From 8a3517c5466c107f4d4e0970a1c33b51d6c762f8 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Michal=20=C5=BDidek?= <mzidek@redhat.com>

Date: Wed, 9 Jan 2019 14:08:29 +0100

Subject: [PATCH 88/89] confdb: Always read snippet files

This patch removes the ldif with fallback configuration

and adds the fallback configuration as in-memory

INI snippet.

Fixes:

https://pagure.io/SSSD/sssd/issue/3439

Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>

---

 src/confdb/confdb_setup.c | 122 +++++++++++++++++---------------------

 src/util/sss_ini.c        |  13 +++-

 src/util/sss_ini.h        |   5 ++

 3 files changed, 70 insertions(+), 70 deletions(-)

diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c

index 7acefbe6b..7d039341d 100644

--- a/src/confdb/confdb_setup.c

+++ b/src/confdb/confdb_setup.c

@@ -28,16 +28,6 @@

 #include "confdb_setup.h"

 #include "util/sss_ini.h"

-#ifndef SSSD_FALLBACK_CONFIG_LDIF

-#define SSSD_FALLBACK_CONFIG_LDIF \

-"dn: cn=config\n" \

-"version: 2\n\n" \

-"dn: cn=sssd,cn=config\n" \

-"cn: sssd\n" \

-"enable_files_domain: true\n" \

-"services: nss\n\n"

-#endif /* SSSD_FALLBACK_CONFIG_LDIF */

-

 static int confdb_test(struct confdb_ctx *cdb)

 {

     char **values;

@@ -146,28 +136,52 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx,

     errno_t ret;

     char timestr[21];

     int version;

+    char fallback_cfg[] =

+        "[sssd]\n"

+        "enable_files_domain = true\n"

+        "services = nss\n";

-    ret = sss_ini_config_access_check(init_data);

-    if (ret != EOK) {

-        DEBUG(SSSDBG_CRIT_FAILURE,

-              "Permission check on config file failed.\n");

-        return EPERM;

-    }

+    /* Open config file */

+    ret = sss_ini_config_file_open(init_data, config_file);

+    if (ret == ENOENT) {

+        DEBUG(SSSDBG_TRACE_FUNC, "No sssd.conf.\n");

+        ret = sss_ini_config_file_from_mem(fallback_cfg,

+                                           strlen(fallback_cfg),

+                                           init_data);

+        if (ret != EOK) {

+            DEBUG(SSSDBG_FATAL_FAILURE,

+                  "sss_ini_config_file_from_mem failed. Error %d: %s\n",

+                  ret, sss_strerror(ret));

+            return ret;

+        }

+    } else if (ret == EOK) {

+        ret = sss_ini_config_access_check(init_data);

+        if (ret != EOK) {

+            DEBUG(SSSDBG_CRIT_FAILURE,

+                  "Permission check on config file failed.\n");

+            return EPERM;

+        }

-    ret = sss_ini_get_stat(init_data);

-    if (ret != EOK) {

-        ret = errno;

-        DEBUG(SSSDBG_FATAL_FAILURE,

+        ret = sss_ini_get_stat(init_data);

+        if (ret != EOK) {

+            ret = errno;

+            DEBUG(SSSDBG_FATAL_FAILURE,

               "Status check on config file failed.\n");

-        return ret;

-    }

+            return ret;

+        }

-    errno = 0;

-    ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr);

-    if (ret <= 0 || ret >= (int)sizeof(timestr)) {

-        DEBUG(SSSDBG_FATAL_FAILURE,

-              "Failed to convert time_t to string??\n");

-        ret = errno ? errno : EFAULT;

+        errno = 0;

+        ret = sss_ini_get_mtime(init_data, sizeof(timestr), timestr);

+        if (ret <= 0 || ret >= (int)sizeof(timestr)) {

+            DEBUG(SSSDBG_FATAL_FAILURE,

+                  "Failed to convert time_t to string??\n");

+            ret = errno ? errno : EFAULT;

+            return ret;

