3411 lines
141 KiB
Diff
3411 lines
141 KiB
Diff
|
From 69ef1cf763fca6b2c7174ddacf3f510c73cc27e6 Mon Sep 17 00:00:00 2001
|
||
|
From: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon, 28 Dec 2020 19:36:48 +0100
|
||
|
Subject: [PATCH] Squashed commit of the following:
|
||
|
|
||
|
commit bd2f38abe95645b9b16b12d12dac6008b0d2a03b
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Tue Dec 15 18:47:25 2020 +0100
|
||
|
|
||
|
UTIL: find_domain_by_object_name_ex() changed log level
|
||
|
|
||
|
It's up to user of this function to judge if fail to parse fqname is
|
||
|
a critical error.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 0db68a1f95612fcbad18ca8107a4b170f446dd59
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Tue Dec 15 17:26:09 2020 +0100
|
||
|
|
||
|
LDAP: sdap_save_grpmem(): log level changed
|
||
|
|
||
|
There are legitimate reasons when sdap_save_grpmem() can be called
|
||
|
with `ignore_group_members = true`
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 00e3ac4a4f9b6c8da27daa3ed8c18664c99256bb
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Dec 13 23:21:37 2020 +0100
|
||
|
|
||
|
LDAP: reduce log level in case of fail to store members of missing group (it might be built-in skipped intentionally)
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit dba7de0db3cbaee43ef06a1b7c847fbcf48f3708
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Dec 13 22:37:44 2020 +0100
|
||
|
|
||
|
SYSDB: changed logging in sysdb_get_real_name()
|
||
|
|
||
|
Missing cache entry isn't an error.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit e86599ba079611ed324ff1493a7173d11c1a7961
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Dec 13 22:22:36 2020 +0100
|
||
|
|
||
|
IPA: changed logging in ipa_get_subdom_acct_send()
|
||
|
|
||
|
Frontends do not know what kind of lookup the backends support
|
||
|
so it is expected that they might send unsupported requests.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit bf873598a9d4ac8256b20859c0d92fb509861b6b
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Dec 13 20:29:07 2020 +0100
|
||
|
|
||
|
IPA: ignore failed group search in certain cases
|
||
|
|
||
|
It's currently expected to see those messages with sudo or HBAC rules in play.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 60b17be9e4f4865fe1774076808a6c783a7ec906
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Dec 13 19:36:56 2020 +0100
|
||
|
|
||
|
SYSDB: changed log level in sysdb_update_members_ex()
|
||
|
|
||
|
Fail to add already existing member isn't critical.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 9390af3c2d1b33e2b5ded0ea0c6c436b9776cedc
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sat Dec 12 21:29:06 2020 +0100
|
||
|
|
||
|
IPA: reduce log level in apply_subdomain_homedir()
|
||
|
|
||
|
Missing UID for SYSDB_GROUP_CLASS is not an error
|
||
|
(see commit message of e66517dcf63f1d4aaf866c22371dac7740ce0a48 for
|
||
|
additional details)
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 9215cf4e2519d5f085bf97f26a74d499090e46e1
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sat Dec 12 20:46:40 2020 +0100
|
||
|
|
||
|
CERTMAP: removed stray debug message
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 0986cf6ced8c4e09b8031d19eddffca679aca30c
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Thu Dec 3 21:06:31 2020 +0100
|
||
|
|
||
|
UTIL: fixed bug in server_setup() that prevented setting debug level to 0 explicitly
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 644453f8d93540a91236683015f3418d29c6d95a
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Tue Dec 1 13:03:03 2020 +0100
|
||
|
|
||
|
LOGS: default log level changed to <= SSSDBG_OP_FAILURE
|
||
|
|
||
|
:config: New default value of `debug_level` is 0x0070
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 4fe060abbe958c2f9b5aa44e489620063029aa0b
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 22:19:46 2020 +0100
|
||
|
|
||
|
FILES: reduced debug level in refresh_override_attrs() if case "No overrides, nothing to do"
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 29f243fd5b256efe3c7f4e4f0940c7d0ae6b4fa1
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 22:07:01 2020 +0100
|
||
|
|
||
|
AD: reduced log level in case check_if_pac_is_available() can't find user entry. This is typical situation when, for example, INITGROUPS lookup is executed for uncached user.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit ed6ec569780ad8203c4990faed5a9f0dc27dd12b
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 21:13:28 2020 +0100
|
||
|
|
||
|
SDAP: reduced log level in case group without members
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 26fdc3c8f0ae6493442ea291d9bf36ba148ef209
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 21:06:19 2020 +0100
|
||
|
|
||
|
CACHE_REQ: reduced log level in cache_req_object_by_name_well_known() Non fqdn input isn't necessarily an error here.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit a7b145b99b9f71ad3d02251fff5b587041c9f1ab
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 20:27:44 2020 +0100
|
||
|
|
||
|
LDAP: reduced log level in hosts_get_done()
|
||
|
|
||
|
Absent host in LDAP server isn't SSSD failure.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 6e3b4d745fc8d2de14d69aa30bc21aa549a435f8
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 16:45:51 2020 +0100
|
||
|
|
||
|
SBUS: reduced log level in case of unexpected signal
|
||
|
|
||
|
Most probably module is not fully initialized yet.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 90dae38d7442757b8a51f91a6ba3fb83f99320a1
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 11:39:56 2020 +0100
|
||
|
|
||
|
RESPONDER: reduce log level in sss_parse_inp_done() in case of "Unknown domain" since this might be search by UPN
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 69aa3e8c4b82a06e45ba59eb1c17af252aa971ce
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 01:05:52 2020 +0100
|
||
|
|
||
|
DP: do not log failure in case provider doesn't support check_online method
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 1af89925e62cccacb2957f55b16988a5e71fe5e1
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 00:28:08 2020 +0100
|
||
|
|
||
|
IPA: corrected confusing message
|
||
|
|
||
|
Log message like:
|
||
|
```
|
||
|
sysdb_getpwnam() got more users than expected. Expected [1], got [0]
|
||
|
```
|
||
|
looks a bit confusing.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit a419b7e673d2de571d873b79be31b1ae2fa89832
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 30 00:13:31 2020 +0100
|
||
|
|
||
|
SSS_IFACE: corrected misleading return code
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 99e44d9db41f5bb56281ed65d815c32139195931
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Nov 29 22:55:07 2020 +0100
|
||
|
|
||
|
LDAP: added missed \n in log message
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 52dc85540e621b00f358fea94e2e390d580948d8
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Nov 29 21:42:08 2020 +0100
|
||
|
|
||
|
SYSDB: reduce log level in sysdb_update_members_ex() in case failed attempt to DEL unexisting attribute
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit a7b6413d9fb870f51f09955bdceee01952442c63
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Nov 29 21:32:46 2020 +0100
|
||
|
|
||
|
UTIL: sss_ldb_error_to_errno() improved
|
||
|
|
||
|
LDB_ERR_NO_SUCH_ATTRIBUTE error code was added to mapping and log level
|
||
|
for unknown error code was reduced.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit ac22859006b5658017b2720ca3e02d34c5beecdd
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Sun Nov 29 17:03:58 2020 +0100
|
||
|
|
||
|
PAM: reduce log level in may_do_cert_auth()
|
||
|
|
||
|
Reduce log level in may_do_cert_auth() as this is not a critical failure
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 5068655a67f88cb1730f28689c5effee264321ad
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 21:45:53 2020 +0100
|
||
|
|
||
|
UTIL: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 3cbd0465b52f9bbb7e20b0b12e154f51bab0866e
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 21:12:16 2020 +0100
|
||
|
|
||
|
PAM: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit f028253ff87bf11ed034ad5acf1f67e8863bed60
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 20:59:13 2020 +0100
|
||
|
|
||
|
NSS: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit f457a1a69240381ad7637a09dc66c1aeb78e1d18
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 20:33:11 2020 +0100
|
||
|
|
||
|
IFP: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 058644f2ef6d1958db657d371158d2df7798dd49
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 20:21:55 2020 +0100
|
||
|
|
||
|
RESPONDER: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 01ba32f250a0e51771471c52440c11f6f05f2a48
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 20:15:22 2020 +0100
|
||
|
|
||
|
CACHE_REQ: debug message correction
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 018c08acbb3bbb836c9acefaf5c384eb9231a60a
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 20:05:06 2020 +0100
|
||
|
|
||
|
AUTOFS: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit fb052a4c9843ce518a7202d842c43631f8bbfd2d
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 19:57:00 2020 +0100
|
||
|
|
||
|
RESOLV: debug message correction
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit d91409df456f9ad7aad39d0cad0ed053cf1f3653
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 27 19:49:14 2020 +0100
|
||
|
|
||
|
PROXY: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit ff8f44ce2d2eedb098d980793a949f7f7e55576a
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 20 19:46:28 2020 +0100
|
||
|
|
||
|
LDAP: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 9244820af59ba6b947cf9aa1269d03bb6f2e4f38
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Fri Nov 20 19:22:36 2020 +0100
|
||
|
|
||
|
KRB5: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 667b983aaee380c50d50ef07542b004e60041581
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Thu Nov 19 18:31:28 2020 +0100
|
||
|
|
||
|
IPA: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 2f70695a874dcb84d4b86773138a5a6b6259958f
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 22:12:21 2020 +0100
|
||
|
|
||
|
DP: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit d6f6f053d7a97a220b52ce92fd653eef8cec5a74
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 21:37:38 2020 +0100
|
||
|
|
||
|
AD: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 85d8adc4d24f09e47f2a9c0fa595d90c61036b18
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 19:09:33 2020 +0100
|
||
|
|
||
|
P11_CHILD: severity level of few debug messages adjusted
|
||
|
|
||
|
Severity level of few debug messages was adjusted and journal message
|
||
|
in case of disabled certificate verification was added.
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit fe0530ef96baa8fd39ce6b87c0c760e17c5eb6f8
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 16:28:43 2020 +0100
|
||
|
|
||
|
MONITOR: severity level of few debug messages adjusted
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit daa5454f870a5436a554091a1333cc8be0cbc566
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 16:02:23 2020 +0100
|
||
|
|
||
|
SYSDB:views: few debug message corrections
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 82dc14b027f9115cabafce71d2b385d5c7d1dd4f
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 15:56:46 2020 +0100
|
||
|
|
||
|
SYSDB:upgrade: debug message corrected
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit e731368ed9cea9b35d0ae654e1534084c6ef4642
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 15:50:08 2020 +0100
|
||
|
|
||
|
SYSDB:service: severity level of few debug messages adjusted
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit f55c9599068c43037a8b666af92ba9b8a044f735
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 15:32:21 2020 +0100
|
||
|
|
||
|
SYSDB:selinux: debug message severity level was adjusted
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 744582419abfd6e5665315748d44e732f1d56f13
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 15:30:45 2020 +0100
|
||
|
|
||
|
SYSDB:search: few debug messages were corrected
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit 033c31a2a4994367edea1ded8303a0d2dbc59b1c
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 15:19:46 2020 +0100
|
||
|
|
||
|
SYSDB:ops: few debug messages were corrected
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit a73df70ee0bcc8f1b80a2e20132592724bd5f675
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Wed Nov 18 13:19:25 2020 +0100
|
||
|
|
||
|
SYSDB:ipnetworks: severity level of few debug messages adjusted
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit b4acf71d0a81aeeb2754645d2798ce1e927121f3
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 16 21:18:14 2020 +0100
|
||
|
|
||
|
SYSDB:iphosts: severity level of few debug messages adjusted
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit d8af1db84b48193a546bbeec84a7dd7e2b132244
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 16 20:05:12 2020 +0100
|
||
|
|
||
|
SYSDB:sudo: changed debug message to be consistent
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit df723cb98b406b0262f04d0e43e8e5bf0030074f
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 16 19:10:41 2020 +0100
|
||
|
|
||
|
SYSDB: wrong debug message corrected
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
|
||
|
commit e350d917e6d48c1d13502ab2849d3e2a0815215e
|
||
|
Author: Alexey Tikhonov <atikhono@redhat.com>
|
||
|
Date: Mon Nov 16 18:13:26 2020 +0100
|
||
|
|
||
|
SYSDB:autofs: cosmetic updates
|
||
|
|
||
|
Reviewed-by: Pawel Polawski <ppolawsk@redhat.com>
|
||
|
Reviewed-by: Sumit Bose <sbose@redhat.com>
|
||
|
---
|
||
|
src/db/sysdb.c | 2 +-
|
||
|
src/db/sysdb_autofs.c | 4 +-
|
||
|
src/db/sysdb_iphosts.c | 10 ++---
|
||
|
src/db/sysdb_ipnetworks.c | 6 +--
|
||
|
src/db/sysdb_ops.c | 37 ++++++++++++------
|
||
|
src/db/sysdb_search.c | 17 ++++++---
|
||
|
src/db/sysdb_selinux.c | 2 +-
|
||
|
src/db/sysdb_services.c | 6 +--
|
||
|
src/db/sysdb_sudo.c | 3 +-
|
||
|
src/db/sysdb_upgrade.c | 2 +-
|
||
|
src/db/sysdb_views.c | 6 +--
|
||
|
src/lib/certmap/sss_certmap_krb5_match.c | 1 -
|
||
|
src/man/include/debug_levels.xml | 3 +-
|
||
|
src/man/include/debug_levels_tools.xml | 3 +-
|
||
|
src/monitor/monitor.c | 14 +++----
|
||
|
src/p11_child/p11_child_common.c | 2 +-
|
||
|
src/p11_child/p11_child_common_utils.c | 3 ++
|
||
|
src/p11_child/p11_child_openssl.c | 4 +-
|
||
|
src/providers/ad/ad_cldap_ping.c | 2 +-
|
||
|
src/providers/ad/ad_common.c | 7 ++--
|
||
|
src/providers/ad/ad_dyndns.c | 6 +--
|
||
|
src/providers/ad/ad_gpo.c | 16 +++++---
|
||
|
src/providers/ad/ad_machine_pw_renewal.c | 7 ++--
|
||
|
src/providers/ad/ad_pac.c | 6 ++-
|
||
|
src/providers/ad/ad_subdomains.c | 2 +-
|
||
|
src/providers/be_dyndns.c | 3 +-
|
||
|
src/providers/be_ptask.c | 2 +-
|
||
|
src/providers/be_refresh.c | 3 +-
|
||
|
src/providers/data_provider/dp.c | 4 +-
|
||
|
src/providers/data_provider/dp_target_sudo.c | 10 +++--
|
||
|
src/providers/data_provider_be.c | 5 +--
|
||
|
src/providers/data_provider_fo.c | 2 +-
|
||
|
src/providers/data_provider_opts.c | 6 +--
|
||
|
src/providers/data_provider_req.h | 1 +
|
||
|
src/providers/files/files_ops.c | 2 +-
|
||
|
src/providers/ipa/ipa_access.c | 2 +-
|
||
|
src/providers/ipa/ipa_common.c | 5 +--
|
||
|
src/providers/ipa/ipa_hbac_common.c | 2 +-
|
||
|
src/providers/ipa/ipa_hbac_services.c | 4 +-
|
||
|
src/providers/ipa/ipa_hbac_users.c | 4 +-
|
||
|
src/providers/ipa/ipa_id.c | 2 +-
|
||
|
src/providers/ipa/ipa_init.c | 4 +-
|
||
|
src/providers/ipa/ipa_s2n_exop.c | 3 +-
|
||
|
src/providers/ipa/ipa_selinux.c | 4 +-
|
||
|
src/providers/ipa/ipa_session.c | 4 +-
|
||
|
src/providers/ipa/ipa_subdomains_ext_groups.c | 3 +-
|
||
|
src/providers/ipa/ipa_subdomains_id.c | 38 +++++++++++++------
|
||
|
src/providers/ipa/ipa_subdomains_server.c | 11 +++---
|
||
|
src/providers/ipa/ipa_sudo.c | 14 +++----
|
||
|
src/providers/ipa/ipa_sudo_async.c | 10 ++---
|
||
|
src/providers/ipa/ipa_sudo_conversion.c | 6 +--
|
||
|
src/providers/ipa/ipa_views.c | 4 +-
|
||
|
src/providers/krb5/krb5_access.c | 3 +-
|
||
|
src/providers/krb5/krb5_auth.c | 4 +-
|
||
|
src/providers/krb5/krb5_child.c | 25 ++++++------
|
||
|
src/providers/krb5/krb5_child_handler.c | 4 +-
|
||
|
src/providers/krb5/krb5_common.c | 6 +--
|
||
|
.../krb5/krb5_delayed_online_authentication.c | 4 +-
|
||
|
src/providers/krb5/krb5_renew_tgt.c | 4 +-
|
||
|
src/providers/krb5/krb5_utils.c | 2 +-
|
||
|
src/providers/ldap/ldap_auth.c | 12 +++---
|
||
|
src/providers/ldap/ldap_child.c | 2 +-
|
||
|
src/providers/ldap/ldap_init.c | 4 +-
|
||
|
src/providers/ldap/ldap_options.c | 8 ++--
|
||
|
src/providers/ldap/sdap.c | 28 +++++++++-----
|
||
|
src/providers/ldap/sdap_access.c | 11 +++---
|
||
|
src/providers/ldap/sdap_async.c | 9 +++--
|
||
|
src/providers/ldap/sdap_async_autofs.c | 2 +-
|
||
|
src/providers/ldap/sdap_async_connection.c | 6 +--
|
||
|
src/providers/ldap/sdap_async_groups.c | 27 ++++++++-----
|
||
|
src/providers/ldap/sdap_async_initgroups.c | 6 ++-
|
||
|
src/providers/ldap/sdap_async_initgroups_ad.c | 2 +-
|
||
|
src/providers/ldap/sdap_async_sudo.c | 4 +-
|
||
|
src/providers/ldap/sdap_child_helpers.c | 6 +--
|
||
|
src/providers/ldap/sdap_hostid.c | 2 +-
|
||
|
src/providers/ldap/sdap_id_op.c | 2 +-
|
||
|
src/providers/proxy/proxy_auth.c | 6 +--
|
||
|
src/providers/proxy/proxy_child.c | 8 ++--
|
||
|
src/providers/proxy/proxy_client.c | 2 +-
|
||
|
src/providers/proxy/proxy_id.c | 6 +--
|
||
|
src/resolv/async_resolv.c | 2 +-
|
||
|
src/responder/autofs/autofssrv.c | 2 +-
|
||
|
src/responder/autofs/autofssrv_cmd.c | 6 +--
|
||
|
src/responder/common/cache_req/cache_req.c | 2 +-
|
||
|
.../plugins/cache_req_object_by_name.c | 4 +-
|
||
|
src/responder/common/responder_common.c | 4 +-
|
||
|
src/responder/common/responder_get_domains.c | 2 +-
|
||
|
src/responder/common/responder_iface.c | 4 +-
|
||
|
src/responder/ifp/ifp_iface/ifp_iface.c | 2 +-
|
||
|
src/responder/ifp/ifpsrv.c | 8 ++--
|
||
|
src/responder/ifp/ifpsrv_util.c | 2 +-
|
||
|
src/responder/nss/nss_cmd.c | 20 +++++-----
|
||
|
src/responder/nss/nss_iface.c | 4 +-
|
||
|
src/responder/nss/nss_protocol_netgr.c | 2 +-
|
||
|
src/responder/nss/nsssrv.c | 2 +-
|
||
|
src/responder/pam/pamsrv_cmd.c | 2 +-
|
||
|
src/responder/pam/pamsrv_p11.c | 4 +-
|
||
|
src/sbus/router/sbus_router_handler.c | 3 +-
|
||
|
src/sss_iface/sss_iface.c | 4 +-
|
||
|
src/util/child_common.c | 2 +-
|
||
|
src/util/debug.h | 4 +-
|
||
|
src/util/domain_info_utils.c | 2 +-
|
||
|
src/util/server.c | 15 +++++---
|
||
|
src/util/sss_sockets.c | 2 +-
|
||
|
src/util/string_utils.c | 2 +-
|
||
|
src/util/util_errors.c | 3 +-
|
||
|
106 files changed, 364 insertions(+), 279 deletions(-)
|
||
|
|
||
|
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
|
||
|
index d0052d99b..d78991e36 100644
|
||
|
--- a/src/db/sysdb.c
|
||
|
+++ b/src/db/sysdb.c
|
||
|
@@ -1489,7 +1489,7 @@ errno_t sysdb_attrs_primary_name(struct sysdb_ctx *sysdb,
|
||
|
* decide which name is correct.
