diff --git a/0030-sssctl-Showing-help-even-when-sssd-not-configured.patch b/0030-sssctl-Showing-help-even-when-sssd-not-configured.patch new file mode 100644 index 0000000..949cb9a --- /dev/null +++ b/0030-sssctl-Showing-help-even-when-sssd-not-configured.patch @@ -0,0 +1,101 @@ +From 3d0fd106754c7614f5d9fb3875d0b40092d200f3 Mon Sep 17 00:00:00 2001 +From: amitkuma +Date: Thu, 15 Feb 2018 18:21:10 +0530 +Subject: [PATCH] sssctl: Showing help even when sssd not configured +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +On a clean and unconfigured system, it's not possible +to use --help. +1) dnf install sssd-tools +2) sssctl cache-remove --help +Shows: +[confdb_get_domains] (0x0010): No domains configured, fatal error! + +Solution: Donot check for confdb initialization when sssctl 3rd +command line argument passed is '--help'. + +Please note when we run 'sssctl --help' on unconfigured system +confdb check is not done and proper o/p is seen. + +Resolves: https://pagure.io/SSSD/sssd/issue/3634 + +Reviewed-by: Pavel Březina +(cherry picked from commit b8db8c2d83d1d75c42c1e17145d3907211b3a146) +--- + src/tools/common/sss_tools.c | 19 ++++++++++++------- + src/tools/common/sss_tools.h | 1 + + 2 files changed, 13 insertions(+), 7 deletions(-) + +diff --git a/src/tools/common/sss_tools.c b/src/tools/common/sss_tools.c +index 4832db5a0..d45584ce1 100644 +--- a/src/tools/common/sss_tools.c ++++ b/src/tools/common/sss_tools.c +@@ -58,11 +58,14 @@ static void sss_tool_common_opts(struct sss_tool_ctx *tool_ctx, + poptContext pc; + int debug = SSSDBG_DEFAULT; + int orig_argc = *argc; ++ int help = 0; + int opt; + + struct poptOption options[] = { + {"debug", '\0', POPT_ARG_INT | POPT_ARGFLAG_STRIP, &debug, + 0, _("The debug level to run with"), NULL }, ++ {"help", '?', POPT_ARG_VAL | POPT_ARGFLAG_DOC_HIDDEN, &help, ++ 1, NULL, NULL }, + POPT_TABLEEND + }; + +@@ -74,6 +77,7 @@ static void sss_tool_common_opts(struct sss_tool_ctx *tool_ctx, + /* Strip common options from arguments. We will discard_const here, + * since it is not worth the trouble to convert it back and forth. */ + *argc = poptStrippedArgv(pc, orig_argc, discard_const_p(char *, argv)); ++ tool_ctx->print_help = help; + + DEBUG_CLI_INIT(debug); + +@@ -187,7 +191,6 @@ errno_t sss_tool_init(TALLOC_CTX *mem_ctx, + } + + sss_tool_common_opts(tool_ctx, argc, argv); +- + *_tool_ctx = tool_ctx; + + return EOK; +@@ -341,12 +344,14 @@ errno_t sss_tool_route(int argc, const char **argv, + return tool_ctx->init_err; + } + +- ret = tool_cmd_init(tool_ctx, &commands[i]); +- if (ret != EOK) { +- DEBUG(SSSDBG_FATAL_FAILURE, +- "Command initialization failed [%d] %s\n", +- ret, sss_strerror(ret)); +- return ret; ++ if (!tool_ctx->print_help) { ++ ret = tool_cmd_init(tool_ctx, &commands[i]); ++ if (ret != EOK) { ++ DEBUG(SSSDBG_FATAL_FAILURE, ++ "Command initialization failed [%d] %s\n", ++ ret, sss_strerror(ret)); ++ return ret; ++ } + } + + return commands[i].fn(&cmdline, tool_ctx, pvt); +diff --git a/src/tools/common/sss_tools.h b/src/tools/common/sss_tools.h +index 848009365..0e4308ee6 100644 +--- a/src/tools/common/sss_tools.h ++++ b/src/tools/common/sss_tools.h +@@ -29,6 +29,7 @@ + struct sss_tool_ctx { + struct confdb_ctx *confdb; + ++ bool print_help; + errno_t init_err; + char *default_domain; + struct sss_domain_info *domains; +-- +2.14.3 + diff --git a/0031-sssctl-move-check-for-version-error-to-correct-place.patch b/0031-sssctl-move-check-for-version-error-to-correct-place.patch new file mode 100644 index 0000000..2ee637f --- /dev/null +++ b/0031-sssctl-move-check-for-version-error-to-correct-place.patch @@ -0,0 +1,90 @@ +From 08fced82ad1a8bc03c69f84bcfdb495a5f473165 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Pavel=20B=C5=99ezina?= +Date: Tue, 3 Apr 2018 10:20:29 +0200 +Subject: [PATCH] sssctl: move check for version error to correct place +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +This check was added here: + +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 490) int sss_tool_main(int argc, const char **argv, +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 491) struct sss_route_cmd *commands, +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 492) void *pvt) +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 493) { +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 494) struct sss_tool_ctx *tool_ctx; +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 495) uid_t uid; +e98ccef2 (Pavel Březina 2016-06-09 16:13:34 +0200 496) errno_t ret; +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 497) +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 498) uid = getuid(); +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 499) if (uid != 0) { +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 500) DEBUG(SSSDBG_CRIT_FAILURE, "Running under %d, must be