eabdullin
d0b0fe0ac8
- DP: reduce log level in case a responder asks for unknown domain - ipa: Add `BUILD_PASSKEY` conditional for passkey codepath - LDAP: make groups_by_user_send/recv public - Makefile: Respect `BUILD_PASSKEY` conditional - pam: Conditionalize passkey code - sdap: add set_non_posix parameter - SSS_CLIENT: check if mem-cache fd was hijacked - SSS_CLIENT: check if reponder socket was hijacked - SSS_CLIENT: MC: in case mem-cache file validation fails - sysdb: remove sysdb_computer.[ch]
304 lines
9.3 KiB
Diff
304 lines
9.3 KiB
Diff
From ff23e7e2879f94a907d05b615dbdb547aaa2e542 Mon Sep 17 00:00:00 2001
|
|
From: Sumit Bose <sbose@redhat.com>
|
|
Date: Fri, 17 Nov 2023 19:09:05 +0100
|
|
Subject: [PATCH] sysdb: remove sysdb_computer.[ch]
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
The related calls are not needed anymore.
|
|
|
|
Resolves: https://github.com/SSSD/sssd/issues/5708
|
|
|
|
Reviewed-by: Justin Stephenson <jstephen@redhat.com>
|
|
Reviewed-by: Tomáš Halman <thalman@redhat.com>
|
|
---
|
|
Makefile.am | 2 -
|
|
src/db/sysdb_computer.c | 185 --------------------------------------
|
|
src/db/sysdb_computer.h | 51 -----------
|
|
src/providers/ad/ad_gpo.c | 1 -
|
|
4 files changed, 239 deletions(-)
|
|
delete mode 100644 src/db/sysdb_computer.c
|
|
delete mode 100644 src/db/sysdb_computer.h
|
|
|
|
diff --git a/Makefile.am b/Makefile.am
|
|
index ead2bf7c0b..7ec14fc476 100644
|
|
--- a/Makefile.am
|
|
+++ b/Makefile.am
|
|
@@ -810,7 +810,6 @@ dist_noinst_HEADERS = \
|
|
src/db/sysdb_subid.h \
|
|
src/db/sysdb_domain_resolution_order.h \
|
|
src/db/sysdb_passkey_user_verification.h \
|
|
- src/db/sysdb_computer.h \
|
|
src/db/sysdb_iphosts.h \
|
|
src/db/sysdb_ipnetworks.h \
|
|
src/confdb/confdb.h \
|
|
@@ -1249,7 +1248,6 @@ libsss_util_la_SOURCES = \
|
|
src/db/sysdb_iphosts.c \
|
|
src/db/sysdb_ipnetworks.c \
|
|
src/util/sss_pam_data.c \
|
|
- src/db/sysdb_computer.c \
|
|
src/db/sysdb_subid.c \
|
|
src/util/util.c \
|
|
src/util/util_ext.c \
|
|
diff --git a/src/db/sysdb_computer.c b/src/db/sysdb_computer.c
|
|
deleted file mode 100644
|
|
index 9fcaf5a7c3..0000000000
|
|
--- a/src/db/sysdb_computer.c
|
|
+++ /dev/null
|
|
@@ -1,185 +0,0 @@
|
|
-/*
|
|
- SSSD
|
|
-
|
|
- Authors:
|
|
- Samuel Cabrero <scabrero@suse.com>
|
|
- David Mulder <dmulder@suse.com>
|
|
-
|
|
- Copyright (C) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
|
-
|
|
- This program is free software; you can redistribute it and/or modify
|
|
- it under the terms of the GNU General Public License as published by
|
|
- the Free Software Foundation; either version 3 of the License, or
|
|
- (at your option) any later version.
|
|
-
|
|
- This program is distributed in the hope that it will be useful,
|
|
- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
- GNU General Public License for more details.