|
||
|
*/
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Cannot save entry. Unable to determine groupname\n");
|
||
|
+ "Can't match the name to the RDN\n");
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/db/sysdb_autofs.c b/src/db/sysdb_autofs.c
|
||
|
index 413b00722..1febdaec5 100644
|
||
|
--- a/src/db/sysdb_autofs.c
|
||
|
+++ b/src/db/sysdb_autofs.c
|
||
|
@@ -243,14 +243,14 @@ sysdb_get_map_byname(TALLOC_CTX *mem_ctx,
|
||
|
"Error looking up autofs map [%s]\n", safe_map_name);
|
||
|
goto done;
|
||
|
} else if (ret == ENOENT) {
|
||
|
- DEBUG(SSSDBG_TRACE_FUNC, "No such map\n");
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "No such map [%s]\n", safe_map_name);
|
||
|
*_map = NULL;
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
if (count != 1) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "More than one map named %s\n", safe_map_name);
|
||
|
+ "More than one map named [%s]\n", safe_map_name);
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/db/sysdb_iphosts.c b/src/db/sysdb_iphosts.c
|
||
|
index b82279787..d3ee8f1a9 100644
|
||
|
--- a/src/db/sysdb_iphosts.c
|
||
|
+++ b/src/db/sysdb_iphosts.c
|
||
|
@@ -222,14 +222,14 @@ sysdb_store_host(struct sss_domain_info *domain,
|
||
|
* sort it out.
|
||
|
*/
|
||
|
for (j = 0; j < res->count; j++) {
|
||
|
- DEBUG(SSSDBG_TRACE_FUNC,
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Corrupt cache entry [%s] detected. Deleting\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[j]->dn));
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[j]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete corrupt cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[j]->dn));
|
||
|
@@ -262,7 +262,7 @@ sysdb_store_host(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[0]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[0]->dn));
|
||
|
@@ -298,7 +298,7 @@ sysdb_store_host(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[i]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete corrupt cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[i]->dn));
|
||
|
@@ -318,7 +318,7 @@ sysdb_store_host(struct sss_domain_info *domain,
|
||
|
/* Delete the entry from the previous pass */
|
||
|
ret = sysdb_delete_entry(sysdb, update_dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
update_dn));
|
||
|
diff --git a/src/db/sysdb_ipnetworks.c b/src/db/sysdb_ipnetworks.c
|
||
|
index 326f984b7..9da4d9b23 100644
|
||
|
--- a/src/db/sysdb_ipnetworks.c
|
||
|
+++ b/src/db/sysdb_ipnetworks.c
|
||
|
@@ -261,7 +261,7 @@ sysdb_store_ipnetwork(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[0]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[0]->dn));
|
||
|
@@ -296,7 +296,7 @@ sysdb_store_ipnetwork(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[i]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete corrupt cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[i]->dn));
|
||
|
@@ -315,7 +315,7 @@ sysdb_store_ipnetwork(struct sss_domain_info *domain,
|
||
|
/* Delete the entry from the previous pass */
|
||
|
ret = sysdb_delete_entry(sysdb, update_dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
update_dn));
|
||
|
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
|
||
|
index 3412b9cd1..585708abe 100644
|
||
|
--- a/src/db/sysdb_ops.c
|
||
|
+++ b/src/db/sysdb_ops.c
|
||
|
@@ -157,7 +157,7 @@ static int sysdb_delete_cache_entry(struct ldb_context *ldb,
|
||
|
/* fall through */
|
||
|
SSS_ATTRIBUTE_FALLTHROUGH;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "LDB Error: %s(%d)\nError Message: [%s]\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "LDB Error: %s (%d); error message: [%s]\n",
|
||
|
ldb_strerror(ret), ret, ldb_errstring(ldb));
|
||
|
return sysdb_error_to_errno(ret);
|
||
|
}
|
||
|
@@ -3420,7 +3420,7 @@ int sysdb_search_custom(TALLOC_CTX *mem_ctx,
|
||
|
goto done;
|
||
|
}
|
||
|
if (!ldb_dn_validate(basedn)) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create DN.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Syntactically invalid subtree DN.\n");
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -3463,7 +3463,7 @@ int sysdb_search_custom_by_name(TALLOC_CTX *mem_ctx,
|
||
|
goto done;
|
||
|
}
|
||
|
if (!ldb_dn_validate(basedn)) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to create DN.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Syntactically invalid DN.\n");
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -3545,7 +3545,7 @@ errno_t sysdb_search_by_orig_dn(TALLOC_CTX *mem_ctx,
|
||
|
default:
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Trying to perform a search by orig_dn using a "
|
||
|
- "non-supported type\n");
|
||
|
+ "non-supported type %d\n", type);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -3690,8 +3690,9 @@ int sysdb_delete_custom(struct sss_domain_info *domain,
|
||
|
break;
|
||
|
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "LDB Error: %s(%d)\nError Message: [%s]\n",
|
||
|
- ldb_strerror(ret), ret, ldb_errstring(domain->sysdb->ldb));
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "ldb_delete failed: %s (%d); error Message: [%s]\n",
|
||
|
+ ldb_strerror(ret), ret, ldb_errstring(domain->sysdb->ldb));
|
||
|
ret = sysdb_error_to_errno(ret);
|
||
|
break;
|
||
|
}
|
||
|
@@ -4927,9 +4928,15 @@ static errno_t sysdb_update_members_ex(struct sss_domain_info *domain,
|
||
|
ret = sysdb_add_group_member(domain, add_groups[i],
|
||
|
member, type, is_dn);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Could not add member [%s] to group [%s]. "
|
||
|
- "Skipping.\n", member, add_groups[i]);
|
||
|
+ if (ret != EEXIST) {
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Could not add member [%s] to group [%s]. "
|
||
|
+ "Skipping.\n", member, add_groups[i]);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
+ "Group [%s] already has member [%s]. Skipping.\n",
|
||
|
+ add_groups[i], member);
|
||
|
+ }
|
||
|
/* Continue on, we should try to finish the rest */
|
||
|
}
|
||
|
}
|
||
|
@@ -4941,9 +4948,15 @@ static errno_t sysdb_update_members_ex(struct sss_domain_info *domain,
|
||
|
ret = sysdb_remove_group_member(domain, del_groups[i],
|
||
|
member, type, is_dn);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Could not remove member [%s] from group [%s]. "
|
||
|
- "Skipping\n", member, del_groups[i]);
|
||
|
+ if (ret != ENOENT) {
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Could not remove member [%s] from group [%s]. "
|
||
|
+ "Skipping\n", member, del_groups[i]);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
+ "No member [%s] in group [%s]. "
|
||
|
+ "Skipping\n", member, del_groups[i]);
|
||
|
+ }
|
||
|
/* Continue on, we should try to finish the rest */
|
||
|
}
|
||
|
}
|
||
|
diff --git a/src/db/sysdb_search.c b/src/db/sysdb_search.c
|
||
|
index 4ff65c1ae..0cd8321cb 100644
|
||
|
--- a/src/db/sysdb_search.c
|
||
|
+++ b/src/db/sysdb_search.c
|
||
|
@@ -2393,7 +2393,7 @@ errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx,
|
||
|
} else if (mtype == SYSDB_MEMBER_GROUP) {
|
||
|
dn = sysdb_group_strdn(tmp_ctx, dom->name, name);
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown member type\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unknown member type %d\n", mtype);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -2453,13 +2453,14 @@ errno_t sysdb_get_direct_parents(TALLOC_CTX *mem_ctx,
|
||
|
tmp_str = ldb_msg_find_attr_as_string(direct_sysdb_groups[i],
|
||
|
SYSDB_NAME, NULL);
|
||
|
if (!tmp_str) {
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "A group with no name?\n");
|
||
|
/* This should never happen, but if it does, just continue */
|
||
|
continue;
|
||
|
}
|
||
|
|
||
|
direct_parents[pi] = talloc_strdup(direct_parents, tmp_str);
|
||
|
if (!direct_parents[pi]) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "A group with no name?\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup() failed\n");
|
||
|
ret = EIO;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -2522,8 +2523,13 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
|
||
|
}
|
||
|
if (ret != EOK) {
|
||
|
/* User cannot be found in cache */
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Cannot find user [%s] in cache\n",
|
||
|
- name_or_upn_or_sid);
|
||
|
+ if (ret != ENOENT) {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "Failed to find user [%s] in cache: %d\n",
|
||
|
+ name_or_upn_or_sid, ret);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "User [%s] is missing in cache\n",
|
||
|
+ name_or_upn_or_sid);
|
||
|
+ }
|
||
|
goto done;
|
||
|
}
|
||
|
} else if (res->count == 1) {
|
||
|
@@ -2537,7 +2543,8 @@ errno_t sysdb_get_real_name(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
cname = ldb_msg_find_attr_as_string(msg, SYSDB_NAME, NULL);
|
||
|
if (!cname) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "A user with no name?\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "User '%s' without a name?\n", name_or_upn_or_sid);
|
||
|
ret = ENOENT;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/db/sysdb_selinux.c b/src/db/sysdb_selinux.c
|
||
|
index 88ac88786..535411950 100644
|
||
|
--- a/src/db/sysdb_selinux.c
|
||
|
+++ b/src/db/sysdb_selinux.c
|
||
|
@@ -234,7 +234,7 @@ errno_t sysdb_delete_usermaps(struct sss_domain_info *domain)
|
||
|
ret = sysdb_delete_recursive(sysdb, dn, true);
|
||
|
talloc_free(dn);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_delete_recursive failed.\n");
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_delete_recursive failed.\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/db/sysdb_services.c b/src/db/sysdb_services.c
|
||
|
index 8118fef00..ac17f4704 100644
|
||
|
--- a/src/db/sysdb_services.c
|
||
|
+++ b/src/db/sysdb_services.c
|
||
|
@@ -252,7 +252,7 @@ sysdb_store_service(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[0]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[0]->dn));
|
||
|
@@ -290,7 +290,7 @@ sysdb_store_service(struct sss_domain_info *domain,
|
||
|
|
||
|
ret = sysdb_delete_entry(sysdb, res->msgs[i]->dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete corrupt cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
res->msgs[i]->dn));
|
||
|
@@ -310,7 +310,7 @@ sysdb_store_service(struct sss_domain_info *domain,
|
||
|
/* Delete the entry from the previous pass */
|
||
|
ret = sysdb_delete_entry(sysdb, update_dn, true);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Could not delete cache entry [%s]\n",
|
||
|
ldb_dn_canonical_string(tmp_ctx,
|
||
|
update_dn));
|
||
|
diff --git a/src/db/sysdb_sudo.c b/src/db/sysdb_sudo.c
|
||
|
index 03eec9c70..1626b612d 100644
|
||
|
--- a/src/db/sysdb_sudo.c
|
||
|
+++ b/src/db/sysdb_sudo.c
|
||
|
@@ -480,7 +480,8 @@ sysdb_get_sudo_user_info(TALLOC_CTX *mem_ctx,
|
||
|
sss_get_cased_name(sysdb_groupnames, groupname,
|
||
|
domain->case_sensitive);
|
||
|
if (sysdb_groupnames[num_groups] == NULL) {
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE, "Cannot strdup %s\n", groupname);
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "sss_get_cased_name() failed for '%s'\n", groupname);
|
||
|
continue;
|
||
|
}
|
||
|
num_groups++;
|
||
|
diff --git a/src/db/sysdb_upgrade.c b/src/db/sysdb_upgrade.c
|
||
|
index 03a0e6173..99213260c 100644
|
||
|
--- a/src/db/sysdb_upgrade.c
|
||
|
+++ b/src/db/sysdb_upgrade.c
|
||
|
@@ -2455,7 +2455,7 @@ int sysdb_upgrade_19(struct sysdb_ctx *sysdb, const char **ver)
|
||
|
|
||
|
ret = add_object_category(sysdb->ldb, ctx);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "add_object_category failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "add_object_category failed: %d\n", ret);
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/db/sysdb_views.c b/src/db/sysdb_views.c
|
||
|
index 00da74047..269dab70f 100644
|
||
|
--- a/src/db/sysdb_views.c
|
||
|
+++ b/src/db/sysdb_views.c
|
||
|
@@ -556,12 +556,12 @@ errno_t sysdb_store_override(struct sss_domain_info *domain,
|
||
|
if (ret == ENOENT) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE, "Object to override does not exists.\n");
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_search_entry failed.\n");
|
||
|
}
|
||
|
goto done;
|
||
|
}
|
||
|
if (count != 1) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Base searched returned more than one object.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Base search returned more than one object.\n");
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -660,7 +660,7 @@ errno_t sysdb_store_override(struct sss_domain_info *domain,
|
||
|
SYSDB_OVERRIDE_GROUP_CLASS);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected object type.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected object type %d.\n", type);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/lib/certmap/sss_certmap_krb5_match.c b/src/lib/certmap/sss_certmap_krb5_match.c
|
||
|
index 640930747..ab566ac99 100644
|
||
|
--- a/src/lib/certmap/sss_certmap_krb5_match.c
|
||
|
+++ b/src/lib/certmap/sss_certmap_krb5_match.c
|
||
|
@@ -220,7 +220,6 @@ static int parse_krb5_get_eku_value(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
for (c = 0; eku_list[c] != NULL; c++) {
|
||
|
for (k = 0; sss_ext_key_usage[k].name != NULL; k++) {
|
||
|
-CM_DEBUG(ctx, "[%s][%s].", eku_list[c], sss_ext_key_usage[k].name);
|
||
|
if (strcasecmp(eku_list[c], sss_ext_key_usage[k].name) == 0) {
|
||
|
comp->eku_oid_list[e] = talloc_strdup(comp->eku_oid_list,
|
||
|
sss_ext_key_usage[k].oid);
|
||
|
diff --git a/src/man/include/debug_levels.xml b/src/man/include/debug_levels.xml
|
||
|
index b5e13ba3e..0d9cc17be 100644
|
||
|
--- a/src/man/include/debug_levels.xml
|
||
|
+++ b/src/man/include/debug_levels.xml
|
||
|
@@ -100,6 +100,7 @@
|
||
|
introduced in 1.7.0.
|
||
|
</para>
|
||
|
<para>
|
||
|
- <emphasis>Default</emphasis>: 0
|
||
|
+ <emphasis>Default</emphasis>: 0x0070 (i.e. fatal, critical and serious
|
||
|
+ failures; corresponds to setting 2 in decimal notation)
|
||
|
</para>
|
||
|
</listitem>
|
||
|
diff --git a/src/man/include/debug_levels_tools.xml b/src/man/include/debug_levels_tools.xml
|
||
|
index b592d50fc..46a3c7d29 100644
|
||
|
--- a/src/man/include/debug_levels_tools.xml
|
||
|
+++ b/src/man/include/debug_levels_tools.xml
|
||
|
@@ -81,6 +81,7 @@
|
||
|
introduced in 1.7.0.
