From 53d05f6a88b52b8f7acc15a803c1ef439fa30244 Mon Sep 17 00:00:00 2001 From: Pavel Březina Date: Oct 30 2015 10:50:00 +0000 Subject: sss_override: add user-show Resolves: https://fedorahosted.org/sssd/ticket/2736 Reviewed-by: Pavel Reichl --- diff --git a/src/man/sss_override.8.xml b/src/man/sss_override.8.xml index 36ce119..11d3704 100644 --- a/src/man/sss_override.8.xml +++ b/src/man/sss_override.8.xml @@ -102,6 +102,17 @@ + + NAME + + + + Show user overrides. + + + + + FILE diff --git a/src/tools/sss_override.c b/src/tools/sss_override.c index 0f45fbe..071aad9 100644 --- a/src/tools/sss_override.c +++ b/src/tools/sss_override.c @@ -113,6 +113,14 @@ static int parse_cmdline_user_del(struct sss_cmdline *cmdline, &user->orig_name, &user->domain); } +static int parse_cmdline_user_show(struct sss_cmdline *cmdline, + struct sss_tool_ctx *tool_ctx, + struct override_user *user) +{ + return parse_cmdline(cmdline, tool_ctx, NULL, &user->input_name, + &user->orig_name, &user->domain); +} + static int parse_cmdline_group_add(struct sss_cmdline *cmdline, struct sss_tool_ctx *tool_ctx, struct override_group *group) @@ -939,7 +947,8 @@ done: } static errno_t list_overrides(TALLOC_CTX *mem_ctx, - const char *filter, + const char *base_filter, + const char *ext_filter, const char **attrs, struct sss_domain_info *domain, size_t *_count, @@ -950,6 +959,7 @@ static errno_t list_overrides(TALLOC_CTX *mem_ctx, struct ldb_context *ldb = sysdb_ctx_get_ldb(domain->sysdb); size_t count; struct ldb_message **msgs; + const char *filter; size_t i; int ret; @@ -959,6 +969,16 @@ static errno_t list_overrides(TALLOC_CTX *mem_ctx, return ENOMEM; } + filter = base_filter; + if (ext_filter != NULL) { + filter = talloc_asprintf(tmp_ctx, "(&%s%s)", filter, ext_filter); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_asprintf() failed.\n"); + ret = ENOMEM; + goto done; + } + } + /* Acquire list of override objects. */ dn = ldb_dn_new_fmt(tmp_ctx, ldb, SYSDB_TMPL_VIEW_SEARCH_BASE, LOCALVIEW); if (dn == NULL) { @@ -998,7 +1018,8 @@ done: static struct override_user * list_user_overrides(TALLOC_CTX *mem_ctx, - struct sss_domain_info *domain) + struct sss_domain_info *domain, + const char *filter) { TALLOC_CTX *tmp_ctx; struct override_user *objs; @@ -1015,7 +1036,7 @@ list_user_overrides(TALLOC_CTX *mem_ctx, } ret = list_overrides(tmp_ctx, "(objectClass=" SYSDB_OVERRIDE_USER_CLASS ")", - attrs, domain, &count, &msgs); + filter, attrs, domain, &count, &msgs); if (ret != EOK) { goto done; } @@ -1080,7 +1101,7 @@ list_group_overrides(TALLOC_CTX *mem_ctx, } ret = list_overrides(tmp_ctx, "(objectClass=" SYSDB_OVERRIDE_GROUP_CLASS ")", - attrs, domain, &count, &msgs); + NULL, attrs, domain, &count, &msgs); if (ret != EOK) { goto done; } @@ -1121,7 +1142,8 @@ done: static errno_t user_export(const char *filename, struct sss_domain_info *dom, - bool iterate) + bool iterate, + const char *filter) { TALLOC_CTX *tmp_ctx; struct sss_colondb *db; @@ -1144,7 +1166,7 @@ static errno_t user_export(const char *filename, } do { - objs = list_user_overrides(tmp_ctx, dom); + objs = list_user_overrides(tmp_ctx, dom, filter); if (objs == NULL) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get override objects\n"); ret = ENOMEM; @@ -1324,7 +1346,7 @@ static int override_user_find(struct sss_cmdline *cmdline, iterate = false; } - ret = user_export(NULL, dom, iterate); + ret = user_export(NULL, dom, iterate, NULL); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to export users\n"); return EXIT_FAILURE; @@ -1333,6 +1355,80 @@ static int override_user_find(struct sss_cmdline *cmdline, return EXIT_SUCCESS; } +static int override_user_show(struct sss_cmdline *cmdline, + struct sss_tool_ctx *tool_ctx, + void *pvt) +{ + TALLOC_CTX *tmp_ctx; + struct override_user input = {NULL}; + const char *dn; + char *anchor; + const char *filter; + int ret; + + tmp_ctx = talloc_new(NULL); + if (tmp_ctx == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_new() failed.\n"); + return EXIT_FAILURE; + } + + ret = parse_cmdline_user_show(cmdline, tool_ctx, &input); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unable to parse command line.\n"); + goto done; + } + + ret = get_user_domain_msg(tool_ctx, &input); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get object domain\n"); + goto done; + } + + ret = get_object_dn(tmp_ctx, input.domain, SYSDB_MEMBER_USER, + input.orig_name, NULL, &dn); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unable to get object dn\n"); + goto done; + } + + anchor = build_anchor(tmp_ctx, dn); + if (anchor == NULL) { + ret = ENOMEM; + goto done; + } + + ret = sss_filter_sanitize(tmp_ctx, anchor, &anchor); + if (ret != EOK) { + ret = ENOMEM; + goto done; + } + + filter = talloc_asprintf(tmp_ctx, "(%s=%s)", + SYSDB_OVERRIDE_ANCHOR_UUID, anchor); + if (filter == NULL) { + DEBUG(SSSDBG_CRIT_FAILURE, "talloc_asprintf() failed\n"); + ret = ENOMEM; + goto done; + } + + ret = user_export(NULL, input.domain, false, filter); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, "Unable to export users\n"); + goto done; + } + + ret = EOK; + +done: + talloc_free(tmp_ctx); + + if (ret != EOK) { + return EXIT_FAILURE; + } + + return EXIT_SUCCESS; +} + static int override_user_import(struct sss_cmdline *cmdline, struct sss_tool_ctx *tool_ctx, void *pvt) @@ -1432,7 +1528,7 @@ static int override_user_export(struct sss_cmdline *cmdline, return EXIT_FAILURE; } - ret = user_export(filename, tool_ctx->domains, true); + ret = user_export(filename, tool_ctx->domains, true, NULL); if (ret != EOK) { DEBUG(SSSDBG_CRIT_FAILURE, "Unable to export users\n"); return EXIT_FAILURE; @@ -1635,6 +1731,7 @@ int main(int argc, const char **argv) {"user-add", override_user_add}, {"user-del", override_user_del}, {"user-find", override_user_find}, + {"user-show", override_user_show}, {"user-import", override_user_import}, {"user-export", override_user_export}, {"group-add", override_group_add},