From 8a3517c5466c107f4d4e0970a1c33b51d6c762f8 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>
Date: Wed, 9 Jan 2019 14:08:29 +0100
Subject: [PATCH 88/89] confdb: Always read snippet files
This patch removes the ldif with fallback configuration
and adds the fallback configuration as in-memory
INI snippet.
Fixes:
https://pagure.io/SSSD/sssd/issue/3439
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/confdb/confdb_setup.c | 122 +++++++++++++++++---------------------
src/util/sss_ini.c | 13 +++-
src/util/sss_ini.h | 5 ++
3 files changed, 70 insertions(+), 70 deletions(-)
diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c
index 7acefbe6b..7d039341d 100644
--- a/src/confdb/confdb_setup.c
+++ b/src/confdb/confdb_setup.c
@@ -28,16 +28,6 @@
#include "confdb_setup.h"
#include "util/sss_ini.h"
-#ifndef SSSD_FALLBACK_CONFIG_LDIF
-#define SSSD_FALLBACK_CONFIG_LDIF \
-"dn: cn=config\n" \
-"version: 2\n\n" \
-"dn: cn=sssd,cn=config\n" \
-"cn: sssd\n" \
-"enable_files_domain: true\n" \
-"services: nss\n\n"
-#endif /* SSSD_FALLBACK_CONFIG_LDIF */
-
static int confdb_test(struct confdb_ctx *cdb)
{
char **values;
@@ -146,28 +136,52 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx,
errno_t ret;
char timestr[21];
int version;
+ char fallback_cfg[] =
+ "[sssd]\n"
+ "enable_files_domain = true\n"
+ "services = nss\n";
- ret = sss_ini_config_access_check(init_data);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Permission check on config file failed.\n");
- return EPERM;
- }
+ /* Open config file */
+ ret = sss_ini_config_file_open(init_data, config_file);
+ if (ret == ENOENT) {
+ DEBUG(SSSDBG_TRACE_FUNC, "No sssd.conf.\n");
+ ret = sss_ini_config_file_from_mem(fallback_cfg,
+ strlen(fallback_cfg),
+ init_data);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ "sss_ini_config_file_from_mem failed. Error %d: %s\n",
+ ret, sss_strerror(ret));
+ return ret;
+ }
+ } else if (ret == EOK) {
+ ret = sss_ini_config_access_check(init_data);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "Permission check on config file failed.\n");
+ return EPERM;
+ }
- ret = sss_ini_get_stat(init_data);
- if (ret != EOK) {
- ret = errno;
- DEBUG(SSSDBG_FATAL_FAILURE,
+ ret = sss_ini_get_stat(init_data);
+ if (ret != EOK) {
+ ret = errno;
+ DEBUG(SSSDBG_FATAL_FAILURE,
"Status check on config file failed.\n");
- return ret;
- }
+ return ret;
+ }
- errno = 0;
- ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr);
- if (ret <= 0 || ret >= (int)sizeof(timestr)) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- "Failed to convert time_t to string??\n");
- ret = errno ? errno : EFAULT;
+ errno = 0;
+ ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr);
+ if (ret <= 0 || ret >= (int)sizeof(timestr)) {
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ "Failed to convert time_t to string??\n");
+ ret = errno ? errno : EFAULT;
+ return ret;
+ }
+ } else {
+ DEBUG(SSSDBG_CONF_SETTINGS,
+ "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret),
+ ret);
return ret;
}
@@ -237,19 +251,6 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx,
return EOK;
}
-static int confdb_fallback_ldif(TALLOC_CTX *mem_ctx,
- const char **_timestr,
- const char **_ldif)
-{
- *_timestr = talloc_strdup(mem_ctx, "1");
- *_ldif = talloc_strdup(mem_ctx, SSSD_FALLBACK_CONFIG_LDIF);
- if (*_timestr == NULL || *_ldif == NULL) {
- return ENOMEM;
- }
-
- return EOK;
-}
-
static int confdb_write_ldif(struct confdb_ctx *cdb,
const char *config_ldif,
bool replace_whole_db)
@@ -318,34 +319,17 @@ static int confdb_init_db(const char *config_file,
goto done;
}
- /* Open config file */
- ret = sss_ini_config_file_open(init_data, config_file);
- if (ret == EOK) {
- ret = confdb_ldif_from_ini_file(tmp_ctx,
- config_file,
- config_dir,
- only_section,
- init_data,
- ×tr,
- &config_ldif);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Cannot convert INI to LDIF [%d]: [%s]\n",
- ret, sss_strerror(ret));
- goto done;
- }
- } else if (ret == ENOENT) {
- ret = confdb_fallback_ldif(tmp_ctx, ×tr, &config_ldif);
- if (ret != EOK) {
- DEBUG(SSSDBG_CRIT_FAILURE,
- "Cannot create a fallback configuration [%d]: [%s]\n",
- ret, sss_strerror(ret));
- goto done;
- }
- } else {
- DEBUG(SSSDBG_CONF_SETTINGS,
- "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret),
- ret);
+ ret = confdb_ldif_from_ini_file(tmp_ctx,
+ config_file,
+ config_dir,
+ only_section,
+ init_data,
+ ×tr,
+ &config_ldif);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_CRIT_FAILURE,
+ "Cannot convert INI to LDIF [%d]: [%s]\n",
+ ret, sss_strerror(ret));
goto done;
}
diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c
index 3c15b2809..010b77889 100644
--- a/src/util/sss_ini.c
+++ b/src/util/sss_ini.c
@@ -123,7 +123,18 @@ int sss_ini_config_file_open(struct sss_ini_initdata *init_data,
#endif
}
-
+int sss_ini_config_file_from_mem(void *data_buf,
+ uint32_t data_len,
+ struct sss_ini_initdata *init_data)
+{
+#ifdef HAVE_LIBINI_CONFIG_V1
+ return ini_config_file_from_mem(data_buf, strlen(data_buf),
+ &init_data->file);
+#else
+ /* FIXME: Remove support for older libini versions */
+ return EINVAL;
+#endif
+}
/* Check configuration file permissions */
diff --git a/src/util/sss_ini.h b/src/util/sss_ini.h
index 470b88f99..0bf9c0ff5 100644
--- a/src/util/sss_ini.h
+++ b/src/util/sss_ini.h
@@ -45,6 +45,11 @@ void sss_ini_close_file(struct sss_ini_initdata *init_data);
int sss_ini_config_file_open(struct sss_ini_initdata *init_data,
const char *config_file);
+/* Load config from buffer */
+int sss_ini_config_file_from_mem(void *data_buf,
+ uint32_t data_len,
+ struct sss_ini_initdata *init_data);
+
/* Check file permissions */
int sss_ini_config_access_check(struct sss_ini_initdata *init_data);
--
2.19.1