|
||
|
</para>
|
||
|
<para>
|
||
|
- <emphasis>Default</emphasis>: 0
|
||
|
+ <emphasis>Default</emphasis>: 0x0070 (i.e. fatal, critical and serious
|
||
|
+ failures; corresponds to setting 2 in decimal notation)
|
||
|
</para>
|
||
|
</listitem>
|
||
|
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
|
||
|
index d9da05a51..9c2381c81 100644
|
||
|
--- a/src/monitor/monitor.c
|
||
|
+++ b/src/monitor/monitor.c
|
||
|
@@ -1435,7 +1435,7 @@ static void monitor_quit(struct mt_ctx *mt_ctx, int ret)
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Child [%s] terminated with a signal\n", svc->name);
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Child [%s] did not exit cleanly\n", svc->name);
|
||
|
/* Forcibly kill this child */
|
||
|
kill(-svc->pid, SIGKILL);
|
||
|
@@ -2059,7 +2059,7 @@ static void monitor_sbus_connected(struct tevent_req *req)
|
||
|
|
||
|
ret = sbus_connection_add_path_map(ctx->sbus_conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -2271,7 +2271,7 @@ static void mt_svc_restart(struct tevent_context *ev,
|
||
|
add_new_provider(svc->mt_ctx, svc->name, svc->restarts + 1);
|
||
|
} else {
|
||
|
/* Invalid type? */
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
"BUG: Invalid child process type [%d]\n", svc->type);
|
||
|
}
|
||
|
|
||
|
@@ -2580,14 +2580,14 @@ int main(int argc, const char *argv[])
|
||
|
switch (ret) {
|
||
|
case EPERM:
|
||
|
case EACCES:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
CONF_FILE_PERM_ERROR_MSG, config_file);
|
||
|
- sss_log(SSS_LOG_ALERT, CONF_FILE_PERM_ERROR_MSG, config_file);
|
||
|
+ sss_log(SSS_LOG_CRIT, CONF_FILE_PERM_ERROR_MSG, config_file);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
"SSSD couldn't load the configuration database.\n");
|
||
|
- sss_log(SSS_LOG_ALERT,
|
||
|
+ sss_log(SSS_LOG_CRIT,
|
||
|
"SSSD couldn't load the configuration database [%d]: %s.\n",
|
||
|
ret, strerror(ret));
|
||
|
break;
|
||
|
diff --git a/src/p11_child/p11_child_common.c b/src/p11_child/p11_child_common.c
|
||
|
index f17de1a9e..704ced4b6 100644
|
||
|
--- a/src/p11_child/p11_child_common.c
|
||
|
+++ b/src/p11_child/p11_child_common.c
|
||
|
@@ -125,7 +125,7 @@ static errno_t p11c_recv_data(TALLOC_CTX *mem_ctx, int fd, char **pin)
|
||
|
|
||
|
str = talloc_strndup(mem_ctx, (char *) buf, len);
|
||
|
if (str == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "talloc_strndup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strndup failed.\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/p11_child/p11_child_common_utils.c b/src/p11_child/p11_child_common_utils.c
|
||
|
index 50cfebb4c..c5f324625 100644
|
||
|
--- a/src/p11_child/p11_child_common_utils.c
|
||
|
+++ b/src/p11_child/p11_child_common_utils.c
|
||
|
@@ -107,6 +107,9 @@ errno_t parse_cert_verify_opts(TALLOC_CTX *mem_ctx, const char *verify_opts,
|
||
|
"Found 'no_verification' option, "
|
||
|
"disabling verification completely. "
|
||
|
"This should not be used in production.\n");
|
||
|
+ sss_log(SSS_LOG_CRIT,
|
||
|
+ "Smart card certificate verification disabled completely. "
|
||
|
+ "This should not be used in production.");
|
||
|
cert_verify_opts->do_verification = false;
|
||
|
} else if (strncasecmp(opts[c], OCSP_DEFAUL_RESPONDER,
|
||
|
OCSP_DEFAUL_RESPONDER_LEN) == 0) {
|
||
|
diff --git a/src/p11_child/p11_child_openssl.c b/src/p11_child/p11_child_openssl.c
|
||
|
index d81a1a9ea..879b05b65 100644
|
||
|
--- a/src/p11_child/p11_child_openssl.c
|
||
|
+++ b/src/p11_child/p11_child_openssl.c
|
||
|
@@ -226,7 +226,7 @@ static char *get_issuer_subject_str(TALLOC_CTX *mem_ctx, X509 *cert)
|
||
|
|
||
|
bio_mem = BIO_new(BIO_s_mem());
|
||
|
if (bio_mem == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "BIO_new failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "BIO_new failed.\n");
|
||
|
return NULL;
|
||
|
}
|
||
|
|
||
|
@@ -591,7 +591,7 @@ errno_t init_p11_ctx(TALLOC_CTX *mem_ctx, const char *ca_db,
|
||
|
ret = SSL_library_init();
|
||
|
#endif
|
||
|
if (ret != 1) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize OpenSSL.\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Failed to initialize OpenSSL.\n");
|
||
|
return EIO;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ad/ad_cldap_ping.c b/src/providers/ad/ad_cldap_ping.c
|
||
|
index ab234f4d7..7722af98a 100644
|
||
|
--- a/src/providers/ad/ad_cldap_ping.c
|
||
|
+++ b/src/providers/ad/ad_cldap_ping.c
|
||
|
@@ -467,7 +467,7 @@ ad_cldap_ping_domain_send(TALLOC_CTX *mem_ctx,
|
||
|
domains[0] = discovery_domain;
|
||
|
domains[1] = NULL;
|
||
|
if (domains[0] == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory!");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Bad argument (discovery_domain)");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ad/ad_common.c b/src/providers/ad/ad_common.c
|
||
|
index 624313942..eaa920ca0 100644
|
||
|
--- a/src/providers/ad/ad_common.c
|
||
|
+++ b/src/providers/ad/ad_common.c
|
||
|
@@ -1072,15 +1072,14 @@ ad_resolve_callback(void *private_data, struct fo_server *server)
|
||
|
}
|
||
|
|
||
|
if (!service->gc->uri) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to append to URI\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "NULL GC URI\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
DEBUG(SSSDBG_CONF_SETTINGS, "Constructed GC uri '%s'\n", service->gc->uri);
|
||
|
|
||
|
if (service->gc->sockaddr == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "resolv_get_sockaddr_address failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "NULL GC sockaddr\n");
|
||
|
ret = EIO;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -1100,7 +1099,7 @@ ad_resolve_callback(void *private_data, struct fo_server *server)
|
||
|
done:
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Error: [%s]\n", strerror(ret));
|
||
|
+ "Error: %d [%s]\n", ret, strerror(ret));
|
||
|
}
|
||
|
talloc_free(tmp_ctx);
|
||
|
return;
|
||
|
diff --git a/src/providers/ad/ad_dyndns.c b/src/providers/ad/ad_dyndns.c
|
||
|
index 71ef16c0b..19fc8acef 100644
|
||
|
--- a/src/providers/ad/ad_dyndns.c
|
||
|
+++ b/src/providers/ad/ad_dyndns.c
|
||
|
@@ -63,7 +63,7 @@ errno_t ad_dyndns_init(struct be_ctx *be_ctx,
|
||
|
*/
|
||
|
ret = ad_get_dyndns_options(be_ctx, ad_opts);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not set AD options\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not get AD dyndns options\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
@@ -209,8 +209,8 @@ static void ad_dyndns_update_connect_done(struct tevent_req *subreq)
|
||
|
|
||
|
ret = ldap_url_parse(ctx->service->sdap->uri, &lud);
|
||
|
if (ret != LDAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to parse ldap URI (%s)!\n", ctx->service->sdap->uri);
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to parse ldap URI '%s': %d\n",
|
||
|
+ ctx->service->sdap->uri, ret);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c
|
||
|
index 0eb5416ac..b15e0f345 100644
|
||
|
--- a/src/providers/ad/ad_gpo.c
|
||
|
+++ b/src/providers/ad/ad_gpo.c
|
||
|
@@ -671,7 +671,9 @@ ad_gpo_ace_includes_client_sid(const char *user_sid,
|
||
|
|
||
|
err = sss_idmap_sid_to_smb_sid(idmap_ctx, user_sid, &user_dom_sid);
|
||
|
if (err != IDMAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize idmap context.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "sss_idmap_sid_to_smb_sid() failed for user_sid '%s': %d\n",
|
||
|
+ user_sid, err);
|
||
|
return EFAULT;
|
||
|
}
|
||
|
|
||
|
@@ -684,7 +686,9 @@ ad_gpo_ace_includes_client_sid(const char *user_sid,
|
||
|
|
||
|
err = sss_idmap_sid_to_smb_sid(idmap_ctx, host_sid, &host_dom_sid);
|
||
|
if (err != IDMAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize idmap context.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "sss_idmap_sid_to_smb_sid() failed for host_sid '%s': %d\n",
|
||
|
+ host_sid, err);
|
||
|
return EFAULT;
|
||
|
}
|
||
|
|
||
|
@@ -698,7 +702,9 @@ ad_gpo_ace_includes_client_sid(const char *user_sid,
|
||
|
for (i = 0; i < group_size; i++) {
|
||
|
err = sss_idmap_sid_to_smb_sid(idmap_ctx, group_sids[i], &group_dom_sid);
|
||
|
if (err != IDMAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to initialize idmap context.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "sss_idmap_sid_to_smb_sid() failed for group_sid '%s': %d\n",
|
||
|
+ group_sids[i], err);
|
||
|
return EFAULT;
|
||
|
}
|
||
|
included = ad_gpo_dom_sid_equal(&ace_dom_sid, group_dom_sid);
|
||
|
@@ -4777,14 +4783,14 @@ gpo_fork_child(struct tevent_req *req)
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, strerror(errno));
|
||
|
+ "pipe (from) failed [%d][%s].\n", errno, strerror(errno));
|
||
|
goto fail;
|
||
|
}
|
||
|
ret = pipe(pipefd_to_child);
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, strerror(errno));
|
||
|
+ "pipe (to) failed [%d][%s].\n", errno, strerror(errno));
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ad/ad_machine_pw_renewal.c b/src/providers/ad/ad_machine_pw_renewal.c
|
||
|
index ce9bbe6f3..6e7137a86 100644
|
||
|
--- a/src/providers/ad/ad_machine_pw_renewal.c
|
||
|
+++ b/src/providers/ad/ad_machine_pw_renewal.c
|
||
|
@@ -171,14 +171,14 @@ ad_machine_account_password_renewal_send(TALLOC_CTX *mem_ctx,
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", ret, strerror(ret));
|
||
|
+ "pipe (from) failed [%d][%s].\n", ret, strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
ret = pipe(pipefd_to_child);
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", ret, strerror(ret));
|
||
|
+ "pipe (to) failed [%d][%s].\n", ret, strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
@@ -354,7 +354,8 @@ errno_t ad_machine_account_password_renewal_init(struct be_ctx *be_ctx,
|
||
|
}
|
||
|
|
||
|
if (opt_list_size != 2) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Wrong number of renewal options.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Wrong number of renewal options %d\n",
|
||
|
+ opt_list_size);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ad/ad_pac.c b/src/providers/ad/ad_pac.c
|
||
|
index 80424b44e..aff47304e 100644
|
||
|
--- a/src/providers/ad/ad_pac.c
|
||
|
+++ b/src/providers/ad/ad_pac.c
|
||
|
@@ -120,7 +120,11 @@ errno_t check_if_pac_is_available(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = find_user_entry(mem_ctx, dom, ar, &msg);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "find_user_entry failed.\n");
|
||
|
+ if (ret == ENOENT) {
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "find_user_entry didn't find user entry.\n");
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "find_user_entry failed.\n");
|
||
|
+ }
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ad/ad_subdomains.c b/src/providers/ad/ad_subdomains.c
|
||
|
index 4c457b7e5..f5b0be6c2 100644
|
||
|
--- a/src/providers/ad/ad_subdomains.c
|
||
|
+++ b/src/providers/ad/ad_subdomains.c
|
||
|
@@ -299,7 +299,7 @@ ad_subdom_ad_ctx_new(struct be_ctx *be_ctx,
|
||
|
|
||
|
subdom_conf_path = subdomain_create_conf_path(id_ctx, subdom);
|
||
|
if (subdom_conf_path == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "subdom_conf_path failed\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "subdomain_create_conf_path failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/be_dyndns.c b/src/providers/be_dyndns.c
|
||
|
index 2de3b11bb..1a304db37 100644
|
||
|
--- a/src/providers/be_dyndns.c
|
||
|
+++ b/src/providers/be_dyndns.c
|
||
|
@@ -1111,7 +1111,8 @@ be_nsupdate_args(TALLOC_CTX *mem_ctx,
|
||
|
argc++;
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown nsupdate auth type\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown nsupdate auth type %d\n", auth_type);
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/be_ptask.c b/src/providers/be_ptask.c
|
||
|
index fb80909a0..fab9e21b8 100644
|
||
|
--- a/src/providers/be_ptask.c
|
||
|
+++ b/src/providers/be_ptask.c
|
||
|
@@ -251,7 +251,7 @@ static void be_ptask_schedule(struct be_ptask *task,
|
||
|
task->timer = tevent_add_timer(task->ev, task, tv, be_ptask_execute, task);
|
||
|
if (task->timer == NULL) {
|
||
|
/* nothing we can do about it */
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "FATAL: Unable to schedule task [%s]\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to schedule task [%s]\n",
|
||
|
task->name);
|
||
|
be_ptask_disable(task);
|
||
|
}
|
||
|
diff --git a/src/providers/be_refresh.c b/src/providers/be_refresh.c
|
||
|
index 01cbf03e2..fdddf8bca 100644
|
||
|
--- a/src/providers/be_refresh.c
|
||
|
+++ b/src/providers/be_refresh.c
|
||
|
@@ -125,7 +125,8 @@ static errno_t be_refresh_get_values(TALLOC_CTX *mem_ctx,
|
||
|
base_dn = sysdb_netgroup_base_dn(mem_ctx, domain);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Uknown or unsupported refresh type\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Uknown or unsupported refresh type %d\n", type);
|
||
|
return ERR_INTERNAL;
|
||
|
break;
|
||
|
}
|
||
|
diff --git a/src/providers/data_provider/dp.c b/src/providers/data_provider/dp.c
|
||
|
index 0858c43d2..90324d74d 100644
|
||
|
--- a/src/providers/data_provider/dp.c
|
||
|
+++ b/src/providers/data_provider/dp.c
|
||
|
@@ -109,7 +109,7 @@ dp_init_interface(struct data_provider *provider)
|
||
|
|
||
|
ret = sbus_connection_add_path_map(provider->sbus_conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
@@ -196,7 +196,7 @@ dp_init_send(TALLOC_CTX *mem_ctx,
|
||
|
(sbus_server_on_connection_cb)dp_client_init,
|
||
|
(sbus_server_on_connection_data)state->provider);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create subrequest!\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to create subrequest!\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/data_provider/dp_target_sudo.c b/src/providers/data_provider/dp_target_sudo.c
|
||
|
index db14039c4..59e2358cc 100644
|
||
|
--- a/src/providers/data_provider/dp_target_sudo.c
|
||
|
+++ b/src/providers/data_provider/dp_target_sudo.c
|
||
|
@@ -42,13 +42,13 @@ static errno_t dp_sudo_parse_message(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = sbus_iterator_read_u(read_iter, &dp_flags);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed, to parse the message!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to parse the message (flags)!\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
ret = sbus_iterator_read_u(read_iter, &sudo_type);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed, to parse the message!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Failed to parse the message (type)!\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
@@ -66,13 +66,15 @@ static errno_t dp_sudo_parse_message(TALLOC_CTX *mem_ctx,
|
||
|
/* read rules_num */
|
||
|
