c0971b7e39
- Resolves: upstream#3821 - crash related to sbus_router_destructor()
- Resolves: upstream#3810 - sbus2: fix memory leak in sbus_message_bound_ref
- Resolves: upstream#3819 - sssd only sets the SELinux login context if it
differs from the default
- Resolves: upstream#3807 - The sbus codegen script relies on "python" which
might not be available on all distributions
- Resolves: upstream#3820 - sudo: search with lower cased name for case
insensitive domains
- Resolves: upstream#3701 - [RFE] Allow changing default behavior of SSSD from
an allow-any default to a deny-any default when it
can't find any GPOs to apply to a user login.
- Resolves: upstream#3828 - Invalid domain provider causes SSSD to abort
startup
- Resolves: upstream#3500 - Make sure sssd is a replacement for pam_pkcs11
also for local account authentication
- Resolves: upstream#3812 - sssd 2.0.0 segfaults on startup
- Resolves: upstream#3826 - Remove references of sss_user/group/add/del
commands in man pages since local provider is
deprecated
- Resolves: upstream#3827 - SSSD should log to syslog if a domain is not
started due to a misconfiguration
- Resolves: upstream#3830 - Printing incorrect information about domain with
sssctl utility
- Resolves: upstream#3489 - p11_child should work wit openssl1.0+
- Resolves: upstream#3750 - [RFE] man 5 sssd-files should mention necessary
changes in nsswitch.conf
- Resovles: upstream#3650 - RFE: Require smartcard authentication
- Resolves: upstream#3334 - sssctl config-check does not check any special
characters in domain name of domain section
- Resolves: upstream#3849 - Files: The files provider always enumerates
which causes duplicate when running getent passwd
- Related: upstream#3855 - session not recording for local user when groups
defined
- Resolves: upstream#3802 - Reuse sysdb_error_to_errno() outside sysdb
- Related: upstream#3493 - Remove the pysss.local interface
361 lines
13 KiB
Diff
361 lines
13 KiB
Diff
From f62f3b290cb5393bf9c4a9c2c424fd5c5185fe44 Mon Sep 17 00:00:00 2001
|
|
From: Tomas Halman <thalman@redhat.com>
|
|
Date: Wed, 3 Oct 2018 11:44:13 +0200
|
|
Subject: [PATCH 1/5] UTIL: move and rename sysdb_error_to_errno to utils
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The function sysdb_error_to_errno() is used by multiple component,
|
|
so we want to move it to shared place. Function is renamed to
|
|
sss_ldb_error_to_errno() and moved to util/util_errors.c.
|
|
|
|
Old name is still #defined in sysdb.h and points to new
|
|
name.
|
|
|
|
Also few places where ldb error code was handled manually
|
|
has been updated to use sss_ldb_error_to_errno.
|
|
|
|
Resolves:
|
|
https://pagure.io/SSSD/sssd/issue/3802
|
|
|
|
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
|
|
Reviewed-by: Michal Židek <mzidek@redhat.com>
|
|
---
|
|
src/confdb/confdb.c | 6 ++---
|
|
src/confdb/confdb_setup.c | 6 ++---
|
|
src/db/sysdb.c | 25 ---------------------
|
|
src/db/sysdb.h | 6 ++---
|
|
.../common/cache_req/cache_req_sr_overlay.c | 4 ++--
|
|
src/responder/ifp/ifp_cache.c | 2 +-
|
|
src/tools/sss_override.c | 6 ++---
|
|
src/util/secrets/secrets.c | 26 +++++++---------------
|
|
src/util/util_errors.c | 25 +++++++++++++++++++++
|
|
src/util/util_errors.h | 3 +++
|
|
10 files changed, 51 insertions(+), 58 deletions(-)
|
|
|
|
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
|
|
index fdc6122..b0d886c 100644
|
|
--- a/src/confdb/confdb.c
|
|
+++ b/src/confdb/confdb.c