root\n", uid); +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 501) ERROR("%1$s must be run as root\n", argv[0]); +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 502) return EXIT_FAILURE; +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 503) } +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 504) +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 505) ret = sss_tool_init(NULL, &argc, argv, &tool_ctx); +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 506) if (ret == ERR_SYSDB_VERSION_TOO_OLD) { +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 507) tool_ctx->init_err = ret; +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 508) } else if (ret != EOK) { +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 509) DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tool context\n"); +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 510) return EXIT_FAILURE; +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 511) } + +But then the initialization code was moved from sss_tool_init to tool_cmd_init which is called from sss_tool_route. + +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 328) if (!sss_tools_handles_init_error(&commands[i], tool_ctx->init_err)) { +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 329) DEBUG(SSSDBG_FATAL_FAILURE, +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 330) "Command %s does not handle initialization error [%d] %s\n", +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 331) cmdline.command, tool_ctx->init_err, +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 332) sss_strerror(tool_ctx->init_err)); +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 333) return tool_ctx->init_err; +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 334) } +a0b824ac (Jakub Hrozek 2016-07-01 13:26:38 +0200 335) +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 336) ret = tool_cmd_init(tool_ctx, &commands[i]); +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 337) if (ret != EOK) { +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 338) DEBUG(SSSDBG_FATAL_FAILURE, +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 339) "Command initialization failed [%d] %s\n", +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 340) ret, sss_strerror(ret)); +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 341) return ret; +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 342) } +cbee11e9 (Michal Židek 2016-10-12 13:09:37 +0200 343) +284937e6 (Pavel Březina 2015-07-22 10:02:02 +0200 344) return commands[i].fn(&cmdline, tool_ctx, pvt); + +This rendered the original change a dead code, because sss_tool_init only returns ENOMEM or EOK. + +Reviewed-by: Fabiano Fidêncio +(cherry picked from commit fe58f0fbf34de5931ce3305396e5e4467796a325) +--- + src/tools/common/sss_tools.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/src/tools/common/sss_tools.c b/src/tools/common/sss_tools.c +index d45584ce1..701db2d93 100644 +--- a/src/tools/common/sss_tools.c ++++ b/src/tools/common/sss_tools.c +@@ -346,7 +346,9 @@ errno_t sss_tool_route(int argc, const char **argv, + + if (!tool_ctx->print_help) { + ret = tool_cmd_init(tool_ctx, &commands[i]); +- if (ret != EOK) { ++ if (ret == ERR_SYSDB_VERSION_TOO_OLD) { ++ tool_ctx->init_err = ret; ++ } else if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Command initialization failed [%d] %s\n", + ret, sss_strerror(ret)); +@@ -516,9 +518,7 @@ int sss_tool_main(int argc, const char **argv, + } + + ret = sss_tool_init(NULL, &argc, argv, &tool_ctx); +- if (ret == ERR_SYSDB_VERSION_TOO_OLD) { +- tool_ctx->init_err = ret; +- } else if (ret != EOK) { ++ if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unable to create tool context\n"); + return EXIT_FAILURE; + } +-- +2.14.3 + diff --git a/sssd.spec b/sssd.spec index c86fa78..2a5d6ea 100644 --- a/sssd.spec +++ b/sssd.spec @@ -71,6 +71,8 @@ Patch0026: 0026-GPO-Add-ad_options-to-ad_gpo_process_som_state.patch Patch0027: 0027-GPO-Use-AD-site-override-if-set.patch Patch0028: 0028-nss-initialize-nss_enum_index-in-nss_setnetgrent.patch Patch0029: 0029-nss-add-a-netgroup-counter-to-struct-nss_enum_index.patch +Patch0030: 0030-sssctl-Showing-help-even-when-sssd-not-configured.patch +Patch0031: 0031-sssctl-move-check-for-version-error-to-correct-place.patch Patch0502: 0502-SYSTEMD-Use-capabilities.patch Patch0503: 0503-Disable-stopping-idle-socket-activated-responders.patch @@ -1283,6 +1285,8 @@ fi - Resolves: upstream#3402 - Support alternative sources for the files provider - Resolves: upstream#3646 - SSSD's GPO code ignores ad_site option - Resolves: upstream#3679 - Make nss netgroup requests more robust +- Resolves: upstream#3634 - sssctl COMMAND --help fails if sssd is not + configured * Fri Mar 30 2018 Fabiano Fidêncio - 1.16.1-2 - Resolves: upstream#3573 - sssd won't show netgroups with blank domain