|
|
-
|
|
- You should have received a copy of the GNU General Public License
|
|
- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
-*/
|
|
-
|
|
-#include <arpa/inet.h>
|
|
-
|
|
-#include "db/sysdb.h"
|
|
-#include "db/sysdb_private.h"
|
|
-#include "db/sysdb_computer.h"
|
|
-
|
|
-static errno_t
|
|
-sysdb_search_computer(TALLOC_CTX *mem_ctx,
|
|
- struct sss_domain_info *domain,
|
|
- const char *filter,
|
|
- const char **attrs,
|
|
- size_t *_num_hosts,
|
|
- struct ldb_message ***_hosts)
|
|
-{
|
|
- errno_t ret;
|
|
- TALLOC_CTX *tmp_ctx;
|
|
- struct ldb_message **results;
|
|
- size_t num_results;
|
|
-
|
|
- tmp_ctx = talloc_new(NULL);
|
|
- if (!tmp_ctx) {
|
|
- return ENOMEM;
|
|
- }
|
|
-
|
|
- ret = sysdb_search_custom(tmp_ctx, domain, filter,
|
|
- COMPUTERS_SUBDIR, attrs,
|
|
- &num_results, &results);
|
|
- if (ret != EOK && ret != ENOENT) {
|
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
|
- "Error looking up host [%d]: %s\n",
|
|
- ret, strerror(ret));
|
|
- goto done;
|
|
- } else if (ret == ENOENT) {
|
|
- DEBUG(SSSDBG_TRACE_FUNC, "No such host\n");
|
|
- *_hosts = NULL;
|
|
- *_num_hosts = 0;
|
|
- goto done;
|
|
- }
|
|
-
|
|
- *_hosts = talloc_steal(mem_ctx, results);
|
|
- *_num_hosts = num_results;
|
|
- ret = EOK;
|
|
-
|
|
-done:
|
|
- talloc_free(tmp_ctx);
|
|
-
|
|
- return ret;
|
|
-}
|
|
-
|
|
-int
|
|
-sysdb_get_computer(TALLOC_CTX *mem_ctx,
|
|
- struct sss_domain_info *domain,
|
|
- const char *computer_name,
|
|
- const char **attrs,
|
|
- struct ldb_message **_computer)
|
|
-{
|
|
- TALLOC_CTX *tmp_ctx;
|
|
- errno_t ret;
|
|
- const char *filter;
|
|
- struct ldb_message **hosts;
|
|
- size_t num_hosts;
|
|
-
|
|
- tmp_ctx = talloc_new(NULL);
|
|
- if (!tmp_ctx) {
|
|
- return ENOMEM;
|
|
- }
|
|
-
|
|
- filter = talloc_asprintf(tmp_ctx, SYSDB_COMP_FILTER, computer_name);
|
|
- if (!filter) {
|
|
- ret = ENOMEM;
|
|
- goto done;
|
|
- }
|
|
-
|
|
- ret = sysdb_search_computer(tmp_ctx, domain, filter, attrs,
|
|
- &num_hosts, &hosts);
|
|
- if (ret != EOK) {
|
|
- goto done;
|
|
- }
|
|
-
|
|
- if (num_hosts != 1) {
|
|
- ret = EINVAL;
|
|
- DEBUG(SSSDBG_CRIT_FAILURE,
|
|
- "Did not find a single host with name %s\n", computer_name);
|
|
- goto done;
|
|
- }
|
|
-
|
|
- *_computer = talloc_steal(mem_ctx, hosts[0]);
|
|
- ret = EOK;
|
|
-
|
|
-done:
|
|
- talloc_free(tmp_ctx);
|
|
-
|
|
- return ret;
|
|
-}
|
|
-
|
|
-int
|
|
-sysdb_set_computer(TALLOC_CTX *mem_ctx,
|
|
- struct sss_domain_info *domain,
|
|
- const char *computer_name,
|
|
- const char *sid_str,
|
|
- int cache_timeout,
|
|
- time_t now)
|
|
-{
|
|
- TALLOC_CTX *tmp_ctx;
|
|
- int ret;
|
|
- struct sysdb_attrs *attrs;
|
|
-
|
|
- tmp_ctx = talloc_new(NULL);
|
|
- if (!tmp_ctx) {
|
|
- return ENOMEM;
|
|
- }
|
|
-
|
|
- attrs = sysdb_new_attrs(tmp_ctx);
|
|
- if (!attrs) {
|
|
- ret = ENOMEM;
|
|
- goto done;
|
|
- }
|
|
-
|
|
- ret = sysdb_attrs_add_string(attrs, SYSDB_SID_STR, sid_str);
|
|
- if (ret) goto done;
|
|
-
|
|
- ret = sysdb_attrs_add_string(attrs, SYSDB_OBJECTCLASS, SYSDB_COMPUTER_CLASS);
|
|
- if (ret) goto done;
|
|
-
|
|
- ret = sysdb_attrs_add_string(attrs, SYSDB_NAME, computer_name);
|
|
- if (ret) goto done;
|
|
-
|
|
- /* creation time */
|
|
- ret = sysdb_attrs_add_time_t(attrs, SYSDB_CREATE_TIME, now);
|
|
- if (ret) goto done;
|
|
-
|
|
- /* Set a cache expire time. There is a periodic task that cleans up
|
|
- * expired entries from the cache even when enumeration is disabled */
|
|
- ret = sysdb_attrs_add_time_t(attrs, SYSDB_CACHE_EXPIRE,
|
|
- cache_timeout ? (now + cache_timeout) : 0);
|
|
- if (ret != EOK) {
|
|
- DEBUG(SSSDBG_OP_FAILURE, "Could not set sysdb cache expire [%d]: %s\n",
|
|
- ret, strerror(ret));
|
|
- goto done;
|
|
- }
|
|
-
|
|
- ret = sysdb_store_custom(domain, computer_name, COMPUTERS_SUBDIR, attrs);
|
|
- if (ret) goto done;
|
|
-
|
|
- /* FIXME As a future improvement we have to extend domain enumeration.