|
|
@@ -842,7 +842,7 @@ static int confdb_get_domain_section(TALLOC_CTX *mem_ctx,
|
|
ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn,
|
|
LDB_SCOPE_BASE, NULL, NULL);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -2076,7 +2076,7 @@ static int confdb_merge_parent_domain(const char *name,
|
|
|
|
ret = ldb_modify(cdb->ldb, replace_msg);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"Inheriting options from parent domain failed [%d]: %s\n",
|
|
ret, sss_strerror(ret));
|
|
@@ -2131,7 +2131,7 @@ static int confdb_merge_parent_domain(const char *name,
|
|
*/
|
|
ret = sss_ldb_modify_permissive(cdb->ldb, app_msg);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"Adding app-specific options failed [%d]: %s\n",
|
|
ret, sss_strerror(ret));
|
|
diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c
|
|
index 5e35589..c2b7f9f 100644
|
|
--- a/src/confdb/confdb_setup.c
|
|
+++ b/src/confdb/confdb_setup.c
|
|
@@ -96,7 +96,7 @@ static int confdb_purge(struct confdb_ctx *cdb)
|
|
ret = ldb_search(cdb->ldb, tmp_ctx, &res, dn,
|
|
LDB_SCOPE_SUBTREE, attrs, NULL);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -104,7 +104,7 @@ static int confdb_purge(struct confdb_ctx *cdb)
|
|
/* Delete this DN */
|
|
ret = ldb_delete(cdb->ldb, res->msgs[i]->dn);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
}
|
|
@@ -313,7 +313,7 @@ static int confdb_init_db(const char *config_file, const char *config_dir,
|
|
DEBUG(SSSDBG_FATAL_FAILURE,
|
|
"Failed to start a transaction for "
|
|
"updating the configuration\n");
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
in_transaction = true;
|
|
diff --git a/src/db/sysdb.c b/src/db/sysdb.c
|
|
index 06d7f27..51acb86 100644
|
|
--- a/src/db/sysdb.c
|
|
+++ b/src/db/sysdb.c
|
|
@@ -871,31 +871,6 @@ char *sysdb_group_strdn(TALLOC_CTX *mem_ctx,
|
|
return build_dom_dn_str_escape(mem_ctx, SYSDB_TMPL_GROUP, domain, name);
|
|
}
|
|
|
|
-/* TODO: make a more complete and precise mapping */
|
|
-int sysdb_error_to_errno(int ldberr)
|
|
-{
|
|
- switch (ldberr) {
|
|
- case LDB_SUCCESS:
|
|
- return EOK;
|
|
- case LDB_ERR_OPERATIONS_ERROR:
|
|
- return EIO;
|
|
- case LDB_ERR_NO_SUCH_OBJECT:
|
|
- return ENOENT;
|
|
- case LDB_ERR_BUSY:
|
|
- return EBUSY;
|
|
- case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
|
|
- case LDB_ERR_ENTRY_ALREADY_EXISTS:
|
|
- return EEXIST;
|
|
- case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
|
|
- return EINVAL;
|
|
- default:
|
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
|
- "LDB returned unexpected error: [%s]\n",
|
|
- ldb_strerror(ldberr));
|
|
- return EFAULT;
|
|
- }
|
|
-}
|
|
-
|
|
/* =Transactions========================================================== */
|
|
|
|
int sysdb_transaction_start(struct sysdb_ctx *sysdb)
|
|
diff --git a/src/db/sysdb.h b/src/db/sysdb.h
|
|
index 2187947..f6e3160 100644
|
|
--- a/src/db/sysdb.h
|
|
+++ b/src/db/sysdb.h
|
|
@@ -454,9 +454,6 @@ errno_t sysdb_get_highest_usn(TALLOC_CTX *mem_ctx,
|
|
size_t num_attrs,
|
|
char **_usn);
|
|
|
|
-/* convert an ldb error into an errno error */
|
|
-int sysdb_error_to_errno(int ldberr);
|
|
-
|
|
/* DNs related helper functions */
|
|
errno_t sysdb_get_rdn(struct sysdb_ctx *sysdb, TALLOC_CTX *mem_ctx,
|
|
const char *dn, char **_name, char **_val);
|
|
@@ -1434,4 +1431,7 @@ errno_t sysdb_handle_original_uuid(const char *orig_name,
|
|
struct sysdb_attrs *dest_attrs,
|
|
const char *dest_name);
|