ret = sbus_iterator_read_u(read_iter, &num_rules);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed, to parse the message!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Failed to parse the message (num rules)!\n");
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
ret = sbus_iterator_read_as(mem_ctx, read_iter, &rules);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed, to parse the message!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Failed to parse the message (rules)!\n");
|
||
|
return ret;
|
||
|
}
|
||
|
break;
|
||
|
diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
|
||
|
index 10421c6b4..f059a3f96 100644
|
||
|
--- a/src/providers/data_provider_be.c
|
||
|
+++ b/src/providers/data_provider_be.c
|
||
|
@@ -407,7 +407,7 @@ static void check_if_online(struct be_ctx *be_ctx, int delay)
|
||
|
check_if_online_delayed, be_ctx);
|
||
|
|
||
|
if (time_event == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Scheduling check_if_online_delayed failed.\n");
|
||
|
goto failed;
|
||
|
}
|
||
|
@@ -420,7 +420,6 @@ static void check_if_online(struct be_ctx *be_ctx, int delay)
|
||
|
|
||
|
failed:
|
||
|
be_ctx->check_online_ref_count--;
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to run a check_online test.\n");
|
||
|
|
||
|
if (be_ctx->check_online_ref_count == 0) {
|
||
|
reset_fo(be_ctx);
|
||
|
@@ -629,7 +628,7 @@ static void dp_initialized(struct tevent_req *req)
|
||
|
|
||
|
ret = be_register_monitor_iface(be_ctx->mon_conn, be_ctx);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register monitor interface "
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register monitor interface "
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/data_provider_fo.c b/src/providers/data_provider_fo.c
|
||
|
index 8dc09f5b2..0dfbb04b0 100644
|
||
|
--- a/src/providers/data_provider_fo.c
|
||
|
+++ b/src/providers/data_provider_fo.c
|
||
|
@@ -651,7 +651,7 @@ errno_t be_resolve_server_process(struct tevent_req *subreq,
|
||
|
srvaddr = fo_get_server_hostent(state->srv);
|
||
|
if (!srvaddr) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "FATAL: No hostent available for server (%s)\n",
|
||
|
+ "No hostent available for server (%s)\n",
|
||
|
fo_get_server_str_name(state->srv));
|
||
|
return EFAULT;
|
||
|
}
|
||
|
diff --git a/src/providers/data_provider_opts.c b/src/providers/data_provider_opts.c
|
||
|
index 9db43fc40..bb543ae4f 100644
|
||
|
--- a/src/providers/data_provider_opts.c
|
||
|
+++ b/src/providers/data_provider_opts.c
|
||
|
@@ -233,7 +233,7 @@ static int dp_copy_options_ex(TALLOC_CTX *memctx,
|
||
|
}
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to retrieve value for option (%s)\n",
|
||
|
+ "Failed to copy value for option (%s)\n",
|
||
|
opts[i].opt_name);
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -249,7 +249,7 @@ static int dp_copy_options_ex(TALLOC_CTX *memctx,
|
||
|
}
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to retrieve value for option (%s)\n",
|
||
|
+ "Failed to copy value for option (%s)\n",
|
||
|
opts[i].opt_name);
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -265,7 +265,7 @@ static int dp_copy_options_ex(TALLOC_CTX *memctx,
|
||
|
}
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to retrieve value for option (%s)\n",
|
||
|
+ "Failed to copy value for option (%s)\n",
|
||
|
opts[i].opt_name);
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/data_provider_req.h b/src/providers/data_provider_req.h
|
||
|
index f2e05797f..75f7f9713 100644
|
||
|
--- a/src/providers/data_provider_req.h
|
||
|
+++ b/src/providers/data_provider_req.h
|
||
|
@@ -39,6 +39,7 @@
|
||
|
#define BE_REQ_USER_AND_GROUP 0x0012
|
||
|
#define BE_REQ_BY_UUID 0x0013
|
||
|
#define BE_REQ_BY_CERT 0x0014
|
||
|
+#define BE_REQ__LAST BE_REQ_BY_CERT /* must be equal to max REQ number */
|
||
|
#define BE_REQ_TYPE_MASK 0x00FF
|
||
|
|
||
|
/**
|
||
|
diff --git a/src/providers/files/files_ops.c b/src/providers/files/files_ops.c
|
||
|
index 59fc20692..54d2b4164 100644
|
||
|
--- a/src/providers/files/files_ops.c
|
||
|
+++ b/src/providers/files/files_ops.c
|
||
|
@@ -395,7 +395,7 @@ static errno_t refresh_override_attrs(struct files_id_ctx *id_ctx,
|
||
|
override_attrs, &count, &msgs);
|
||
|
if (ret != EOK) {
|
||
|
if (ret == ENOENT) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "No overrides, nothing to do.\n");
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "No overrides, nothing to do.\n");
|
||
|
ret = EOK;
|
||
|
} else {
|
||
|
DEBUG(SSSDBG_OP_FAILURE, "sysdb_search_entry failed.\n");
|
||
|
diff --git a/src/providers/ipa/ipa_access.c b/src/providers/ipa/ipa_access.c
|
||
|
index 375b6f885..4a6727c97 100644
|
||
|
--- a/src/providers/ipa/ipa_access.c
|
||
|
+++ b/src/providers/ipa/ipa_access.c
|
||
|
@@ -671,7 +671,7 @@ static void ipa_pam_access_handler_done(struct tevent_req *subreq)
|
||
|
talloc_free(subreq);
|
||
|
|
||
|
if (ret == ENOENT) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "No HBAC rules find, denying access\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "No HBAC rules found, denying access\n");
|
||
|
state->pd->pam_status = PAM_PERM_DENIED;
|
||
|
goto done;
|
||
|
} else if (ret != EOK) {
|
||
|
diff --git a/src/providers/ipa/ipa_common.c b/src/providers/ipa/ipa_common.c
|
||
|
index 1211ba4c9..8cadb9249 100644
|
||
|
--- a/src/providers/ipa/ipa_common.c
|
||
|
+++ b/src/providers/ipa/ipa_common.c
|
||
|
@@ -781,8 +781,7 @@ int ipa_get_auth_options(struct ipa_options *ipa_opts,
|
||
|
dp_opt_get_string(ipa_opts->auth,
|
||
|
KRB5_REALM));
|
||
|
if (value == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Cannot set %s!\n",
|
||
|
- ipa_opts->auth[KRB5_FAST_PRINCIPAL].opt_name);
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_asprintf() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -851,7 +850,7 @@ static void ipa_resolve_callback(void *private_data, struct fo_server *server)
|
||
|
srvaddr = fo_get_server_hostent(server);
|
||
|
if (!srvaddr) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "FATAL: No hostent available for server (%s)\n",
|
||
|
+ "No hostent available for server (%s)\n",
|
||
|
fo_get_server_str_name(server));
|
||
|
talloc_free(tmp_ctx);
|
||
|
return;
|
||
|
diff --git a/src/providers/ipa/ipa_hbac_common.c b/src/providers/ipa/ipa_hbac_common.c
|
||
|
index 31e53d24d..1fee41a36 100644
|
||
|
--- a/src/providers/ipa/ipa_hbac_common.c
|
||
|
+++ b/src/providers/ipa/ipa_hbac_common.c
|
||
|
@@ -423,7 +423,7 @@ hbac_eval_user_element(TALLOC_CTX *mem_ctx,
|
||
|
ret = sysdb_initgroups(tmp_ctx, domain, username, &res);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "sysdb_asq_search failed [%d]: %s\n", ret, sss_strerror(ret));
|
||
|
+ "sysdb_initgroups() failed [%d]: %s\n", ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ipa/ipa_hbac_services.c b/src/providers/ipa/ipa_hbac_services.c
|
||
|
index 79088ff66..387e915cd 100644
|
||
|
--- a/src/providers/ipa/ipa_hbac_services.c
|
||
|
+++ b/src/providers/ipa/ipa_hbac_services.c
|
||
|
@@ -487,7 +487,7 @@ hbac_service_attrs_to_rule(TALLOC_CTX *mem_ctx,
|
||
|
/* Original DN matched a single service. Get the service name */
|
||
|
name = ldb_msg_find_attr_as_string(msgs[0], IPA_CN, NULL);
|
||
|
if (name == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Attribute is missing!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Attribute IPA_CN is missing!\n");
|
||
|
ret = EFAULT;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -523,7 +523,7 @@ hbac_service_attrs_to_rule(TALLOC_CTX *mem_ctx,
|
||
|
/* Original DN matched a single group. Get the groupname */
|
||
|
name = ldb_msg_find_attr_as_string(msgs[0], IPA_CN, NULL);
|
||
|
if (name == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Attribute is missing!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Attribute IPA_CN is missing!\n");
|
||
|
ret = EFAULT;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ipa/ipa_hbac_users.c b/src/providers/ipa/ipa_hbac_users.c
|
||
|
index 2801a3162..25850eac0 100644
|
||
|
--- a/src/providers/ipa/ipa_hbac_users.c
|
||
|
+++ b/src/providers/ipa/ipa_hbac_users.c
|
||
|
@@ -124,7 +124,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx,
|
||
|
if (strcasecmp("cn", account_comp_name) != 0) {
|
||
|
/* The third component name is not "cn" */
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Expected cn in second component, got %s\n", account_comp_name);
|
||
|
+ "Expected cn in third component, got %s\n", account_comp_name);
|
||
|
ret = ERR_UNEXPECTED_ENTRY_TYPE;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -135,7 +135,7 @@ get_ipa_groupname(TALLOC_CTX *mem_ctx,
|
||
|
account_comp_val->length) != 0) {
|
||
|
/* The third component value is not "accounts" */
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Expected cn accounts second component, got %s\n",
|
||
|
+ "Expected accounts third component, got %s\n",
|
||
|
(const char *) account_comp_val->data);
|
||
|
ret = ERR_UNEXPECTED_ENTRY_TYPE;
|
||
|
goto done;
|
||
|
diff --git a/src/providers/ipa/ipa_id.c b/src/providers/ipa/ipa_id.c
|
||
|
index 9253514a3..2cbe0c9c7 100644
|
||
|
--- a/src/providers/ipa/ipa_id.c
|
||
|
+++ b/src/providers/ipa/ipa_id.c
|
||
|
@@ -266,7 +266,7 @@ ipa_initgr_get_overrides_send(TALLOC_CTX *memctx,
|
||
|
}
|
||
|
state->groups_id_attr = talloc_strdup(state, groups_id_attr);
|
||
|
if (state->groups_id_attr == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ipa/ipa_init.c b/src/providers/ipa/ipa_init.c
|
||
|
index a4d58e3bd..afdd6fdd0 100644
|
||
|
--- a/src/providers/ipa/ipa_init.c
|
||
|
+++ b/src/providers/ipa/ipa_init.c
|
||
|
@@ -317,10 +317,10 @@ static errno_t ipa_init_client_mode(struct be_ctx *be_ctx,
|
||
|
ret = sysdb_get_view_name(ipa_id_ctx, be_ctx->domain->sysdb,
|
||
|
&ipa_id_ctx->view_name);
|
||
|
if (ret == ENOENT) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Cannot find view name in the cache. "
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE, "Cannot find view name in the cache. "
|
||
|
"Will do online lookup later.\n");
|
||
|
} else if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "sysdb_get_view_name() failed [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_get_view_name() failed [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
return ret;
|
||
|
}
|
||
|
diff --git a/src/providers/ipa/ipa_s2n_exop.c b/src/providers/ipa/ipa_s2n_exop.c
|
||
|
index c3e1acb48..fb93c6233 100644
|
||
|
--- a/src/providers/ipa/ipa_s2n_exop.c
|
||
|
+++ b/src/providers/ipa/ipa_s2n_exop.c
|
||
|
@@ -2224,7 +2224,8 @@ static void ipa_s2n_get_user_done(struct tevent_req *subreq)
|
||
|
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected request type.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unexpected request type %d.\n", state->request_type);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/ipa/ipa_selinux.c b/src/providers/ipa/ipa_selinux.c
|
||
|
index 5cb02de86..760349134 100644
|
||
|
--- a/src/providers/ipa/ipa_selinux.c
|
||
|
+++ b/src/providers/ipa/ipa_selinux.c
|
||
|
@@ -681,7 +681,7 @@ static errno_t selinux_fork_child(struct selinux_child_state *state)
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, sss_strerror(errno));
|
||
|
+ "pipe (from) failed [%d][%s].\n", errno, sss_strerror(errno));
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
@@ -689,7 +689,7 @@ static errno_t selinux_fork_child(struct selinux_child_state *state)
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, sss_strerror(errno));
|
||
|
+ "pipe (to) failed [%d][%s].\n", errno, sss_strerror(errno));
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ipa/ipa_session.c b/src/providers/ipa/ipa_session.c
|
||
|
index 6672cb349..935393ccd 100644
|
||
|
--- a/src/providers/ipa/ipa_session.c
|
||
|
+++ b/src/providers/ipa/ipa_session.c
|
||
|
@@ -570,7 +570,7 @@ ipa_pam_session_handler_done(struct tevent_req *subreq)
|
||
|
talloc_free(subreq);
|
||
|
|
||
|
if (ret == ENOENT) {
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "No Desktop Profile rules found\n");
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "No Desktop Profile rules found\n");
|
||
|
if (!state->session_ctx->no_rules_found) {
|
||
|
state->session_ctx->no_rules_found = true;
|
||
|
state->session_ctx->last_request = time(NULL);
|
||
|
@@ -668,7 +668,7 @@ ipa_pam_session_handler_get_deskprofile_user_info(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
if (res->count != 1) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "sysdb_getpwnam() got more users than expected. "
|
||
|
+ "sysdb_getpwnam() returned unexpected amount of users. "
|
||
|
"Expected [%d], got [%d]\n", 1, res->count);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
diff --git a/src/providers/ipa/ipa_subdomains_ext_groups.c b/src/providers/ipa/ipa_subdomains_ext_groups.c
|
||
|
index c730c3317..790ae9d16 100644
|
||
|
--- a/src/providers/ipa/ipa_subdomains_ext_groups.c
|
||
|
+++ b/src/providers/ipa/ipa_subdomains_ext_groups.c
|
||
|
@@ -840,7 +840,8 @@ static void ipa_add_ad_memberships_get_next(struct tevent_req *req)
|
||
|
}
|
||
|
|
||
|
if (missing_groups) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "There are unresolved external group "
|
||
|
+ /* this might be HBAC or sudo rule */
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "There are unresolved external group "
|
||
|
"memberships even after all groups "
|
||
|
"have been looked up on the LDAP "
|
||
|
"server.\n");
|
||
|
diff --git a/src/providers/ipa/ipa_subdomains_id.c b/src/providers/ipa/ipa_subdomains_id.c
|
||
|
index 36f32fae8..46d496258 100644
|
||
|
--- a/src/providers/ipa/ipa_subdomains_id.c
|
||
|
+++ b/src/providers/ipa/ipa_subdomains_id.c
|
||
|
@@ -506,7 +506,13 @@ struct tevent_req *ipa_get_subdom_acct_send(TALLOC_CTX *memctx,
|
||
|
break;
|
||
|
default:
|
||
|
ret = EINVAL;
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Invalid sub-domain request type.\n");
|
||
|
+ if (state->entry_type > BE_REQ__LAST) {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "Invalid sub-domain request type %d.\n",
|
||
|
+ state->entry_type);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "Unhandled sub-domain request type %d.\n",
|
||
|
+ state->entry_type);
|
||
|
+ }
|
||
|
}
|
||
|
if (ret != EOK) goto fail;
|
||
|
|
||
|
@@ -1027,6 +1033,9 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom,
|
||
|
const char *homedir = NULL;
|
||
|
struct ldb_message_element *msg_el = NULL;
|
||
|
size_t c;
|
||
|
+ const char *category = NULL;
|
||
|
+ size_t length = 0;
|
||
|
+ bool user_class = true;
|
||
|
|
||
|
msg_el = ldb_msg_find_element(msg, SYSDB_OBJECTCATEGORY);
|
||
|
if (msg_el == NULL) {
|
||
|
@@ -1039,12 +1048,15 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom,
|
||
|
* case of a MPG group lookup if SYSDB_OBJECTCATEGORY is SYSDB_GROUP_CLASS.