+        }

+    } else {

+        DEBUG(SSSDBG_CONF_SETTINGS,

+              "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret),

+              ret);

         return ret;

     }

@@ -237,19 +251,6 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx,

     return EOK;

 }

-static int confdb_fallback_ldif(TALLOC_CTX *mem_ctx,

-                                const char **_timestr,

-                                const char **_ldif)

-{

-    *_timestr = talloc_strdup(mem_ctx, "1");

-    *_ldif = talloc_strdup(mem_ctx, SSSD_FALLBACK_CONFIG_LDIF);

-    if (*_timestr == NULL || *_ldif == NULL) {

-        return ENOMEM;

-    }

-

-    return EOK;

-}

-

 static int confdb_write_ldif(struct confdb_ctx *cdb,

                              const char *config_ldif,

                              bool replace_whole_db)

@@ -318,34 +319,17 @@ static int confdb_init_db(const char *config_file,

         goto done;

     }

-    /* Open config file */

-    ret = sss_ini_config_file_open(init_data, config_file);

-    if (ret == EOK) {

-        ret = confdb_ldif_from_ini_file(tmp_ctx,

-                                        config_file,

-                                        config_dir,

-                                        only_section,

-                                        init_data,

-                                        &timestr,

-                                        &config_ldif);

-        if (ret != EOK) {

-            DEBUG(SSSDBG_CRIT_FAILURE,

-                  "Cannot convert INI to LDIF [%d]: [%s]\n",

-                  ret, sss_strerror(ret));

-            goto done;

-        }

-    } else if (ret == ENOENT) {

-        ret = confdb_fallback_ldif(tmp_ctx, &timestr, &config_ldif);

-        if (ret != EOK) {

-            DEBUG(SSSDBG_CRIT_FAILURE,

-                  "Cannot create a fallback configuration [%d]: [%s]\n",

-                  ret, sss_strerror(ret));

-            goto done;

-        }

-    } else {

-        DEBUG(SSSDBG_CONF_SETTINGS,

-              "sss_ini_config_file_open failed: %s [%d]\n", sss_strerror(ret),

-              ret);

+    ret = confdb_ldif_from_ini_file(tmp_ctx,

+                                    config_file,

+                                    config_dir,

+                                    only_section,

+                                    init_data,

+                                    &timestr,

+                                    &config_ldif);

+    if (ret != EOK) {

+        DEBUG(SSSDBG_CRIT_FAILURE,

+              "Cannot convert INI to LDIF [%d]: [%s]\n",

+            ret, sss_strerror(ret));

         goto done;

     }

diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c

index 3c15b2809..010b77889 100644

--- a/src/util/sss_ini.c

+++ b/src/util/sss_ini.c

@@ -123,7 +123,18 @@ int sss_ini_config_file_open(struct sss_ini_initdata *init_data,

 #endif

 }

-

+int sss_ini_config_file_from_mem(void *data_buf,

+                                 uint32_t data_len,

+                                 struct sss_ini_initdata *init_data)

+{

+#ifdef HAVE_LIBINI_CONFIG_V1

+    return ini_config_file_from_mem(data_buf, strlen(data_buf),

+                                   &init_data->file);

+#else

+    /* FIXME: Remove support for older libini versions */

+    return EINVAL;

+#endif

+}

 /* Check configuration file permissions */

diff --git a/src/util/sss_ini.h b/src/util/sss_ini.h

index 470b88f99..0bf9c0ff5 100644

--- a/src/util/sss_ini.h

+++ b/src/util/sss_ini.h

@@ -45,6 +45,11 @@ void sss_ini_close_file(struct sss_ini_initdata *init_data);

 int sss_ini_config_file_open(struct sss_ini_initdata *init_data,

                              const char *config_file);

+/* Load config from buffer */

+int sss_ini_config_file_from_mem(void *data_buf,

+                                 uint32_t data_len,

+                                 struct sss_ini_initdata *init_data);

+

 /* Check file permissions */

 int sss_ini_config_access_check(struct sss_ini_initdata *init_data);

-- 

2.19.1