|
|
|
+/* define old name for backward compatibility */
|
|
+#define sysdb_error_to_errno(ldberr) sss_ldb_error_to_errno(ldberr)
|
|
+
|
|
#endif /* __SYS_DB_H__ */
|
|
diff --git a/src/responder/common/cache_req/cache_req_sr_overlay.c b/src/responder/common/cache_req/cache_req_sr_overlay.c
|
|
index 60da26f..b06a80a 100644
|
|
--- a/src/responder/common/cache_req/cache_req_sr_overlay.c
|
|
+++ b/src/responder/common/cache_req/cache_req_sr_overlay.c
|
|
@@ -192,7 +192,7 @@ static errno_t cache_req_sr_overlay_match_users(
|
|
}
|
|
lret = ldb_msg_add_string(msg, SYSDB_SESSION_RECORDING, enabled_str);
|
|
if (lret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(lret);
|
|
+ ret = sss_ldb_error_to_errno(lret);
|
|
CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, cr,
|
|
"Failed adding %s attribute: %s\n",
|
|
SYSDB_SESSION_RECORDING, sss_strerror(ret));
|
|
@@ -279,7 +279,7 @@ static void cache_req_sr_overlay_match_all_step_done(
|
|
}
|
|
lret = ldb_msg_add_string(msg, SYSDB_SESSION_RECORDING, enabled_copy);
|
|
if (lret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(lret);
|
|
+ ret = sss_ldb_error_to_errno(lret);
|
|
CACHE_REQ_DEBUG(SSSDBG_CRIT_FAILURE, state->cr,
|
|
"Failed adding %s attribute: %s\n",
|
|
SYSDB_SESSION_RECORDING, sss_strerror(ret));
|
|
diff --git a/src/responder/ifp/ifp_cache.c b/src/responder/ifp/ifp_cache.c
|
|
index 083f274..27681d0 100644
|
|
--- a/src/responder/ifp/ifp_cache.c
|
|
+++ b/src/responder/ifp/ifp_cache.c
|
|
@@ -119,7 +119,7 @@ ifp_cache_get_cached_objects(TALLOC_CTX *mem_ctx,
|
|
SYSDB_IFP_CACHED);
|
|
if (ldb_ret != LDB_SUCCESS) {
|
|
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to search the cache\n");
|
|
- ret = sysdb_error_to_errno(ldb_ret);
|
|
+ ret = sss_ldb_error_to_errno(ldb_ret);
|
|
goto done;
|
|
}
|
|
|
|
diff --git a/src/tools/sss_override.c b/src/tools/sss_override.c
|
|
index 21fe62d..a12aa27 100644
|
|
--- a/src/tools/sss_override.c
|
|
+++ b/src/tools/sss_override.c
|
|
@@ -936,7 +936,7 @@ static errno_t override_object_del(struct sss_domain_info *domain,
|
|
ret = ldb_msg_add_empty(msg, SYSDB_OVERRIDE_DN, LDB_FLAG_MOD_DELETE, NULL);
|
|
if (ret != LDB_SUCCESS) {
|
|
DEBUG(SSSDBG_OP_FAILURE, "ldb_msg_add_empty() failed\n");
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -945,7 +945,7 @@ static errno_t override_object_del(struct sss_domain_info *domain,
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"ldb_modify() failed: [%s](%d)[%s]\n",
|
|
ldb_strerror(ret), ret, ldb_errstring(ldb));
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -1025,7 +1025,7 @@ static errno_t append_name(struct sss_domain_info *domain,
|
|
|
|
ret = ldb_msg_add_string(override, ORIGNAME, fqname);
|
|
if (ret != LDB_SUCCESS) {
|
|
- ret = sysdb_error_to_errno(ret);
|
|
+ ret = sss_ldb_error_to_errno(ret);
|
|
DEBUG(SSSDBG_CRIT_FAILURE, "Unable to add attribute to msg\n");
|
|
goto done;
|
|
}
|
|
diff --git a/src/util/secrets/secrets.c b/src/util/secrets/secrets.c
|
|
index ca3e657..6a317a0 100644
|
|
--- a/src/util/secrets/secrets.c
|
|
+++ b/src/util/secrets/secrets.c
|
|
@@ -417,17 +417,16 @@ static int local_db_create(struct sss_sec_req *req)
|
|
}
|
|
|
|
ret = ldb_add(req->sctx->ldb, msg);
|
|
- if (ret != EOK) {
|
|
+ if (ret != LDB_SUCCESS) {
|
|
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"Secret %s already exists\n", ldb_dn_get_linearized(msg->dn));
|
|
- ret = EEXIST;
|
|
} else {
|