|
||
|
*/
|
||
|
for (c = 0; c < msg_el->num_values; c++) {
|
||
|
- if (strncmp(SYSDB_USER_CLASS, (const char *)msg_el->values[c].data,
|
||
|
- msg_el->values[c].length) == 0
|
||
|
- || (sss_domain_is_mpg(dom)
|
||
|
- && strncmp(SYSDB_GROUP_CLASS,
|
||
|
- (const char *)msg_el->values[c].data,
|
||
|
- msg_el->values[c].length) == 0)) {
|
||
|
+ category = (const char *)msg_el->values[c].data;
|
||
|
+ length = msg_el->values[c].length;
|
||
|
+ if (strncmp(SYSDB_USER_CLASS, category, length) == 0) {
|
||
|
+ user_class = true;
|
||
|
+ break;
|
||
|
+ }
|
||
|
+ if (sss_domain_is_mpg(dom)
|
||
|
+ && strncmp(SYSDB_GROUP_CLASS, category, length) == 0) {
|
||
|
+ user_class = false;
|
||
|
break;
|
||
|
}
|
||
|
}
|
||
|
@@ -1064,8 +1076,12 @@ apply_subdomain_homedir(TALLOC_CTX *mem_ctx, struct sss_domain_info *dom,
|
||
|
|
||
|
uid = ldb_msg_find_attr_as_uint64(msg, SYSDB_UIDNUM, 0);
|
||
|
if (uid == 0) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "UID for user [%s] is not known.\n",
|
||
|
- fqname);
|
||
|
+ if (user_class) {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "UID for user [%s] is unknown\n", fqname);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_TRACE_INTERNAL,
|
||
|
+ "No UID for object [%s], perhaps mpg\n", fqname);
|
||
|
+ }
|
||
|
ret = ENOENT;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -1309,7 +1325,7 @@ ipa_get_ad_acct_ad_part_done(struct tevent_req *subreq)
|
||
|
|
||
|
state->object_sid = talloc_strdup(state, sid);
|
||
|
if (state->object_sid == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n");
|
||
|
ret = ENOMEM;
|
||
|
goto fail;
|
||
|
}
|
||
|
@@ -1521,7 +1537,7 @@ static errno_t ipa_get_ad_apply_override_step(struct tevent_req *req)
|
||
|
|
||
|
state->ar->filter_value = talloc_strdup(state->ar, obj_name);
|
||
|
if (state->ar->filter_value == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
state->ar->filter_type = BE_FILTER_NAME;
|
||
|
diff --git a/src/providers/ipa/ipa_subdomains_server.c b/src/providers/ipa/ipa_subdomains_server.c
|
||
|
index fcdd05322..deb2c2cee 100644
|
||
|
--- a/src/providers/ipa/ipa_subdomains_server.c
|
||
|
+++ b/src/providers/ipa/ipa_subdomains_server.c
|
||
|
@@ -513,7 +513,7 @@ static void ipa_getkeytab_exec(const char *ccache,
|
||
|
|
||
|
gkt_env[0] = talloc_asprintf(NULL, "KRB5CCNAME=%s", ccache);
|
||
|
if (gkt_env[0] == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to format KRB5CCNAME\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Failed to format KRB5CCNAME\n");
|
||
|
exit(1);
|
||
|
}
|
||
|
|
||
|
@@ -522,7 +522,7 @@ static void ipa_getkeytab_exec(const char *ccache,
|
||
|
ret = unlink(keytab_path);
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
"Failed to unlink the temporary ccname [%d][%s]\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
exit(1);
|
||
|
@@ -533,12 +533,12 @@ static void ipa_getkeytab_exec(const char *ccache,
|
||
|
"-r", "-s", server, "-p", principal, "-k", keytab_path, NULL,
|
||
|
gkt_env);
|
||
|
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
"execle returned %d, this shouldn't happen!\n", ret);
|
||
|
|
||
|
/* The child should never end up here */
|
||
|
ret = errno;
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE,
|
||
|
"execle failed [%d][%s].\n", ret, sss_strerror(ret));
|
||
|
exit(1);
|
||
|
}
|
||
|
@@ -748,7 +748,8 @@ static errno_t ipa_server_trusted_dom_setup_1way(struct tevent_req *req)
|
||
|
|
||
|
state->new_keytab = talloc_asprintf(state, "%sXXXXXX", state->keytab);
|
||
|
if (state->new_keytab == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Cannot set up ipa_get_keytab\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Cannot set up ipa_get_keytab. talloc_asprintf() failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ipa/ipa_sudo.c b/src/providers/ipa/ipa_sudo.c
|
||
|
index 931770922..1b881d085 100644
|
||
|
--- a/src/providers/ipa/ipa_sudo.c
|
||
|
+++ b/src/providers/ipa/ipa_sudo.c
|
||
|
@@ -223,7 +223,7 @@ ipa_sudo_init_ipa_schema(TALLOC_CTX *mem_ctx,
|
||
|
ipa_sudorule_map, IPA_OPTS_SUDORULE,
|
||
|
&sudo_ctx->sudorule_map);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map "
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map (rule) "
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -232,7 +232,7 @@ ipa_sudo_init_ipa_schema(TALLOC_CTX *mem_ctx,
|
||
|
ipa_sudocmdgroup_map, IPA_OPTS_SUDOCMDGROUP,
|
||
|
&sudo_ctx->sudocmdgroup_map);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map "
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map (cmdgroup) "
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -241,7 +241,7 @@ ipa_sudo_init_ipa_schema(TALLOC_CTX *mem_ctx,
|
||
|
ipa_sudocmd_map, IPA_OPTS_SUDOCMD,
|
||
|
&sudo_ctx->sudocmd_map);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map "
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse attribute map (cmd) "
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -250,16 +250,16 @@ ipa_sudo_init_ipa_schema(TALLOC_CTX *mem_ctx,
|
||
|
CONFDB_SUDO_THRESHOLD, CONFDB_DEFAULT_SUDO_THRESHOLD,
|
||
|
&sudo_ctx->sudocmd_threshold);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Could not parse sudo search base\n");
|
||
|
- return ret;
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not get sudo threshold\n");
|
||
|
+ goto done;
|
||
|
}
|
||
|
|
||
|
ret = sdap_parse_search_base(sudo_ctx, sudo_ctx->sdap_opts->basic,
|
||
|
SDAP_SUDO_SEARCH_BASE,
|
||
|
&sudo_ctx->sudo_sb);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Could not parse sudo search base\n");
|
||
|
- return ret;
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not parse sudo search base\n");
|
||
|
+ goto done;
|
||
|
}
|
||
|
|
||
|
ret = ipa_sudo_ptask_setup(be_ctx, sudo_ctx);
|
||
|
diff --git a/src/providers/ipa/ipa_sudo_async.c b/src/providers/ipa/ipa_sudo_async.c
|
||
|
index 1d7a69814..c531ecbf9 100644
|
||
|
--- a/src/providers/ipa/ipa_sudo_async.c
|
||
|
+++ b/src/providers/ipa/ipa_sudo_async.c
|
||
|
@@ -520,7 +520,7 @@ ipa_sudo_fetch_addtl_cmdgroups_done(struct tevent_req *subreq)
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "Received %zu additional command groups\n",
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Received %zu additional command groups\n",
|
||
|
num_attrs);
|
||
|
|
||
|
ret = ipa_sudo_filter_rules_bycmdgroups(state, state->domain, attrs,
|
||
|
@@ -609,7 +609,7 @@ ipa_sudo_fetch_rules_done(struct tevent_req *subreq)
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "Received %zu sudo rules\n", num_attrs);
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Received %zu sudo rules\n", num_attrs);
|
||
|
|
||
|
ret = ipa_sudo_conv_rules(state->conv, attrs, num_attrs);
|
||
|
if (ret != EOK) {
|
||
|
@@ -689,7 +689,7 @@ ipa_sudo_fetch_cmdgroups_done(struct tevent_req *subreq)
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "Received %zu sudo command groups\n",
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Received %zu sudo command groups\n",
|
||
|
num_attrs);
|
||
|
|
||
|
ret = ipa_sudo_conv_cmdgroups(state->conv, attrs, num_attrs);
|
||
|
@@ -769,7 +769,7 @@ ipa_sudo_fetch_cmds_done(struct tevent_req *subreq)
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "Received %zu sudo commands\n", num_attrs);
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Received %zu sudo commands\n", num_attrs);
|
||
|
|
||
|
ret = ipa_sudo_conv_cmds(state->conv, attrs, num_attrs);
|
||
|
if (ret != EOK) {
|
||
|
@@ -1109,7 +1109,7 @@ done:
|
||
|
if (in_transaction) {
|
||
|
sret = sysdb_transaction_cancel(state->sysdb);
|
||
|
if (sret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Could not cancel transaction\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not cancel transaction\n");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ipa/ipa_sudo_conversion.c b/src/providers/ipa/ipa_sudo_conversion.c
|
||
|
index b5fc49379..bd1ec72b3 100644
|
||
|
--- a/src/providers/ipa/ipa_sudo_conversion.c
|
||
|
+++ b/src/providers/ipa/ipa_sudo_conversion.c
|
||
|
@@ -801,7 +801,7 @@ convert_host(TALLOC_CTX *mem_ctx,
|
||
|
*skip_entry = true;
|
||
|
return NULL;
|
||
|
} else if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
value, ret, sss_strerror(ret));
|
||
|
return NULL;
|
||
|
}
|
||
|
@@ -841,7 +841,7 @@ convert_user(TALLOC_CTX *mem_ctx,
|
||
|
*skip_entry = true;
|
||
|
return NULL;
|
||
|
} else if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
value, ret, sss_strerror(ret));
|
||
|
return NULL;
|
||
|
}
|
||
|
@@ -904,7 +904,7 @@ convert_group(TALLOC_CTX *mem_ctx,
|
||
|
*skip_entry = true;
|
||
|
return NULL;
|
||
|
} else if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ipa_get_rdn() failed on value %s [%d]: %s\n",
|
||
|
value, ret, sss_strerror(ret));
|
||
|
return NULL;
|
||
|
}
|
||
|
diff --git a/src/providers/ipa/ipa_views.c b/src/providers/ipa/ipa_views.c
|
||
|
index 2a918bdc8..e1090d03b 100644
|
||
|
--- a/src/providers/ipa/ipa_views.c
|
||
|
+++ b/src/providers/ipa/ipa_views.c
|
||
|
@@ -232,7 +232,7 @@ static errno_t get_dp_id_data_for_xyz(TALLOC_CTX *mem_ctx, const char *val,
|
||
|
ar->filter_value = talloc_strdup(ar, val);
|
||
|
ar->domain = talloc_strdup(ar, domain_name);
|
||
|
if (ar->filter_value == NULL || ar->domain == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "talloc_strdup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_strdup failed.\n");
|
||
|
talloc_free(ar);
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
@@ -471,7 +471,7 @@ static void ipa_get_ad_override_done(struct tevent_req *subreq)
|
||
|
|
||
|
ret = ipa_get_ad_override_qualify_name(state);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Cannot qualify object name\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Cannot qualify object name\n");
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/krb5/krb5_access.c b/src/providers/krb5/krb5_access.c
|
||
|
index be9068c0f..2ae5abe14 100644
|
||
|
--- a/src/providers/krb5/krb5_access.c
|
||
|
+++ b/src/providers/krb5/krb5_access.c
|
||
|
@@ -78,7 +78,8 @@ struct tevent_req *krb5_access_send(TALLOC_CTX *mem_ctx,
|
||
|
}
|
||
|
|
||
|
if (pd->cmd != SSS_PAM_ACCT_MGMT) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected pam task.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unexpected pam task %d.\n", pd->cmd);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/krb5/krb5_auth.c b/src/providers/krb5/krb5_auth.c
|
||
|
index a1c0b3640..699c2467b 100644
|
||
|
--- a/src/providers/krb5/krb5_auth.c
|
||
|
+++ b/src/providers/krb5/krb5_auth.c
|
||
|
@@ -499,7 +499,7 @@ struct tevent_req *krb5_auth_send(TALLOC_CTX *mem_ctx,
|
||
|
/* handle empty password gracefully */
|
||
|
if (authtok_type == SSS_AUTHTOK_TYPE_EMPTY) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Illegal zero-length authtok for user [%s]\n",
|
||
|
+ "Illegal empty authtok for user [%s]\n",
|
||
|
pd->user);
|
||
|
state->pam_status = PAM_AUTH_ERR;
|
||
|
state->dp_err = DP_ERR_OK;
|
||
|
@@ -854,7 +854,7 @@ static void krb5_auth_done(struct tevent_req *subreq)
|
||
|
ret = EOK;
|
||
|
goto done;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected PAM task\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected PAM task %d\n", pd->cmd);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/providers/krb5/krb5_child.c b/src/providers/krb5/krb5_child.c
|
||
|
index cab7b27a2..06fdf7156 100644
|
||
|
--- a/src/providers/krb5/krb5_child.c
|
||
|
+++ b/src/providers/krb5/krb5_child.c
|
||
|
@@ -258,7 +258,7 @@ static void sss_krb5_expire_callback_func(krb5_context context, void *data,
|
||
|
|
||
|
blob = talloc_array(kr->pd, uint32_t, 2);
|
||
|
if (blob == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_size failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_array failed.\n");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
@@ -525,7 +525,8 @@ static krb5_error_code tokeninfo_matches(TALLOC_CTX *mem_ctx,
|
||
|
out_token, out_pin);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported authtok type.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unsupported authtok type %d\n", sss_authtok_get_type(auth_tok));
|
||
|
}
|
||
|
|
||
|
return EINVAL;
|
||
|
@@ -1087,7 +1088,7 @@ static errno_t pack_response_packet(TALLOC_CTX *mem_ctx, errno_t error,
|
||
|
|
||
|
buf = talloc_array(mem_ctx, uint8_t, size);
|
||
|
if (!buf) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Insufficient memory to create message.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_array failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
@@ -1958,13 +1959,12 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
|
||
|
&msg_len, &msg);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pack_user_info_chpass_error failed.\n");
|
||
|
+ "pack_user_info_chpass_error failed [%d]\n", ret);
|
||
|
} else {
|
||
|
ret = pam_add_response(kr->pd, SSS_PAM_USER_INFO, msg_len,
|
||
|
msg);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pam_add_response failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n");
|
||
|
}
|
||
|
}
|
||
|
return kerr;
|
||
|
@@ -2036,13 +2036,12 @@ static errno_t changepw_child(struct krb5_req *kr, bool prelim)
|
||
|
&user_resp_len, &user_resp);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pack_user_info_chpass_error failed.\n");
|
||
|
+ "pack_user_info_chpass_error failed [%d]\n", ret);
|
||
|
} else {
|
||
|
ret = pam_add_response(kr->pd, SSS_PAM_USER_INFO, user_resp_len,
|
||
|
user_resp);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pam_add_response failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "pam_add_response failed.\n");
|
||
|
}
|
||
|
}
|
||
|
}
|
||
|
@@ -2448,7 +2447,7 @@ static errno_t unpack_buffer(uint8_t *buf, size_t size,
|
||
|
|
||
|
pd = create_pam_data(kr);
|
||
|
if (pd == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "create_pam_data failed.\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
kr->pd = pd;
|
||
|
@@ -3110,7 +3109,7 @@ static int k5c_setup(struct krb5_req *kr, uint32_t offline)
|
||
|
|
||
|
kr->creds = calloc(1, sizeof(krb5_creds));
|
||
|
if (kr->creds == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "calloc failed.\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
@@ -3345,7 +3344,7 @@ int main(int argc, const char *argv[])
|
||
|
|
||
|
kr = talloc_zero(NULL, struct krb5_req);
|
||
|
if (kr == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed.\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -3403,7 +3402,7 @@ int main(int argc, const char *argv[])
|
||
|
|
||
|
ret = k5c_setup(kr, offline);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "krb5_child_setup failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "k5c_setup failed.\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/krb5/krb5_child_handler.c b/src/providers/krb5/krb5_child_handler.c
|
||
|
index 37f4304e8..01777e22b 100644
|
||
|
--- a/src/providers/krb5/krb5_child_handler.c
|
||
|
+++ b/src/providers/krb5/krb5_child_handler.c
|
||
|
@@ -449,14 +449,14 @@ static errno_t fork_child(struct tevent_req *req)
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, strerror(errno));
|
||
|
+ "pipe (from) failed [%d][%s].\n", errno, strerror(errno));
|
||
|
goto fail;
|
||
|
}
|
||
|
ret = pipe(pipefd_to_child);
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", errno, strerror(errno));
|
||
|
+ "pipe (to) failed [%d][%s].\n", errno, strerror(errno));
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/krb5/krb5_common.c b/src/providers/krb5/krb5_common.c
|
||
|
index 5c11c347b..316603946 100644
|
||
|
--- a/src/providers/krb5/krb5_common.c
|
||
|
+++ b/src/providers/krb5/krb5_common.c
|
||
|
@@ -793,7 +793,7 @@ static void krb5_resolve_callback(void *private_data, struct fo_server *server)
|
||
|
|
||
|
krb5_service = talloc_get_type(private_data, struct krb5_service);
|
||
|
if (!krb5_service) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "FATAL: Bad private_data\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Bad private_data\n");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
@@ -1110,7 +1110,7 @@ void remove_krb5_info_files_callback(void *pvt)
|
||
|
ctx->kdc_service_name);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "be_fo_run_callbacks_at_next_request failed, "
|
||
|
+ "be_fo_run_callbacks_at_next_request(kdc_service_name) failed, "
|
||
|
"krb5 info files will not be removed, because "
|
||
|
"it is unclear if they will be recreated properly.\n");
|
||
|
return;
|
||
|
@@ -1120,7 +1120,7 @@ void remove_krb5_info_files_callback(void *pvt)
|
||
|
ctx->kpasswd_service_name);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "be_fo_run_callbacks_at_next_request failed, "
|
||
|
+ "be_fo_run_callbacks_at_next_request(kpasswd_service_name) failed, "
|
||
|
"krb5 info files will not be removed, because "
|
||
|
"it is unclear if they will be recreated properly.\n");
