URL: https://github.com/SSSD/sssd/pull/596 Author: amitkumar50 Title: #596: [CONFDB]:[RFE] Add "enabled" option to domain section Action: opened
PR body: """ Upstream Request: Instead of enabling domains using the "domains" option in [sssd] section we could have [domain/*] option "enabled". This would allow admins to configure and enable domain in the same snippet file. This Fix would be submitted in 2 patches: Patch-1(This Patch): - Introduces 'enabled' option in domain section - Introduces 'CONFDB_DOMAIN_ENABLED' variable to retrieve enabled value from confdb - Code to call start_service() routine only for domains having enabled=1 Patch-2(Upcoming): - Would remove 'domains' option from sssd section. - Would remove corresponding code to parse 'domains' option - Providing a check that atlest One domain have enabled option set. Resolves: https://pagure.io/SSSD/sssd/issue/3735 """ To pull the PR as Git branch: git remote add ghsssd https://github.com/SSSD/sssd git fetch ghsssd pull/596/head:pr596 git checkout pr596
From 668601b30c80bfd792490c5b8c4815654b20b8fe Mon Sep 17 00:00:00 2001 From: Amit Kumar <amitk...@redhat.com> Date: Mon, 11 Jun 2018 17:26:16 +0530 Subject: [PATCH] [CONFDB]:[RFE] Add "enabled" option to domain section Upstream Request: Instead of enabling domains using the "domains" option in [sssd] section we could have [domain/*] option "enabled". This would allow admins to configure and enable domain in the same snippet file. This Fix would be submitted in 2 patches: Patch-1(This Patch): - Introduces 'enabled' option in domain section - Introduces 'CONFDB_DOMAIN_ENABLED' variable to retrieve enabled value from confdb - Code to call start_service() routine only for domains having enabled=1 Patch-2(Upcoming): - Would remove 'domains' option from sssd section. - Would remove corresponding code to parse 'domains' option - Providing a check that atlest One domain have enabled option set. Resolves: https://pagure.io/SSSD/sssd/issue/3735 --- src/confdb/confdb.h | 1 + src/config/cfg_rules.ini | 1 + src/monitor/monitor.c | 35 +++++++++++++++++++++++++++++------ 3 files changed, 31 insertions(+), 6 deletions(-) diff --git a/src/confdb/confdb.h b/src/confdb/confdb.h index 8af625f01..bc96a5006 100644 --- a/src/confdb/confdb.h +++ b/src/confdb/confdb.h @@ -232,6 +232,7 @@ #define CONFDB_DOMAIN_TYPE_POSIX "posix" #define CONFDB_DOMAIN_TYPE_APP "application" #define CONFDB_DOMAIN_INHERIT_FROM "inherit_from" +#define CONFDB_DOMAIN_ENABLED "enabled" /* Local Provider */ #define CONFDB_LOCAL_DEFAULT_SHELL "default_shell" diff --git a/src/config/cfg_rules.ini b/src/config/cfg_rules.ini index 551322780..776566b55 100644 --- a/src/config/cfg_rules.ini +++ b/src/config/cfg_rules.ini @@ -383,6 +383,7 @@ option = wildcard_limit option = full_name_format option = re_expression option = auto_private_groups +option = enabled #Entry cache timeouts option = entry_cache_user_timeout diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c index ca5c79924..c1d94f29f 100644 --- a/src/monitor/monitor.c +++ b/src/monitor/monitor.c @@ -1964,9 +1964,12 @@ static int monitor_process_init(struct mt_ctx *ctx, struct tevent_timer *te; struct sss_domain_info *dom; char *rcachedir; + char *conf_path; int num_providers; int ret; + int ret_en; int error; + int enabled; bool disable_netlink; struct sysdb_upgrade_ctx db_up_ctx; @@ -2096,17 +2099,37 @@ static int monitor_process_init(struct mt_ctx *ctx, } } + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n"); + return ENOMEM; + } + /* start providers */ num_providers = 0; for (dom = ctx->domains; dom; dom = get_next_domain(dom, 0)) { - ret = add_new_provider(ctx, dom->name, 0); - if (ret != EOK && ret != ENOENT) { + conf_path = talloc_asprintf(tmp_ctx, CONFDB_DOMAIN_PATH_TMPL, + dom->name); + + ret_en = confdb_get_int(ctx->cdb, conf_path, + CONFDB_DOMAIN_ENABLED, 0, + &enabled); + + if (ret_en != EOK) { + DEBUG(SSSDBG_OP_FAILURE, "Cannot parse enabled from domain section"); + } + + if (enabled) { + ret = add_new_provider(ctx, dom->name, 0); + if (ret != EOK && ret != ENOENT) { return ret; - } - if (ret != ENOENT) { - num_providers++; - } + } + if (ret != ENOENT) { + num_providers++; + } + } } + talloc_zfree(tmp_ctx); if (num_providers > 0) { /* now set the services startup timeout *
_______________________________________________ sssd-devel mailing list -- sssd-devel@lists.fedorahosted.org To unsubscribe send an email to sssd-devel-le...@lists.fedorahosted.org Fedora Code of Conduct: https://getfedora.org/code-of-conduct.html List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines List Archives: https://lists.fedoraproject.org/archives/list/sssd-devel@lists.fedorahosted.org/message/TKU6XNLVZHXJVO6JM3O4ALPL3KZ57UN4/