));
+ ERROR("Error setting the locale\n");
+ ret = EXIT_FAILURE;
+ goto fini;
+ }
+
+ pc = poptGetContext(NULL, argc, argv, long_options, 0);
+ while ((ret = poptGetNextOpt(pc)) > 0) {
+ switch (ret) {
+ case 'u':
+ idb |= INVALIDATE_USERS;
+ break;
+ case 'g':
+ idb |= INVALIDATE_GROUPS;
+ break;
+ case 'n':
+ idb |= INVALIDATE_NETGROUPS;
+ break;
+ }
+ }
+ if (ret != -1) {
+ BAD_POPT_PARAMS(pc, poptStrerror(ret), ret, fini);
+ }
+
+ debug_level = debug;
+ debug_prg_name = argv[0];
+ CHECK_ROOT(ret, debug_prg_name);
+
+ ctx = talloc_zero(NULL, struct cache_tool_ctx);
+ if (ctx == NULL) {
+ DEBUG(1, ("Could not allocate memory for tools context\n"));
+ ret = ENOMEM;
+ goto fini;
+ }
+
+ if (idb & INVALIDATE_USERS) {
+ ctx->user_filter = talloc_strdup(ctx, "");
+ } else if (user) {
+ ctx->user_filter = talloc_asprintf(ctx, "(%s=%s)", SYSDB_NAME, user);
+ }
+
+ if (idb & INVALIDATE_GROUPS) {
+ ctx->group_filter = talloc_strdup(ctx, "");
+ } else if (group) {
+ ctx->group_filter = talloc_asprintf(ctx, "(%s=%s)", SYSDB_NAME, group);
+ }
+
+ if (idb & INVALIDATE_NETGROUPS) {
+ ctx->netgroup_filter = talloc_strdup(ctx, "");
+ } else if (netgroup) {
+ ctx->netgroup_filter = talloc_asprintf(ctx, "(%s=%s)", SYSDB_NAME,
+ netgroup);
+ }
+ if (((idb & INVALIDATE_USERS || user) && !ctx->user_filter) ||
+ ((idb & INVALIDATE_GROUPS || group) && !ctx->group_filter) ||
+ ((idb & INVALIDATE_NETGROUPS || netgroup) && !ctx->netgroup_filter)) {
+ DEBUG(1, ("Construction of filters failed\n"));
+ ret = ENOMEM;
+ goto fini;
+ }
+
+ ret = init_domains(ctx, domain);
+ if (ret != EOK) {
+ DEBUG(3, ("Initialization of sysdb connections failed\n"));
+ goto fini;
+ }
+
+ ret = EOK;
+
+fini:
+ poptFreeContext(pc);
+ if (user) free(user);
+ if (group) free(group);
+ if (netgroup) free(netgroup);
+ if (domain) free(domain);
+ if (ret != EOK && ctx) {
+ talloc_zfree(ctx);
+ }
+ *tctx = ctx;
+ return ret;
+}
--
1.7.4.1
From ab7ccc584214d4a9f34afc06f24b8d643e35d77b Mon Sep 17 00:00:00 2001
From: Jan Zeleny <jzel...@redhat.com>
Date: Mon, 11 Apr 2011 09:44:33 -0400
Subject: [PATCH 1/3] Some updates in sysdb for cache cleaning utility
---
src/db/sysdb.c | 41 ++++++++++++++++++++++++++++++++++
src/db/sysdb.h | 21 ++++++++++++++++-
src/db/sysdb_ops.c | 57 ++++++++++++++++++++++++++++++++++++++++++++++++
src/db/sysdb_private.h | 7 ------
4 files changed, 118 insertions(+), 8 deletions(-)
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
index cd785219b10ece35adce1dad9a2012bfaf7b31ec..27bc863b565b6b3d79452327c82dda44a5adaf3e 100644
--- a/src/db/sysdb.c
+++ b/src/db/sysdb.c
@@ -1874,6 +1874,47 @@ int sysdb_domain_init(TALLOC_CTX *mem_ctx,
db_path, false, _ctx);
}
+int sysdb_list_init(TALLOC_CTX *mem_ctx,
+ const char *path,
+ struct sysdb_ctx *ctx,
+ struct sysdb_ctx_list **_list)
+{
+ struct sysdb_ctx_list *list;
+ int ret;
+
+ list = talloc_zero(mem_ctx, struct sysdb_ctx_list);
+ if (!list) {
+ DEBUG(1, ("talloc_zero failed\n"));
+ return ENOMEM;
+ }
+
+ list->db_path = talloc_strdup(list, path);
+ if (!list->db_path) {
+ DEBUG(1, ("talloc_strdup failed\n"));
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ if (ctx) {
+ list->dbs = talloc_zero(list, struct sysdb_ctx *);
+ if (!list->dbs) {
+ DEBUG(1, ("talloc_zero failed\n"));
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ list->dbs[0] = talloc_steal(list, ctx);
+ list->num_dbs = 1;
+ }
+
+ *_list = list;
+ return EOK;
+
+fail:
+ talloc_free(list);
+ return ret;
+}
+