|
||
|
return;
|
||
|
diff --git a/src/providers/krb5/krb5_delayed_online_authentication.c b/src/providers/krb5/krb5_delayed_online_authentication.c
|
||
|
index 8572d1249..07d375b9d 100644
|
||
|
--- a/src/providers/krb5/krb5_delayed_online_authentication.c
|
||
|
+++ b/src/providers/krb5/krb5_delayed_online_authentication.c
|
||
|
@@ -173,7 +173,7 @@ static errno_t authenticate_stored_users(
|
||
|
ret = hash_lookup(uid_table, &key, &value);
|
||
|
|
||
|
if (ret == HASH_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "User [%s] is still logged in, "
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "User [%s] is still logged in, "
|
||
|
"trying online authentication.\n", pd->user);
|
||
|
|
||
|
auth_data = talloc_zero(deferred_auth_ctx->be_ctx,
|
||
|
@@ -193,7 +193,7 @@ static errno_t authenticate_stored_users(
|
||
|
}
|
||
|
}
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "User [%s] is not logged in anymore, "
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "User [%s] is not logged in anymore, "
|
||
|
"discarding online authentication.\n", pd->user);
|
||
|
talloc_free(pd);
|
||
|
}
|
||
|
diff --git a/src/providers/krb5/krb5_renew_tgt.c b/src/providers/krb5/krb5_renew_tgt.c
|
||
|
index 8b2159e92..d79e7c367 100644
|
||
|
--- a/src/providers/krb5/krb5_renew_tgt.c
|
||
|
+++ b/src/providers/krb5/krb5_renew_tgt.c
|
||
|
@@ -405,7 +405,7 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx)
|
||
|
|
||
|
base_dn = sysdb_user_base_dn(tmp_ctx, renew_tgt_ctx->be_ctx->domain);
|
||
|
if (base_dn == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "sysdb_base_dn failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sysdb_base_dn failed.\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -440,7 +440,7 @@ static errno_t check_ccache_files(struct renew_tgt_ctx *renew_tgt_ctx)
|
||
|
|
||
|
ret = sss_parse_internal_fqname(tmp_ctx, user_name, NULL, &user_dom);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
"Cannot parse internal fqname [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
diff --git a/src/providers/krb5/krb5_utils.c b/src/providers/krb5/krb5_utils.c
|
||
|
index e3f8f2140..43056ba28 100644
|
||
|
--- a/src/providers/krb5/krb5_utils.c
|
||
|
+++ b/src/providers/krb5/krb5_utils.c
|
||
|
@@ -287,7 +287,7 @@ char *expand_ccname_template(TALLOC_CTX *mem_ctx, struct krb5child_req *kr,
|
||
|
name = sss_output_name(tmp_ctx, kr->pd->user, case_sensitive, 0);
|
||
|
if (name == NULL) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "sss_get_cased_name failed\n");
|
||
|
+ "sss_output_name failed\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/ldap_auth.c b/src/providers/ldap/ldap_auth.c
|
||
|
index 89ff4ece0..42ef962b4 100644
|
||
|
--- a/src/providers/ldap/ldap_auth.c
|
||
|
+++ b/src/providers/ldap/ldap_auth.c
|
||
|
@@ -64,7 +64,7 @@ static errno_t add_expired_warning(struct pam_data *pd, long exp_time)
|
||
|
|
||
|
data = talloc_array(pd, uint32_t, 2);
|
||
|
if (data == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_size failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_array failed.\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
@@ -249,7 +249,8 @@ errno_t check_pwexpire_policy(enum pwexpire pw_expire_type,
|
||
|
ret = EOK;
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown password expiration type.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown password expiration type %d.\n", pw_expire_type);
|
||
|
ret = EINVAL;
|
||
|
}
|
||
|
|
||
|
@@ -1355,9 +1356,10 @@ static void sdap_pam_chpass_handler_auth_done(struct tevent_req *subreq)
|
||
|
case PWEXPIRE_NONE:
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown password expiration type.\n");
|
||
|
- state->pd->pam_status = PAM_SYSTEM_ERR;
|
||
|
- goto done;
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown password expiration type %d.\n", pw_expire_type);
|
||
|
+ state->pd->pam_status = PAM_SYSTEM_ERR;
|
||
|
+ goto done;
|
||
|
}
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/ldap_child.c b/src/providers/ldap/ldap_child.c
|
||
|
index 84941c6e4..8580e2785 100644
|
||
|
--- a/src/providers/ldap/ldap_child.c
|
||
|
+++ b/src/providers/ldap/ldap_child.c
|
||
|
@@ -223,7 +223,7 @@ static int lc_verify_keytab_ex(const char *principal,
|
||
|
/* This should never happen. The API docs for this function
|
||
|
* specify only success for this function
|
||
|
*/
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,"Could not free keytab entry contents\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not free keytab entry contents\n");
|
||
|
/* This is non-fatal, so we'll continue here */
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/ldap_init.c b/src/providers/ldap/ldap_init.c
|
||
|
index cd589a7c0..2ad8680a1 100644
|
||
|
--- a/src/providers/ldap/ldap_init.c
|
||
|
+++ b/src/providers/ldap/ldap_init.c
|
||
|
@@ -43,8 +43,8 @@ struct ldap_init_ctx {
|
||
|
};
|
||
|
|
||
|
/* Please use this only for short lists */
|
||
|
-errno_t check_order_list_for_duplicates(char **list,
|
||
|
- bool case_sensitive)
|
||
|
+static errno_t check_order_list_for_duplicates(char **list,
|
||
|
+ bool case_sensitive)
|
||
|
{
|
||
|
size_t c;
|
||
|
size_t d;
|
||
|
diff --git a/src/providers/ldap/ldap_options.c b/src/providers/ldap/ldap_options.c
|
||
|
index d06d3980e..bb51785fb 100644
|
||
|
--- a/src/providers/ldap/ldap_options.c
|
||
|
+++ b/src/providers/ldap/ldap_options.c
|
||
|
@@ -408,14 +408,15 @@ int ldap_get_options(TALLOC_CTX *memctx,
|
||
|
sss_erase_talloc_mem_securely(cleartext);
|
||
|
talloc_free(cleartext);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "dp_opt_set_string failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "dp_opt_set_blob(authtok) failed.\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
ret = dp_opt_set_string(opts->basic, SDAP_DEFAULT_AUTHTOK_TYPE,
|
||
|
"password");
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "dp_opt_set_string failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "dp_opt_set_string(authtok_type) failed.\n");
|
||
|
goto done;
|
||
|
}
|
||
|
}
|
||
|
@@ -629,7 +630,8 @@ int ldap_get_autofs_options(TALLOC_CTX *memctx,
|
||
|
default_entry_map = rfc2307bis_autofs_entry_map;
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown LDAP schema!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown LDAP schema %d!\n", opts->schema_type);
|
||
|
return EINVAL;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/sdap.c b/src/providers/ldap/sdap.c
|
||
|
index 7cb00480d..32c0144b9 100644
|
||
|
--- a/src/providers/ldap/sdap.c
|
||
|
+++ b/src/providers/ldap/sdap.c
|
||
|
@@ -371,7 +371,7 @@ int sdap_get_map(TALLOC_CTX *memctx,
|
||
|
|
||
|
if (map[i].def_name && !map[i].name) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to retrieve value for %s\n", map[i].opt_name);
|
||
|
+ "Failed to process value for %s\n", map[i].opt_name);
|
||
|
talloc_zfree(map);
|
||
|
return EINVAL;
|
||
|
}
|
||
|
@@ -532,7 +532,8 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
|
||
|
if (!vals) {
|
||
|
ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
|
||
|
if (lerrno != LDAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "LDAP Library error: %d(%s)\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "ldap_get_values_len() failed: %d(%s)\n",
|
||
|
lerrno, sss_ldap_err2string(lerrno));
|
||
|
ret = EIO;
|
||
|
goto done;
|
||
|
@@ -613,7 +614,7 @@ int sdap_parse_entry(TALLOC_CTX *memctx,
|
||
|
|
||
|
ldap_get_option(sh->ldap, LDAP_OPT_RESULT_CODE, &lerrno);
|
||
|
if (lerrno) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "LDAP Library error: %d(%s)\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ldap_get_option() failed: %d(%s)\n",
|
||
|
lerrno, sss_ldap_err2string(lerrno));
|
||
|
ret = EIO;
|
||
|
goto done;
|
||
|
@@ -884,7 +885,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ldap_opt_x_tls_require_cert = LDAP_OPT_X_TLS_HARD;
|
||
|
}
|
||
|
else {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown value for tls_reqcert.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown value for tls_reqcert '%s'.\n", tls_opt);
|
||
|
return EINVAL;
|
||
|
}
|
||
|
/* LDAP_OPT_X_TLS_REQUIRE_CERT has to be set as a global option,
|
||
|
@@ -893,7 +895,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
&ldap_opt_x_tls_require_cert);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(req_cert) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
@@ -903,7 +906,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTFILE, tls_opt);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(cacertfile) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
@@ -913,7 +917,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CACERTDIR, tls_opt);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(cacertdir) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
@@ -923,7 +928,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CERTFILE, tls_opt);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(certfile) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
@@ -933,7 +939,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_KEYFILE, tls_opt);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(keyfile) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
@@ -943,7 +950,8 @@ errno_t setup_tls_config(struct dp_option *basic_opts)
|
||
|
ret = ldap_set_option(NULL, LDAP_OPT_X_TLS_CIPHER_SUITE, tls_opt);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_set_option failed: %s\n", sss_ldap_err2string(ret));
|
||
|
+ "ldap_set_option(cipher) failed: %s\n",
|
||
|
+ sss_ldap_err2string(ret));
|
||
|
return EIO;
|
||
|
}
|
||
|
}
|
||
|
diff --git a/src/providers/ldap/sdap_access.c b/src/providers/ldap/sdap_access.c
|
||
|
index dd04ec512..8add97ba8 100644
|
||
|
--- a/src/providers/ldap/sdap_access.c
|
||
|
+++ b/src/providers/ldap/sdap_access.c
|
||
|
@@ -317,7 +317,8 @@ static errno_t sdap_access_check_next_rule(struct sdap_access_req_ctx *state,
|
||
|
|
||
|
default:
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Unexpected access rule type. Access denied.\n");
|
||
|
+ "Unexpected access rule type %d. Access denied.\n",
|
||
|
+ state->access_ctx->access_rule[state->current_rule]);
|
||
|
ret = ERR_ACCESS_DENIED;
|
||
|
}
|
||
|
|
||
|
@@ -1220,13 +1221,13 @@ static errno_t sdap_save_user_cache_bool(struct sss_domain_info *domain,
|
||
|
attrs = sysdb_new_attrs(NULL);
|
||
|
if (attrs == NULL) {
|
||
|
ret = ENOMEM;
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not set up attrs\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not create attrs\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
ret = sysdb_attrs_add_bool(attrs, attr_name, value);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not set up attrs\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not set up attr value\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
@@ -1787,7 +1788,7 @@ errno_t sdap_access_ppolicy_step(struct tevent_req *req)
|
||
|
false);
|
||
|
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "sdap_access_ppolicy_send failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sdap_get_generic_send failed.\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -1913,7 +1914,7 @@ static void sdap_access_ppolicy_step_done(struct tevent_req *subreq)
|
||
|
ret = sdap_access_decide_offline(state->cached_access);
|
||
|
} else {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "sdap_get_generic_send() returned error [%d][%s]\n",
|
||
|
+ "sdap_id_op_done() returned error [%d][%s]\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/sdap_async.c b/src/providers/ldap/sdap_async.c
|
||
|
index 68d5d44f8..cc77fb249 100644
|
||
|
--- a/src/providers/ldap/sdap_async.c
|
||
|
+++ b/src/providers/ldap/sdap_async.c
|
||
|
@@ -749,7 +749,7 @@ sdap_modify_send(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = ldap_modify_ext(state->sh->ldap, dn, mods, NULL, NULL, &msgid);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Failed to send operation!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ldap_modify_ext() failed [%d]\n", ret);
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
@@ -2120,7 +2120,7 @@ static int sdap_x_deref_create_control(struct sdap_handle *sh,
|
||
|
|
||
|
ret = ldap_create_deref_control_value(sh->ldap, ds, &derefval);
|
||
|
if (ret != LDAP_SUCCESS) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "sss_ldap_control_create failed: %s\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ldap_create_deref_control_value failed: %s\n",
|
||
|
ldap_err2string(ret));
|
||
|
return ret;
|
||
|
}
|
||
|
@@ -2129,7 +2129,7 @@ static int sdap_x_deref_create_control(struct sdap_handle *sh,
|
||
|
1, &derefval, 1, ctrl);
|
||
|
ldap_memfree(derefval.bv_val);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "sss_ldap_control_create failed\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sdap_control_create failed %d\n", ret);
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
@@ -2875,7 +2875,8 @@ static void sdap_deref_search_done(struct tevent_req *subreq)
|
||
|
&state->reply_count, &state->reply);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unknown deref method\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ "Unknown deref method %d\n", state->deref_type);
|
||
|
tevent_req_error(req, EINVAL);
|
||
|
return;
|
||
|
}
|
||
|
diff --git a/src/providers/ldap/sdap_async_autofs.c b/src/providers/ldap/sdap_async_autofs.c
|
||
|
index eaca0324e..ae2fa33e1 100644
|
||
|
--- a/src/providers/ldap/sdap_async_autofs.c
|
||
|
+++ b/src/providers/ldap/sdap_async_autofs.c
|
||
|
@@ -720,7 +720,7 @@ sdap_autofs_setautomntent_send(TALLOC_CTX *memctx,
|
||
|
dp_opt_get_int(state->opts->basic,
|
||
|
SDAP_SEARCH_TIMEOUT));
|
||
|
if (!subreq) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sdap_get_automntmap_send failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto fail;
|
||
|
}
|
||
|
diff --git a/src/providers/ldap/sdap_async_connection.c b/src/providers/ldap/sdap_async_connection.c
|
||
|
index 5f69cedcc..eead3f119 100644
|
||
|
--- a/src/providers/ldap/sdap_async_connection.c
|
||
|
+++ b/src/providers/ldap/sdap_async_connection.c
|
||
|
@@ -694,10 +694,10 @@ static struct tevent_req *simple_bind_send(TALLOC_CTX *memctx,
|
||
|
LDAP_OPT_RESULT_CODE, &ldap_err);
|
||
|
if (ret != LDAP_OPT_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_bind failed (couldn't get ldap error)\n");
|
||
|
+ "ldap_sasl_bind failed (couldn't get ldap error)\n");
|
||
|
ret = LDAP_LOCAL_ERROR;
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "ldap_bind failed (%d)[%s]\n",
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "ldap_sasl_bind failed (%d)[%s]\n",
|
||
|
ldap_err, sss_ldap_err2string(ldap_err));
|
||
|
ret = ldap_err;
|
||
|
}
|
||
|
@@ -988,7 +988,7 @@ static struct tevent_req *sasl_bind_send(TALLOC_CTX *memctx,
|
||
|
(*sdap_sasl_interact), state);
|
||
|
if (ret != LDAP_SUCCESS) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "ldap_sasl_bind failed (%d)[%s]\n",
|
||
|
+ "ldap_sasl_interactive_bind_s failed (%d)[%s]\n",
|
||
|
ret, sss_ldap_err2string(ret));
|
||
|
|
||
|
optret = sss_ldap_get_diagnostic_msg(state, state->sh->ldap,
|
||
|
diff --git a/src/providers/ldap/sdap_async_groups.c b/src/providers/ldap/sdap_async_groups.c
|
||
|
index 5dbfd73c4..16c4a5f37 100644
|
||
|
--- a/src/providers/ldap/sdap_async_groups.c
|
||
|
+++ b/src/providers/ldap/sdap_async_groups.c
|
||
|
@@ -883,10 +883,7 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx,
|
||
|
const char *check_name;
|
||
|
|
||
|
if (dom->ignore_group_members) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Group members are ignored, nothing to do. If you see this " \
|
||
|
- "message it might indicate an error in the group processing " \
|
||
|
- "logic.\n");
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "Group members are ignored, nothing to do.\n");
|
||
|
return EOK;
|
||
|
}
|
||
|
|
||
|
@@ -978,7 +975,12 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx,
|
||
|
ret = sysdb_remove_attrs(group_dom, group_name, SYSDB_MEMBER_GROUP,
|
||
|
discard_const(remove_attrs));
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "sysdb_remove_attrs failed.\n");
|
||
|
+ if (ret != ENOENT) {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "sysdb_remove_attrs failed.\n");
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
+ "sysdb_remove_attrs failed for missing entry\n");
|
||
|
+ }
|
||
|
goto fail;
|
||
|
}
|
||
|
} else {
|
||
|
@@ -1014,7 +1016,7 @@ static int sdap_save_grpmem(TALLOC_CTX *memctx,
|
||
|
return EOK;
|
||
|
|
||
|
fail:
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
"Failed to save members of group %s\n", group_name);
|
||
|
return ret;
|
||
|
}
|
||
|
@@ -1130,8 +1132,13 @@ static int sdap_save_groups(TALLOC_CTX *memctx,
|
||
|
/* Do not fail completely on errors.