|
|
- * When 'enumerate = true' for a domain, sssd starts a periodic task
|
|
- * that brings all users and groups to the cache, cleaning up
|
|
- * stale objects after each run. If enumeration is disabled, the cleanup
|
|
- * task for expired entries is started instead.
|
|
- *
|
|
- * We have to extend the enumeration task to fetch 'computer'
|
|
- * objects as well (see ad_id_enumeration_send, the entry point of the
|
|
- * enumeration task for the id provider).
|
|
- */
|
|
-done:
|
|
- if (ret) {
|
|
- DEBUG(SSSDBG_TRACE_FUNC, "Error: %d (%s)\n", ret, strerror(ret));
|
|
- }
|
|
- talloc_zfree(tmp_ctx);
|
|
-
|
|
- return ret;
|
|
-}
|
|
diff --git a/src/db/sysdb_computer.h b/src/db/sysdb_computer.h
|
|
deleted file mode 100644
|
|
index 4be67fdf51..0000000000
|
|
--- a/src/db/sysdb_computer.h
|
|
+++ /dev/null
|
|
@@ -1,51 +0,0 @@
|
|
-/*
|
|
- SSSD
|
|
-
|
|
- Authors:
|
|
- Samuel Cabrero <scabrero@suse.com>
|
|
- David Mulder <dmulder@suse.com>
|
|
-
|
|
- Copyright (C) 2019 SUSE LINUX GmbH, Nuernberg, Germany.
|
|
-
|
|
- This program is free software; you can redistribute it and/or modify
|
|
- it under the terms of the GNU General Public License as published by
|
|
- the Free Software Foundation; either version 3 of the License, or
|
|
- (at your option) any later version.
|
|
-
|
|
- This program is distributed in the hope that it will be useful,
|
|
- but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
- MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
|
- GNU General Public License for more details.
|
|
-
|
|
- You should have received a copy of the GNU General Public License
|
|
- along with this program. If not, see <http://www.gnu.org/licenses/>.
|
|
-*/
|
|
-
|
|
-#ifndef SYSDB_COMPUTERS_H_
|
|
-#define SYSDB_COMPUTERS_H_
|
|
-
|
|
-#include "db/sysdb.h"
|
|
-
|
|
-#define COMPUTERS_SUBDIR "computers"
|
|
-#define SYSDB_COMPUTER_CLASS "computer"
|
|
-#define SYSDB_COMPUTERS_CONTAINER "cn="COMPUTERS_SUBDIR
|
|
-#define SYSDB_TMPL_COMPUTER_BASE SYSDB_COMPUTERS_CONTAINER","SYSDB_DOM_BASE
|
|
-#define SYSDB_TMPL_COMPUTER SYSDB_NAME"=%s,"SYSDB_TMPL_COMPUTER_BASE
|
|
-#define SYSDB_COMP_FILTER "(&("SYSDB_NAME"=%s)("SYSDB_OBJECTCLASS"="SYSDB_COMPUTER_CLASS"))"
|
|
-
|
|
-int
|
|
-sysdb_get_computer(TALLOC_CTX *mem_ctx,
|
|
- struct sss_domain_info *domain,
|
|
- const char *computer_name,
|
|
- const char **attrs,
|
|
- struct ldb_message **computer);
|
|
-
|
|
-int
|
|
-sysdb_set_computer(TALLOC_CTX *mem_ctx,
|
|
- struct sss_domain_info *domain,
|
|
- const char *computer_name,
|
|
- const char *sid_str,
|
|
- int cache_timeout,
|
|
- time_t now);
|
|
-
|
|
-#endif /* SYSDB_COMPUTERS_H_ */
|
|
diff --git a/src/providers/ad/ad_gpo.c b/src/providers/ad/ad_gpo.c
|
|
index 1c731b222b..f78f17f7b4 100644
|
|
--- a/src/providers/ad/ad_gpo.c
|
|
+++ b/src/providers/ad/ad_gpo.c
|
|
@@ -53,7 +53,6 @@
|
|
#include "util/sss_chain_id.h"
|
|
#include <ndr.h>
|
|
#include <gen_ndr/security.h>
|
|
-#include <db/sysdb_computer.h>
|
|
|
|
/* == gpo-ldap constants =================================================== */
|
|
|