int sysdb_get_ctx_from_list(struct sysdb_ctx_list *ctx_list,
struct sss_domain_info *domain,
struct sysdb_ctx **ctx)
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
index e6f9b4a7cdaf18a07eaa28a9387a2848e987d5f2..c133072dd8a3974157343e5b915457bf269ae03c 100644
--- a/src/db/sysdb.h
+++ b/src/db/sysdb.h
@@ -169,9 +169,15 @@
#define SYSDB_MOD_REP LDB_FLAG_MOD_REPLACE
struct confdb_ctx;
-struct sysdb_ctx_list;
struct sysdb_ctx;
+struct sysdb_ctx_list {
+ struct sysdb_ctx **dbs;
+ size_t num_dbs;
+
+ char *db_path;
+};
+
struct sysdb_attrs {
int num;
struct ldb_message_element *a;
@@ -282,6 +288,11 @@ int sysdb_domain_init(TALLOC_CTX *mem_ctx,
const char *db_path,
struct sysdb_ctx **_ctx);
+int sysdb_list_init(TALLOC_CTX *mem_ctx,
+ const char *path,
+ struct sysdb_ctx *ctx,
+ struct sysdb_ctx_list **_list);
+
int sysdb_get_ctx_from_list(struct sysdb_ctx_list *ctx_list,
struct sss_domain_info *domain,
struct sysdb_ctx **_ctx);
@@ -702,6 +713,14 @@ int sysdb_delete_group(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,
const char *name, gid_t gid);
+int sysdb_search_netgroups(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sub_filter,
+ const char **attrs,
+ size_t *msgs_count,
+ struct ldb_message ***msgs);
+
int sysdb_delete_netgroup(struct sysdb_ctx *sysdb,
struct sss_domain_info *domain,
const char *name);
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
index ba1f6672c72afd78fdb818630f1e92caf9c2e3de..7eb4b48c959c8d40d19b1179cbdbadbb0c4448f1 100644
--- a/src/db/sysdb_ops.c
+++ b/src/db/sysdb_ops.c
@@ -2295,6 +2295,63 @@ fail:
return ret;
}
+/* =Search-Netgroups-with-Custom-Filter===================================== */
+
+int sysdb_search_netgroups(TALLOC_CTX *mem_ctx,
+ struct sysdb_ctx *sysdb,
+ struct sss_domain_info *domain,
+ const char *sub_filter,
+ const char **attrs,
+ size_t *msgs_count,
+ struct ldb_message ***msgs)
+{
+ TALLOC_CTX *tmpctx;
+ struct ldb_dn *basedn;
+ char *filter;
+ int ret;
+
+ tmpctx = talloc_new(mem_ctx);
+ if (!tmpctx) {
+ return ENOMEM;
+ }
+
+ if (domain == NULL) {
+ domain = sysdb->domain;
+ }
+
+ basedn = ldb_dn_new_fmt(tmpctx, sysdb->ldb,
+ SYSDB_TMPL_NETGROUP_BASE, domain->name);
+ if (!basedn) {
+ DEBUG(2, ("Failed to build base dn\n"));
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ filter = talloc_asprintf(tmpctx, "(&(%s)%s)", SYSDB_NC, sub_filter);
+ if (!filter) {
+ DEBUG(2, ("Failed to build filter\n"));
+ ret = ENOMEM;
+ goto fail;
+ }
+
+ DEBUG(6, ("Search netgroups with filter: %s\n", filter));
+
+ ret = sysdb_search_entry(mem_ctx, sysdb, basedn,
+ LDB_SCOPE_SUBTREE, filter, attrs,
+ msgs_count, msgs);
+ if (ret) {
+ goto fail;
+ }
+
+ talloc_zfree(tmpctx);
+ return EOK;
+
+fail:
+ DEBUG(6, ("Error: %d (%s)\n", ret, strerror(ret)));
+ talloc_zfree(tmpctx);
+ return ret;
+}
+
/* =Delete-Netgroup-by-Name============================================== */
int sysdb_delete_netgroup(struct sysdb_ctx *sysdb,
diff --git a/src/db/sysdb_private.h b/src/db/sysdb_private.h
index 3e92156062477cb8e62e642ff1ae9b258fb0969b..501cd447d41019e3ac5b5d53c6a701481c8ed269 100644
--- a/src/db/sysdb_private.h
+++ b/src/db/sysdb_private.h
@@ -72,11 +72,4 @@ struct sysdb_ctx {
char *ldb_file;
};
-struct sysdb_ctx_list {
- struct sysdb_ctx **dbs;
- size_t num_dbs;
-
- char *db_path;
-};
-
#endif /* __INT_SYS_DB_H__ */
--
1.7.4.1
_______________________________________________
sssd-devel mailing list
sssd-devel@lists.fedorahosted.org
https://fedorahosted.org/mailman/listinfo/sssd-devel