|
||
|
* Just report the failure to save and go on */
|
||
|
if (ret) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
- "Failed to store group %d members.\n", i);
|
||
|
+ if (ret != ENOENT) {
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ "Failed to store group %d members: %d\n", i, ret);
|
||
|
+ } else {
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
+ "Can't save members of missing group %d\n", i);
|
||
|
+ }
|
||
|
} else {
|
||
|
DEBUG(SSSDBG_TRACE_ALL, "Group %d members processed!\n", i);
|
||
|
}
|
||
|
@@ -1270,7 +1277,7 @@ sdap_process_group_send(TALLOC_CTX *memctx,
|
||
|
|
||
|
/* Group without members */
|
||
|
if (el->num_values == 0) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "No Members. Done!\n");
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "No Members. Done!\n");
|
||
|
ret = EOK;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -2249,7 +2256,7 @@ static void sdap_nested_done(struct tevent_req *subreq)
|
||
|
|
||
|
if (hash_count(state->missing_external) == 0) {
|
||
|
/* No external members. Processing complete */
|
||
|
- DEBUG(SSSDBG_TRACE_INTERNAL, "No external members, done");
|
||
|
+ DEBUG(SSSDBG_TRACE_INTERNAL, "No external members, done\n");
|
||
|
tevent_req_done(req);
|
||
|
return;
|
||
|
}
|
||
|
diff --git a/src/providers/ldap/sdap_async_initgroups.c b/src/providers/ldap/sdap_async_initgroups.c
|
||
|
index 4b5b36403..bf8f9482b 100644
|
||
|
--- a/src/providers/ldap/sdap_async_initgroups.c
|
||
|
+++ b/src/providers/ldap/sdap_async_initgroups.c
|
||
|
@@ -345,7 +345,7 @@ int sdap_initgr_common_store(struct sysdb_ctx *sysdb,
|
||
|
add_groups, ldap_groups,
|
||
|
ldap_groups_count);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Adding incomplete users failed\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Adding incomplete groups failed\n");
|
||
|
goto done;
|
||
|
}
|
||
|
}
|
||
|
@@ -1043,6 +1043,10 @@ static void sdap_initgr_nested_search(struct tevent_req *subreq)
|
||
|
state->groups[state->groups_cur] = talloc_steal(state->groups,
|
||
|
groups[0]);
|
||
|
state->groups_cur++;
|
||
|
+ } else if (count == 0) {
|
||
|
+ /* this might be HBAC or sudo rule */
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Object %s not found. Skipping\n",
|
||
|
+ state->group_dns[state->cur]);
|
||
|
} else {
|
||
|
DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Search for group %s, returned %zu results. Skipping\n",
|
||
|
diff --git a/src/providers/ldap/sdap_async_initgroups_ad.c b/src/providers/ldap/sdap_async_initgroups_ad.c
|
||
|
index eb3e779ed..80ac4c1f4 100644
|
||
|
--- a/src/providers/ldap/sdap_async_initgroups_ad.c
|
||
|
+++ b/src/providers/ldap/sdap_async_initgroups_ad.c
|
||
|
@@ -378,7 +378,7 @@ static void sdap_ad_resolve_sids_done(struct tevent_req *subreq)
|
||
|
/* Group was not found, we will ignore the error and continue with
|
||
|
* next group. This may happen for example if the group is built-in,
|
||
|
* but a custom search base is provided. */
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
"Unable to resolve SID %s - will try next sid.\n",
|
||
|
state->current_sid);
|
||
|
} else if (ret != EOK || sdap_error != EOK || dp_error != DP_ERR_OK) {
|
||
|
diff --git a/src/providers/ldap/sdap_async_sudo.c b/src/providers/ldap/sdap_async_sudo.c
|
||
|
index 5473e1df8..28b65b639 100644
|
||
|
--- a/src/providers/ldap/sdap_async_sudo.c
|
||
|
+++ b/src/providers/ldap/sdap_async_sudo.c
|
||
|
@@ -111,7 +111,7 @@ static void sdap_sudo_load_sudoers_done(struct tevent_req *subreq)
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_IMPORTANT_INFO, "Received %zu sudo rules\n",
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "Received %zu sudo rules\n",
|
||
|
state->num_rules);
|
||
|
|
||
|
tevent_req_done(req);
|
||
|
@@ -665,7 +665,7 @@ done:
|
||
|
if (in_transaction) {
|
||
|
sret = sysdb_transaction_cancel(state->sysdb);
|
||
|
if (sret != EOK) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE, "Could not cancel transaction\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Could not cancel transaction\n");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/sdap_child_helpers.c b/src/providers/ldap/sdap_child_helpers.c
|
||
|
index 9d25aea8b..480efc41b 100644
|
||
|
--- a/src/providers/ldap/sdap_child_helpers.c
|
||
|
+++ b/src/providers/ldap/sdap_child_helpers.c
|
||
|
@@ -95,14 +95,14 @@ static errno_t sdap_fork_child(struct tevent_context *ev,
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", ret, strerror(ret));
|
||
|
+ "pipe(from) failed [%d][%s].\n", ret, strerror(ret));
|
||
|
goto fail;
|
||
|
}
|
||
|
ret = pipe(pipefd_to_child);
|
||
|
if (ret == -1) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pipe failed [%d][%s].\n", ret, strerror(ret));
|
||
|
+ "pipe(to) failed [%d][%s].\n", ret, strerror(ret));
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
@@ -332,7 +332,7 @@ struct tevent_req *sdap_get_tgt_send(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = set_tgt_child_timeout(req, ev, timeout);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "activate_child_timeout_handler failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "set_tgt_child_timeout failed.\n");
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/ldap/sdap_hostid.c b/src/providers/ldap/sdap_hostid.c
|
||
|
index d90a83854..ae8caaddb 100644
|
||
|
--- a/src/providers/ldap/sdap_hostid.c
|
||
|
+++ b/src/providers/ldap/sdap_hostid.c
|
||
|
@@ -166,7 +166,7 @@ hosts_get_done(struct tevent_req *subreq)
|
||
|
}
|
||
|
|
||
|
if (state->count == 0) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
"No host with name [%s] found.\n", state->name);
|
||
|
|
||
|
ret = sysdb_delete_ssh_host(state->domain, state->name);
|
||
|
diff --git a/src/providers/ldap/sdap_id_op.c b/src/providers/ldap/sdap_id_op.c
|
||
|
index 6c803f31d..b8d76f8a5 100644
|
||
|
--- a/src/providers/ldap/sdap_id_op.c
|
||
|
+++ b/src/providers/ldap/sdap_id_op.c
|
||
|
@@ -563,7 +563,7 @@ static void sdap_id_op_connect_done(struct tevent_req *subreq)
|
||
|
"is enabled.\n");
|
||
|
} else {
|
||
|
/* be is going offline as there is no more servers to try */
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE,
|
||
|
"Failed to connect, going offline (%d [%s])\n",
|
||
|
ret, strerror(ret));
|
||
|
is_offline = true;
|
||
|
diff --git a/src/providers/proxy/proxy_auth.c b/src/providers/proxy/proxy_auth.c
|
||
|
index 926ce98f4..0e6fc8ea8 100644
|
||
|
--- a/src/providers/proxy/proxy_auth.c
|
||
|
+++ b/src/providers/proxy/proxy_auth.c
|
||
|
@@ -68,7 +68,7 @@ static struct tevent_req *proxy_child_send(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
req = tevent_req_create(mem_ctx, &state, struct proxy_child_ctx);
|
||
|
if (req == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not send PAM request to child\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "tevent_req_create() failed\n");
|
||
|
return NULL;
|
||
|
}
|
||
|
|
||
|
@@ -391,7 +391,7 @@ static void proxy_child_init_done(struct tevent_req *subreq) {
|
||
|
*/
|
||
|
sig_ctx = talloc_zero(child_ctx->auth_ctx, struct proxy_child_sig_ctx);
|
||
|
if(sig_ctx == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "tevent_add_signal failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero failed.\n");
|
||
|
tevent_req_error(req, ENOMEM);
|
||
|
return;
|
||
|
}
|
||
|
@@ -753,7 +753,7 @@ proxy_pam_handler_send(TALLOC_CTX *mem_ctx,
|
||
|
pd->pam_status = PAM_SUCCESS;
|
||
|
goto immediately;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported PAM task.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unsupported PAM task %d\n", pd->cmd);
|
||
|
pd->pam_status = PAM_MODULE_UNKNOWN;
|
||
|
goto immediately;
|
||
|
}
|
||
|
diff --git a/src/providers/proxy/proxy_child.c b/src/providers/proxy/proxy_child.c
|
||
|
index dc06f4669..bb96ec0f4 100644
|
||
|
--- a/src/providers/proxy/proxy_child.c
|
||
|
+++ b/src/providers/proxy/proxy_child.c
|
||
|
@@ -270,7 +270,7 @@ static errno_t call_pam_stack(const char *pam_target, struct pam_data *pd)
|
||
|
}
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "unknown PAM call\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "unknown PAM call %d\n", pd->cmd);
|
||
|
pam_status=PAM_ABORT;
|
||
|
}
|
||
|
|
||
|
@@ -383,13 +383,13 @@ proxy_cli_init(struct pc_ctx *ctx)
|
||
|
ret = sss_iface_connect_address(ctx, ctx->ev, sbus_cliname, sbus_address,
|
||
|
NULL, &ctx->conn);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to connect to %s\n", sbus_address);
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to connect to %s\n", sbus_address);
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
ret = sbus_connection_add_path_map(ctx->conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -580,7 +580,7 @@ int main(int argc, const char *argv[])
|
||
|
return 3;
|
||
|
}
|
||
|
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_IMPORTANT_INFO,
|
||
|
"Proxy child for domain [%s] started!\n", domain);
|
||
|
|
||
|
/* loop on main */
|
||
|
diff --git a/src/providers/proxy/proxy_client.c b/src/providers/proxy/proxy_client.c
|
||
|
index 09ebf3bda..5a4fbcde1 100644
|
||
|
--- a/src/providers/proxy/proxy_client.c
|
||
|
+++ b/src/providers/proxy/proxy_client.c
|
||
|
@@ -116,7 +116,7 @@ proxy_client_init(struct sbus_connection *conn,
|
||
|
|
||
|
ret = sbus_connection_add_path_map(conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/providers/proxy/proxy_id.c b/src/providers/proxy/proxy_id.c
|
||
|
index 82394862c..f36386089 100644
|
||
|
--- a/src/providers/proxy/proxy_id.c
|
||
|
+++ b/src/providers/proxy/proxy_id.c
|
||
|
@@ -170,7 +170,7 @@ handle_getpw_result(enum nss_status status, struct passwd *pwd,
|
||
|
switch (status) {
|
||
|
case NSS_STATUS_NOTFOUND:
|
||
|
|
||
|
- DEBUG(SSSDBG_MINOR_FAILURE, "User not found.\n");
|
||
|
+ DEBUG(SSSDBG_TRACE_FUNC, "User not found.\n");
|
||
|
*del_user = true;
|
||
|
break;
|
||
|
|
||
|
@@ -979,9 +979,7 @@ static int get_gr_name(struct proxy_id_ctx *ctx,
|
||
|
grp = talloc(tmpctx, struct group);
|
||
|
if (!grp) {
|
||
|
ret = ENOMEM;
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "proxy -> getgrnam_r failed for '%s': [%d] %s\n",
|
||
|
- i_name, ret, strerror(ret));
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc() failed\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/resolv/async_resolv.c b/src/resolv/async_resolv.c
|
||
|
index 07f05ff17..294a4b882 100644
|
||
|
--- a/src/resolv/async_resolv.c
|
||
|
+++ b/src/resolv/async_resolv.c
|
||
|
@@ -177,7 +177,7 @@ add_timeout_timer(struct tevent_context *ev, struct resolv_ctx *ctx)
|
||
|
ctx->timeout_watcher = tevent_add_timer(ev, ctx, tv, check_fd_timeouts,
|
||
|
ctx);
|
||
|
if (ctx->timeout_watcher == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Out of memory\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "tevent_add_timer() failed\n");
|
||
|
}
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/autofs/autofssrv.c b/src/responder/autofs/autofssrv.c
|
||
|
index a802ed5d0..27de1b44a 100644
|
||
|
--- a/src/responder/autofs/autofssrv.c
|
||
|
+++ b/src/responder/autofs/autofssrv.c
|
||
|
@@ -85,7 +85,7 @@ autofs_register_service_iface(struct autofs_ctx *autofs_ctx,
|
||
|
|
||
|
ret = sbus_connection_add_path(rctx->mon_conn, SSS_BUS_PATH, &iface_svc);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register service interface"
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register service interface"
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/autofs/autofssrv_cmd.c b/src/responder/autofs/autofssrv_cmd.c
|
||
|
index 6d51e75ac..7c8090993 100644
|
||
|
--- a/src/responder/autofs/autofssrv_cmd.c
|
||
|
+++ b/src/responder/autofs/autofssrv_cmd.c
|
||
|
@@ -477,7 +477,7 @@ sss_autofs_cmd_setautomntent(struct cli_ctx *cli_ctx)
|
||
|
autofs_ctx->rctx->ncache, 0, NULL,
|
||
|
cmd_ctx->mapname);
|
||
|
if (req == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "cache_req_autofs_map_by_name_send failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -685,7 +685,7 @@ sss_autofs_cmd_getautomntent(struct cli_ctx *cli_ctx)
|
||
|
|
||
|
req = autofs_setent_send(cli_ctx, cli_ctx->ev, autofs_ctx, cmd_ctx->mapname);
|
||
|
if (req == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "autofs_setent_send failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -886,7 +886,7 @@ sss_autofs_cmd_getautomntbyname(struct cli_ctx *cli_ctx)
|
||
|
cmd_ctx->mapname,
|
||
|
cmd_ctx->keyname);
|
||
|
if (req == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "cache_req_autofs_entry_by_name_send failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/responder/common/cache_req/cache_req.c b/src/responder/common/cache_req/cache_req.c
|
||
|
index 0c8538414..c6902f842 100644
|
||
|
--- a/src/responder/common/cache_req/cache_req.c
|
||
|
+++ b/src/responder/common/cache_req/cache_req.c
|
||
|
@@ -1187,7 +1187,7 @@ static errno_t cache_req_process_input(TALLOC_CTX *mem_ctx,
|
||
|
subreq = sss_parse_inp_send(mem_ctx, cr->rctx, default_domain,
|
||
|
cr->data->name.input);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sss_parse_inp_send() failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
|
||
|
index a740fbb8d..83d00f775 100644
|
||
|
--- a/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
|
||
|
+++ b/src/responder/common/cache_req/plugins/cache_req_object_by_name.c
|
||
|
@@ -47,8 +47,8 @@ cache_req_object_by_name_well_known(TALLOC_CTX *mem_ctx,
|
||
|
}
|
||
|
|
||
|
if (domname == NULL || name == NULL) {
|
||
|
- CACHE_REQ_DEBUG(SSSDBG_OP_FAILURE, cr, "Unable to split [%s] in "
|
||
|
- "name and odmain part. Skipping detection of "
|
||
|
+ CACHE_REQ_DEBUG(SSSDBG_FUNC_DATA, cr, "Unable to split [%s] in "
|
||
|
+ "name and domain part. Skipping detection of "
|
||
|
"well-known name.\n", data->name.input);
|
||
|
return ENOENT;
|
||
|
}
|
||
|
diff --git a/src/responder/common/responder_common.c b/src/responder/common/responder_common.c
|
||
|
index e8d298546..7061d018a 100644
|
||
|
--- a/src/responder/common/responder_common.c
|
||
|
+++ b/src/responder/common/responder_common.c
|
||
|
@@ -116,7 +116,7 @@ static errno_t get_client_cred(struct cli_ctx *cctx)
|
||
|
if (ret != EOK) {
|
||
|
ret = errno;
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "getsock failed [%d][%s].\n", ret, strerror(ret));
|
||
|
+ "getsockopt failed [%d][%s].\n", ret, strerror(ret));
|
||
|
return ret;
|
||
|
}
|
||
|
if (client_cred_len != sizeof(struct ucred)) {
|
||
|
@@ -805,7 +805,7 @@ sss_dp_on_reconnect(struct sbus_connection *conn,
|
||
|
SSS_BUS_PATH,
|
||
|
be_conn->cli_name);
|
||
|
if (req == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "sbus_call_dp_client_Register_send() failed\n");
|
||
|
return;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/common/responder_get_domains.c b/src/responder/common/responder_get_domains.c
|
||
|
index 10939600d..e551b0fff 100644
|
||
|
--- a/src/responder/common/responder_get_domains.c
|
||
|
+++ b/src/responder/common/responder_get_domains.c
|
||
|
@@ -630,7 +630,7 @@ static void sss_parse_inp_done(struct tevent_req *subreq)
|
||
|
state->rawinp,
|
||
|
&state->domname, &state->name);
|
||
|
if (ret == EAGAIN && state->domname != NULL && state->name == NULL) {
|
||
|
- DEBUG(SSSDBG_OP_FAILURE,
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA,
|
||
|
"Unknown domain in [%s]\n", state->rawinp);
|
||
|
state->error = ERR_DOMAIN_NOT_FOUND;
|
||
|
} else if (ret != EOK) {
|
||
|
diff --git a/src/responder/common/responder_iface.c b/src/responder/common/responder_iface.c
|
||
|
index 911cd6cc0..aaa765950 100644
|
||
|
--- a/src/responder/common/responder_iface.c
|
||
|
+++ b/src/responder/common/responder_iface.c
|
||
|
@@ -127,7 +127,7 @@ sss_resp_register_sbus_iface(struct sbus_connection *conn,
|
||
|
|
||
|
ret = sbus_connection_add_path_map(conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
@@ -151,7 +151,7 @@ sss_resp_register_service_iface(struct resp_ctx *rctx)
|
||
|
|
||
|
ret = sbus_connection_add_path(rctx->mon_conn, SSS_BUS_PATH, &iface_svc);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register service interface"
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register service interface"
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/ifp/ifp_iface/ifp_iface.c b/src/responder/ifp/ifp_iface/ifp_iface.c
|
||
|
index a3385091b..833cf6843 100644
|
||
|
