From 8a3517c5466c107f4d4e0970a1c33b51d6c762f8 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Michal=20=C5=BDidek?= Date: Wed, 9 Jan 2019 14:08:29 +0100 Subject: [PATCH 88/89] confdb: Always read snippet files This patch removes the ldif with fallback configuration and adds the fallback configuration as in-memory INI snippet. Fixes: https://pagure.io/SSSD/sssd/issue/3439 Reviewed-by: Jakub Hrozek --- src/confdb/confdb_setup.c | 122 +++++++++++++++++--------------------- src/util/sss_ini.c | 13 +++- src/util/sss_ini.h | 5 ++ 3 files changed, 70 insertions(+), 70 deletions(-) diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c index 7acefbe6b..7d039341d 100644 --- a/src/confdb/confdb_setup.c +++ b/src/confdb/confdb_setup.c @@ -28,16 +28,6 @@ #include "confdb_setup.h" #include "util/sss_ini.h" -#ifndef SSSD_FALLBACK_CONFIG_LDIF -#define SSSD_FALLBACK_CONFIG_LDIF \ -"dn: cn=config\n" \ -"version: 2\n\n" \ -"dn: cn=sssd,cn=config\n" \ -"cn: sssd\n" \ -"enable_files_domain: true\n" \ -"services: nss\n\n" -#endif /* SSSD_FALLBACK_CONFIG_LDIF */ - static int confdb_test(struct confdb_ctx *cdb) { char **values; @@ -146,28 +136,52 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx, errno_t ret; char timestr[21]; int version; + char fallback_cfg[] = + "[sssd]\n" + "enable_files_domain = true\n" + "services = nss\n"; - ret = sss_ini_config_access_check(init_data); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Permission check on config file failed.\n"); - return EPERM; - } + /* Open config file */ + ret = sss_ini_config_file_open(init_data, config_file); + if (ret == ENOENT) { + DEBUG(SSSDBG_TRACE_FUNC, "No sssd.conf.\n"); + ret = sss_ini_config_file_from_mem(fallback_cfg, + strlen(fallback_cfg), + init_data); + if (ret != EOK) { + DEBUG(SSSDBG_FATAL_FAILURE, + "sss_ini_config_file_from_mem failed. Error %d: %s\n", + ret, sss_strerror(ret)); + return ret; + } + } else if (ret == EOK) { + ret = sss_ini_config_access_check(init_data); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, + "Permission check on config file failed.\n"); + return EPERM; + } - ret = sss_ini_get_stat(init_data); - if (ret != EOK) { - ret = errno; - DEBUG(SSSDBG_FATAL_FAILURE, + ret = sss_ini_get_stat(init_data); + if (ret != EOK) { + ret = errno; + DEBUG(SSSDBG_FATAL_FAILURE, "Status check on config file failed.\n"); - return ret; - } + return ret; + } - errno = 0; - ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr); - if (ret <= 0 || ret >= (int)sizeof(timestr)) { - DEBUG(SSSDBG_FATAL_FAILURE, - "Failed to convert time_t to string??\n"); - ret = errno ? errno : EFAULT; + errno = 0; + ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr); + if (ret <= 0 || ret >= (int)sizeof(timestr)) { + DEBUG(SSSDBG_FATAL_FAILURE, + "Failed to convert time_t to string??\n"); + ret = errno ? errno : EFAULT; + return ret; + } + } else { + DEBUG(SSSDBG_CONF_SETTINGS, + "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret), + ret); return ret; } @@ -237,19 +251,6 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx, return EOK; } -static int confdb_fallback_ldif(TALLOC_CTX *mem_ctx, - const char **_timestr, - const char **_ldif) -{ - *_timestr = talloc_strdup(mem_ctx, "1"); - *_ldif = talloc_strdup(mem_ctx, SSSD_FALLBACK_CONFIG_LDIF); - if (*_timestr == NULL || *_ldif == NULL) { - return ENOMEM; - } - - return EOK; -} - static int confdb_write_ldif(struct confdb_ctx *cdb, const char *config_ldif, bool replace_whole_db) @@ -318,34 +319,17 @@ static int confdb_init_db(const char *config_file, goto done; } - /* Open config file */ - ret = sss_ini_config_file_open(init_data, config_file); - if (ret == EOK) { - ret = confdb_ldif_from_ini_file(tmp_ctx, - config_file, - config_dir, - only_section, - init_data, - ×tr, - &config_ldif); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Cannot convert INI to LDIF [%d]: [%s]\n", - ret, sss_strerror(ret)); - goto done; - } - } else if (ret == ENOENT) { - ret = confdb_fallback_ldif(tmp_ctx, ×tr, &config_ldif); - if (ret != EOK) { - DEBUG(SSSDBG_CRIT_FAILURE, - "Cannot create a fallback configuration [%d]: [%s]\n", - ret, sss_strerror(ret)); - goto done; - } - } else { - DEBUG(SSSDBG_CONF_SETTINGS, - "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret), - ret); + ret = confdb_ldif_from_ini_file(tmp_ctx, + config_file, + config_dir, + only_section, + init_data, + ×tr, + &config_ldif); + if (ret != EOK) { + DEBUG(SSSDBG_CRIT_FAILURE, + "Cannot convert INI to LDIF [%d]: [%s]\n", + ret, sss_strerror(ret)); goto done; } diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c index 3c15b2809..010b77889 100644 --- a/src/util/sss_ini.c +++ b/src/util/sss_ini.c @@ -123,7 +123,18 @@ int sss_ini_config_file_open(struct sss_ini_initdata *init_data, #endif } - +int sss_ini_config_file_from_mem(void *data_buf, + uint32_t data_len, + struct sss_ini_initdata *init_data) +{ +#ifdef HAVE_LIBINI_CONFIG_V1 + return ini_config_file_from_mem(data_buf, strlen(data_buf), + &init_data->file); +#else + /* FIXME: Remove support for older libini versions */ + return EINVAL; +#endif +} /* Check configuration file permissions */ diff --git a/src/util/sss_ini.h b/src/util/sss_ini.h index 470b88f99..0bf9c0ff5 100644 --- a/src/util/sss_ini.h +++ b/src/util/sss_ini.h @@ -45,6 +45,11 @@ void sss_ini_close_file(struct sss_ini_initdata *init_data); int sss_ini_config_file_open(struct sss_ini_initdata *init_data, const char *config_file); +/* Load config from buffer */ +int sss_ini_config_file_from_mem(void *data_buf, + uint32_t data_len, + struct sss_ini_initdata *init_data); + /* Check file permissions */ int sss_ini_config_access_check(struct sss_ini_initdata *init_data); -- 2.19.1