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
"Failed to add secret [%s]: [%d]: %s\n",
|
|
ldb_dn_get_linearized(msg->dn), ret, ldb_strerror(ret));
|
|
- ret = EIO;
|
|
}
|
|
+ ret = sss_ldb_error_to_errno (ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -1109,17 +1108,16 @@ errno_t sss_sec_put(struct sss_sec_req *req,
|
|
}
|
|
|
|
ret = ldb_add(req->sctx->ldb, msg);
|
|
- if (ret != EOK) {
|
|
+ if (ret != LDB_SUCCESS) {
|
|
if (ret == LDB_ERR_ENTRY_ALREADY_EXISTS) {
|
|
DEBUG(SSSDBG_OP_FAILURE,
|
|
"Secret %s already exists\n", ldb_dn_get_linearized(msg->dn));
|
|
- ret = EEXIST;
|
|
} else {
|
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
"Failed to add secret [%s]: [%d]: %s\n",
|
|
ldb_dn_get_linearized(msg->dn), ret, ldb_strerror(ret));
|
|
- ret = EIO;
|
|
}
|
|
+ ret = sss_ldb_error_to_errno (ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -1210,13 +1208,13 @@ errno_t sss_sec_update(struct sss_sec_req *req,
|
|
ret = ldb_modify(req->sctx->ldb, msg);
|
|
if (ret == LDB_ERR_NO_SUCH_OBJECT) {
|
|
DEBUG(SSSDBG_MINOR_FAILURE, "No such object to modify\n");
|
|
- ret = ENOENT;
|
|
+ ret = sss_ldb_error_to_errno (ret);
|
|
goto done;
|
|
} else if (ret != LDB_SUCCESS) {
|
|
DEBUG(SSSDBG_MINOR_FAILURE,
|
|
"ldb_modify failed: [%s](%d)[%s]\n",
|
|
ldb_strerror(ret), ret, ldb_errstring(req->sctx->ldb));
|
|
- ret = EIO;
|
|
+ ret = sss_ldb_error_to_errno (ret);
|
|
goto done;
|
|
}
|
|
|
|
@@ -1282,20 +1280,12 @@ errno_t sss_sec_delete(struct sss_sec_req *req)
|
|
/* fall through */
|
|
}
|
|
|
|
- switch (ret) {
|
|
- case LDB_SUCCESS:
|
|
- ret = EOK;
|
|
- break;
|
|
- case LDB_ERR_NO_SUCH_OBJECT:
|
|
- ret = ENOENT;
|
|
- break;
|
|
- default:
|
|
+ if (ret != LDB_SUCCESS && ret != LDB_ERR_NO_SUCH_OBJECT) {
|
|
DEBUG(SSSDBG_CRIT_FAILURE,
|
|
"LDB returned unexpected error: [%s]\n",
|
|
ldb_strerror(ret));
|
|
- ret = EFAULT;
|
|
- break;
|
|
}
|
|
+ ret = sss_ldb_error_to_errno (ret);
|
|
|
|
done:
|
|
talloc_free(tmp_ctx);
|
|
diff --git a/src/util/util_errors.c b/src/util/util_errors.c
|
|
index 5f8a2a2..d3f5e89 100644
|
|
--- a/src/util/util_errors.c
|
|
+++ b/src/util/util_errors.c
|
|
@@ -19,6 +19,7 @@
|
|
*/
|
|
|
|
#include "util/util.h"
|
|
+#include <ldb.h>
|
|
|
|
struct err_string {
|
|
const char *msg;
|
|
@@ -146,3 +147,27 @@ const char *sss_strerror(errno_t error)
|
|
return strerror(error);
|
|
}
|
|
|
|
+/* TODO: make a more complete and precise mapping */
|
|
+errno_t sss_ldb_error_to_errno(int ldberr)
|
|
+{
|
|
+ switch (ldberr) {
|
|
+ case LDB_SUCCESS:
|
|
+ return EOK;
|
|
+ case LDB_ERR_OPERATIONS_ERROR:
|
|
+ return EIO;
|
|
+ case LDB_ERR_NO_SUCH_OBJECT:
|
|
+ return ENOENT;
|
|
+ case LDB_ERR_BUSY:
|
|
+ return EBUSY;
|
|
+ case LDB_ERR_ATTRIBUTE_OR_VALUE_EXISTS:
|
|
+ case LDB_ERR_ENTRY_ALREADY_EXISTS:
|
|
+ return EEXIST;
|
|
+ case LDB_ERR_INVALID_ATTRIBUTE_SYNTAX:
|
|
+ return EINVAL;
|
|
+ default:
|
|
+ DEBUG(SSSDBG_CRIT_FAILURE,
|
|
+ "LDB returned unexpected error: [%i]\n",
|
|
+ ldberr);
|
|
+ return EFAULT;
|
|
+ }
|
|
+}
|
|
diff --git a/src/util/util_errors.h b/src/util/util_errors.h
|
|
index c6731d4..a799bba 100644
|
|
--- a/src/util/util_errors.h
|
|
+++ b/src/util/util_errors.h
|
|
@@ -178,4 +178,7 @@ enum sssd_errors {
|
|
*/
|
|
const char *sss_strerror(errno_t error);
|
|
|
|
+/* return ldb error converted to an errno */
|
|
+errno_t sss_ldb_error_to_errno(int ldberr);
|
|
+
|
|
#endif /* __SSSD_UTIL_ERRORS_H__ */
|
|
--
|
|
2.9.5
|
|
|