--- a/src/responder/ifp/ifp_iface/ifp_iface.c
|
||
|
+++ b/src/responder/ifp/ifp_iface/ifp_iface.c
|
||
|
@@ -264,7 +264,7 @@ ifp_register_sbus_interface(struct sbus_connection *conn,
|
||
|
|
||
|
ret = sbus_connection_add_path_map(conn, paths);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to add paths [%d]: %s\n",
|
||
|
ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/ifp/ifpsrv.c b/src/responder/ifp/ifpsrv.c
|
||
|
index 17d7692d3..7407ee07b 100644
|
||
|
--- a/src/responder/ifp/ifpsrv.c
|
||
|
+++ b/src/responder/ifp/ifpsrv.c
|
||
|
@@ -67,7 +67,7 @@ sysbus_init(TALLOC_CTX *mem_ctx,
|
||
|
sysbus = sbus_connect_system(mem_ctx, ev, dbus_name,
|
||
|
&ifp_ctx->rctx->last_request_time);
|
||
|
if (sysbus == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to connect to system bus!\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to connect to system bus!\n");
|
||
|
return ERR_NO_SYSBUS;
|
||
|
}
|
||
|
|
||
|
@@ -75,13 +75,13 @@ sysbus_init(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = ifp_register_sbus_interface(sysbus, ifp_ctx);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not register interfaces\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Could not register interfaces\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
ret = ifp_register_nodes(ifp_ctx, sysbus);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Could not register nodes factories\n");
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Could not register nodes factories\n");
|
||
|
goto done;
|
||
|
}
|
||
|
|
||
|
@@ -148,7 +148,7 @@ ifp_register_service_iface(struct ifp_ctx *ifp_ctx,
|
||
|
|
||
|
ret = sbus_connection_add_path(rctx->mon_conn, SSS_BUS_PATH, &iface_svc);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register service interface"
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register service interface"
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/ifp/ifpsrv_util.c b/src/responder/ifp/ifpsrv_util.c
|
||
|
index ebc4c2118..3b3df7bc0 100644
|
||
|
--- a/src/responder/ifp/ifpsrv_util.c
|
||
|
+++ b/src/responder/ifp/ifpsrv_util.c
|
||
|
@@ -341,7 +341,7 @@ immediately:
|
||
|
list_ctx->paths = talloc_realloc(list_ctx, list_ctx->paths, const char *,
|
||
|
list_ctx->paths_max + 1);
|
||
|
if (list_ctx->paths == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "talloc_zero_array() failed\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "talloc_realloc() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/responder/nss/nss_cmd.c b/src/responder/nss/nss_cmd.c
|
||
|
index eac955b4a..844776c5f 100644
|
||
|
--- a/src/responder/nss/nss_cmd.c
|
||
|
+++ b/src/responder/nss/nss_cmd.c
|
||
|
@@ -121,7 +121,7 @@ static errno_t nss_getby_name(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, memcache, rawname, 0);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -187,7 +187,7 @@ static errno_t nss_getby_id(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, memcache, NULL, id);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -240,7 +240,7 @@ static errno_t nss_getby_svc(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, SSS_MC_NONE, NULL, 0);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
@@ -376,7 +376,7 @@ static errno_t nss_getby_cert(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, SSS_MC_NONE, NULL, 0);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -433,7 +433,7 @@ static errno_t nss_getby_sid(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, SSS_MC_NONE, NULL, 0);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -488,7 +488,7 @@ static errno_t nss_getby_addr(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_get_object_send(cmd_ctx, cli_ctx->ev, cli_ctx,
|
||
|
data, memcache, NULL, 0);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_get_object_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -640,7 +640,7 @@ static errno_t nss_setent(struct cli_ctx *cli_ctx,
|
||
|
|
||
|
subreq = nss_setent_send(cli_ctx, cli_ctx->ev, cli_ctx, type, enum_ctx);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_setent_send() failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
@@ -697,7 +697,7 @@ static errno_t nss_getent(struct cli_ctx *cli_ctx,
|
||
|
|
||
|
subreq = nss_setent_send(cli_ctx, cli_ctx->ev, cli_ctx, type, enum_ctx);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create setent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_setent_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -829,7 +829,7 @@ static errno_t sss_nss_setnetgrent(struct cli_ctx *cli_ctx,
|
||
|
subreq = nss_setnetgrent_send(cli_ctx, cli_ctx->ev, cli_ctx, type,
|
||
|
nss_ctx->netgrent, state_ctx->netgroup);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_setnetgrent_send() failed\n");
|
||
|
ret = ENOMEM;
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -904,7 +904,7 @@ static errno_t nss_getnetgrent(struct cli_ctx *cli_ctx,
|
||
|
cmd_ctx->nss_ctx->netgrent,
|
||
|
cmd_ctx->state_ctx->netgroup);
|
||
|
if (subreq == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tevent request!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "nss_setnetgrent_send() failed\n");
|
||
|
return ENOMEM;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/nss/nss_iface.c b/src/responder/nss/nss_iface.c
|
||
|
index a47b35fca..ab2ba926d 100644
|
||
|
--- a/src/responder/nss/nss_iface.c
|
||
|
+++ b/src/responder/nss/nss_iface.c
|
||
|
@@ -67,7 +67,7 @@ nss_update_initgr_memcache(struct nss_ctx *nctx,
|
||
|
ret = sysdb_initgroups(tmp_ctx, dom, fq_name, &res);
|
||
|
if (ret != EOK && ret != ENOENT) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "Failed to make request to our cache! [%d][%s]\n",
|
||
|
+ "sysdb_initgroups() failed [%d][%s]\n",
|
||
|
ret, strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
@@ -234,7 +234,7 @@ nss_register_backend_iface(struct sbus_connection *conn,
|
||
|
|
||
|
ret = sbus_connection_add_path(conn, SSS_BUS_PATH, &iface);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register service interface"
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register service interface"
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/nss/nss_protocol_netgr.c b/src/responder/nss/nss_protocol_netgr.c
|
||
|
index 1e9959c72..274d43007 100644
|
||
|
--- a/src/responder/nss/nss_protocol_netgr.c
|
||
|
+++ b/src/responder/nss/nss_protocol_netgr.c
|
||
|
@@ -159,7 +159,7 @@ nss_protocol_fill_netgrent(struct nss_ctx *nss_ctx,
|
||
|
ret = nss_protocol_fill_netgr_member(packet, entry, &rp);
|
||
|
break;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected value type!\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected value type %d!\n", entry->type);
|
||
|
ret = ERR_INTERNAL;
|
||
|
break;
|
||
|
}
|
||
|
diff --git a/src/responder/nss/nsssrv.c b/src/responder/nss/nsssrv.c
|
||
|
index 31a2750b1..e80104e3d 100644
|
||
|
--- a/src/responder/nss/nsssrv.c
|
||
|
+++ b/src/responder/nss/nsssrv.c
|
||
|
@@ -347,7 +347,7 @@ nss_register_service_iface(struct nss_ctx *nss_ctx,
|
||
|
|
||
|
ret = sbus_connection_add_path(rctx->mon_conn, SSS_BUS_PATH, &iface_svc);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to register service interface"
|
||
|
+ DEBUG(SSSDBG_FATAL_FAILURE, "Unable to register service interface"
|
||
|
"[%d]: %s\n", ret, sss_strerror(ret));
|
||
|
}
|
||
|
|
||
|
diff --git a/src/responder/pam/pamsrv_cmd.c b/src/responder/pam/pamsrv_cmd.c
|
||
|
index d3f092b2b..c526f665b 100644
|
||
|
--- a/src/responder/pam/pamsrv_cmd.c
|
||
|
+++ b/src/responder/pam/pamsrv_cmd.c
|
||
|
@@ -138,7 +138,7 @@ static void inform_user(struct pam_data* pd, const char *pam_message)
|
||
|
ret = pack_user_info_msg(pd, pam_message, &msg_len, &msg);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
- "pack_user_info_account_expired failed.\n");
|
||
|
+ "pack_user_info_msg failed.\n");
|
||
|
} else {
|
||
|
ret = pam_add_response(pd, SSS_PAM_USER_INFO, msg_len, msg);
|
||
|
if (ret != EOK) {
|
||
|
diff --git a/src/responder/pam/pamsrv_p11.c b/src/responder/pam/pamsrv_p11.c
|
||
|
index e1fd72e64..bf285c264 100644
|
||
|
--- a/src/responder/pam/pamsrv_p11.c
|
||
|
+++ b/src/responder/pam/pamsrv_p11.c
|
||
|
@@ -425,7 +425,7 @@ bool may_do_cert_auth(struct pam_ctx *pctx, struct pam_data *pd)
|
||
|
}
|
||
|
}
|
||
|
if (pctx->smartcard_services[c] == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_CONF_SETTINGS,
|
||
|
"Smartcard authentication for service [%s] not supported.\n",
|
||
|
pd->service);
|
||
|
return false;
|
||
|
@@ -810,7 +810,7 @@ struct tevent_req *pam_check_cert_send(TALLOC_CTX *mem_ctx,
|
||
|
} else if (pd->cmd == SSS_PAM_PREAUTH) {
|
||
|
extra_args[arg_c++] = "--pre";
|
||
|
} else {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected PAM command [%d}.\n", pd->cmd);
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "Unexpected PAM command [%d].\n", pd->cmd);
|
||
|
ret = EINVAL;
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/sbus/router/sbus_router_handler.c b/src/sbus/router/sbus_router_handler.c
|
||
|
index 91a84c51b..a92cf524b 100644
|
||
|
--- a/src/sbus/router/sbus_router_handler.c
|
||
|
+++ b/src/sbus/router/sbus_router_handler.c
|
||
|
@@ -239,7 +239,8 @@ sbus_signal_handler(struct sbus_connection *conn,
|
||
|
list = sbus_router_listeners_lookup(router->listeners, meta->interface,
|
||
|
meta->member);
|
||
|
if (list == NULL) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "We do not listen to this signal!\n");
|
||
|
+ /* Most probably not fully initialized yet */
|
||
|
+ DEBUG(SSSDBG_FUNC_DATA, "We do not listen to this signal!\n");
|
||
|
return DBUS_HANDLER_RESULT_NOT_YET_HANDLED;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/sss_iface/sss_iface.c b/src/sss_iface/sss_iface.c
|
||
|
index e20c14fea..ed70e30eb 100644
|
||
|
--- a/src/sss_iface/sss_iface.c
|
||
|
+++ b/src/sss_iface/sss_iface.c
|
||
|
@@ -116,8 +116,8 @@ sss_iface_connect_address(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
conn = sbus_connect_private(mem_ctx, ev, address,
|
||
|
conn_name, last_request_time);
|
||
|
- if (conn == NULL) {
|
||
|
- return ENOMEM;
|
||
|
+ if (conn == NULL) { /* most probably sbus_dbus_connect_address() failed */
|
||
|
+ return EFAULT;
|
||
|
}
|
||
|
|
||
|
*_conn = conn;
|
||
|
diff --git a/src/util/child_common.c b/src/util/child_common.c
|
||
|
index 5cac725ca..7e8c30552 100644
|
||
|
--- a/src/util/child_common.c
|
||
|
+++ b/src/util/child_common.c
|
||
|
@@ -768,7 +768,7 @@ void exec_child_ex(TALLOC_CTX *mem_ctx,
|
||
|
binary, extra_argv, extra_args_only,
|
||
|
&argv);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "prepare_child_argv.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "prepare_child_argv() failed.\n");
|
||
|
exit(EXIT_FAILURE);
|
||
|
}
|
||
|
|
||
|
diff --git a/src/util/debug.h b/src/util/debug.h
|
||
|
index 20db0f5e4..43d36720f 100644
|
||
|
--- a/src/util/debug.h
|
||
|
+++ b/src/util/debug.h
|
||
|
@@ -91,8 +91,8 @@ int get_fd_from_debug_file(void);
|
||
|
/* enables all debug levels;
|
||
|
0x0800 isn't used for historical reasons: 0x1FFF0 - 0x0800 = 0x1F7F0
|
||
|
*/
|
||
|
-#define SSSDBG_MASK_ALL 0x1F7F0
|
||
|
-#define SSSDBG_DEFAULT SSSDBG_FATAL_FAILURE
|
||
|
+#define SSSDBG_MASK_ALL 0x1F7F0
|
||
|
+#define SSSDBG_DEFAULT (SSSDBG_FATAL_FAILURE|SSSDBG_CRIT_FAILURE|SSSDBG_OP_FAILURE)
|
||
|
|
||
|
#define SSSDBG_TIMESTAMP_UNRESOLVED -1
|
||
|
#define SSSDBG_TIMESTAMP_DEFAULT 1
|
||
|
diff --git a/src/util/domain_info_utils.c b/src/util/domain_info_utils.c
|
||
|
index 4d4726daa..57157861e 100644
|
||
|
--- a/src/util/domain_info_utils.c
|
||
|
+++ b/src/util/domain_info_utils.c
|
||
|
@@ -207,7 +207,7 @@ find_domain_by_object_name_ex(struct sss_domain_info *domain,
|
||
|
ret = sss_parse_internal_fqname(tmp_ctx, object_name,
|
||
|
NULL, &domainname);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse name '%s' [%d]: %s\n",
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE, "Unable to parse name '%s' [%d]: %s\n",
|
||
|
object_name, ret, sss_strerror(ret));
|
||
|
goto done;
|
||
|
}
|
||
|
diff --git a/src/util/server.c b/src/util/server.c
|
||
|
index b27cbc155..869ed62a6 100644
|
||
|
--- a/src/util/server.c
|
||
|
+++ b/src/util/server.c
|
||
|
@@ -374,7 +374,7 @@ static void te_server_hup(struct tevent_context *ev,
|
||
|
struct logrotate_ctx *lctx =
|
||
|
talloc_get_type(private_data, struct logrotate_ctx);
|
||
|
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Received SIGHUP. Rotating logfiles.\n");
|
||
|
+ DEBUG(SSSDBG_IMPORTANT_INFO, "Received SIGHUP. Rotating logfiles.\n");
|
||
|
|
||
|
ret = server_common_rotate_logs(lctx->confdb, lctx->confdb_path);
|
||
|
if (ret != EOK) {
|
||
|
@@ -462,6 +462,7 @@ int server_setup(const char *name, int flags,
|
||
|
int watchdog_interval;
|
||
|
pid_t my_pid;
|
||
|
char *pidfile_name;
|
||
|
+ int cfg_debug_level = SSSDBG_INVALID;
|
||
|
|
||
|
my_pid = getpid();
|
||
|
ret = setpgid(my_pid, my_pid);
|
||
|
@@ -588,20 +589,20 @@ int server_setup(const char *name, int flags,
|
||
|
/* set debug level if any in conf_entry */
|
||
|
ret = confdb_get_int(ctx->confdb_ctx, conf_entry,
|
||
|
CONFDB_SERVICE_DEBUG_LEVEL,
|
||
|
- SSSDBG_UNRESOLVED,
|
||
|
- &debug_level);
|
||
|
+ SSSDBG_INVALID,
|
||
|
+ &cfg_debug_level);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_FATAL_FAILURE, "Error reading from confdb (%d) "
|
||
|
"[%s]\n", ret, strerror(ret));
|
||
|
return ret;
|
||
|
}
|
||
|
|
||
|
- if (debug_level == SSSDBG_UNRESOLVED) {
|
||
|
+ if (cfg_debug_level == SSSDBG_INVALID) {
|
||
|
/* Check for the `debug` alias */
|
||
|
ret = confdb_get_int(ctx->confdb_ctx, conf_entry,
|
||
|
CONFDB_SERVICE_DEBUG_LEVEL_ALIAS,
|
||
|
SSSDBG_DEFAULT,
|
||
|
- &debug_level);
|
||
|
+ &cfg_debug_level);
|
||
|
if (ret != EOK) {
|
||
|
DEBUG(SSSDBG_FATAL_FAILURE, "Error reading from confdb (%d) "
|
||
|
"[%s]\n", ret, strerror(ret));
|
||
|
@@ -609,7 +610,7 @@ int server_setup(const char *name, int flags,
|
||
|
}
|
||
|
}
|
||
|
|
||
|
- debug_level = debug_convert_old_level(debug_level);
|
||
|
+ debug_level = debug_convert_old_level(cfg_debug_level);
|
||
|
}
|
||
|
|
||
|
/* same for debug timestamps */
|
||
|
@@ -678,6 +679,8 @@ int server_setup(const char *name, int flags,
|
||
|
return ret;
|
||
|
}
|
||
|
}
|
||
|
+ DEBUG(SSSDBG_IMPORTANT_INFO,
|
||
|
+ "Starting with debug level = %#.4x\n", debug_level);
|
||
|
|
||
|
/* Setup the internal watchdog */
|
||
|
ret = confdb_get_int(ctx->confdb_ctx, conf_entry,
|
||
|
diff --git a/src/util/sss_sockets.c b/src/util/sss_sockets.c
|
||
|
index c6504ae13..8944e2c4e 100644
|
||
|
--- a/src/util/sss_sockets.c
|
||
|
+++ b/src/util/sss_sockets.c
|
||
|
@@ -322,7 +322,7 @@ struct tevent_req *sssd_async_socket_init_send(TALLOC_CTX *mem_ctx,
|
||
|
|
||
|
ret = set_fcntl_flags(state->sd, FD_CLOEXEC, O_NONBLOCK);
|
||
|
if (ret != EOK) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "settting fd flags failed.\n");
|
||
|
+ DEBUG(SSSDBG_CRIT_FAILURE, "setting fd flags failed.\n");
|
||
|
goto fail;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/util/string_utils.c b/src/util/string_utils.c
|
||
|
index 1215ec96a..f54395a59 100644
|
||
|
--- a/src/util/string_utils.c
|
||
|
+++ b/src/util/string_utils.c
|
||
|
@@ -90,7 +90,7 @@ errno_t guid_blob_to_string_buf(const uint8_t *blob, char *str_buf,
|
||
|
int ret;
|
||
|
|
||
|
if (blob == NULL || str_buf == NULL || buf_size < GUID_STR_BUF_SIZE) {
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE, "Buffer too small.\n");
|
||
|
+ DEBUG(SSSDBG_OP_FAILURE, "Buffer too small.\n");
|
||
|
return EINVAL;
|
||
|
}
|
||
|
|
||
|
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
|
||
|
index 05a66d293..b5c7419a9 100644
|
||
|
--- a/src/util/util_errors.c
|
||
|
+++ b/src/util/util_errors.c
|
||
|
@@ -165,6 +165,7 @@ errno_t sss_ldb_error_to_errno(int ldberr)
|
||
|
case LDB_ERR_OPERATIONS_ERROR:
|
||
|
return EIO;
|
||
|
case LDB_ERR_NO_SUCH_OBJECT:
|
||
|
+ case LDB_ERR_NO_SUCH_ATTRIBUTE:
|
||
|
return ENOENT;
|
||
|
case LDB_ERR_BUSY:
|
||
|
return EBUSY;
|
||
|
@@ -174,7 +175,7 @@ errno_t sss_ldb_error_to_errno(int ldberr)
|
||
|
case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
|
||
|
return EINVAL;
|
||
|
default:
|
||
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
||
|
+ DEBUG(SSSDBG_MINOR_FAILURE,
|
||
|
"LDB returned unexpected error: [%i]\n",
|
||
|
ldberr);
|
||
|
return EFAULT;
|
||
|
--
|
||
|
2.21.3
|
||
|
|