From 41606494979da8cb7fb09170687131a556a643c7 Mon Sep 17 00:00:00 2001

From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>

Date: Mon, 11 Nov 2019 13:56:34 +0100

Subject: [PATCH 102/103] autofs: delete possible duplicate of an autofs entry

Steps to reproduce:

1. Create the following autofs objects

```ldif

dn: ou=auto.master,ou=autofs,dc=ldap,dc=vm

objectClass: automountMap

objectClass: top

ou: auto.master

dn: automountKey=/home,ou=auto.master,ou=autofs,dc=ldap,dc=vm

objectClass: automount

objectClass: top

automountInformation: auto.home

automountKey: /home

dn: ou=auto.home,ou=autofs,dc=ldap,dc=vm

objectClass: automountMap

objectClass: top

ou: auto.home

dn: automountKey=/home1,ou=auto.home,ou=autofs,dc=ldap,dc=vm

objectClass: automount

objectClass: top

automountInformation: home1

automountKey: /home1

```

2. Use e.g. the test tool to fetch the maps:

```

  ./autofs_test_client auto.master

  ./autofs_test_client auto.home -n /home1

```

3. Change automountInformation of /home1

```

dn: automountKey=/home1,ou=auto.home,ou=autofs,dc=ldap,dc=vm

objectClass: automount

objectClass: top

automountInformation: home1_1

automountKey: /home1

```

4. Run the test tool again:

```

  ./autofs_test_client auto.master

  ./autofs_test_client auto.home -n /home1

  > error happens

```

It is important the `get entry by name is called` thus the `-n` parameter.

Resolves:

https://pagure.io/SSSD/sssd/issue/4116

(cherry picked from commit 14b44e721c52207fd17e449cc6ae0a75fbb05369)

---

 src/providers/ldap/sdap_async_autofs.c | 93 ++++++++++++++++++++------

 1 file changed, 74 insertions(+), 19 deletions(-)

diff --git a/src/providers/ldap/sdap_async_autofs.c b/src/providers/ldap/sdap_async_autofs.c

index 232d0c34a..6f37b1c84 100644

--- a/src/providers/ldap/sdap_async_autofs.c

+++ b/src/providers/ldap/sdap_async_autofs.c

@@ -1337,6 +1337,12 @@ static void sdap_autofs_get_entry_connect_done(struct tevent_req *subreq)

     tevent_req_set_callback(subreq, sdap_autofs_get_entry_done, req);

 }

+static errno_t sdap_autofs_save_entry(struct sss_domain_info *domain,

+                                      struct sdap_options *opts,

+                                      struct sysdb_attrs *newentry,

+                                      const char *mapname,

+                                      const char *entryname);

+

 static void sdap_autofs_get_entry_done(struct tevent_req *subreq)

 {

     struct tevent_req *req;

@@ -1365,31 +1371,18 @@ static void sdap_autofs_get_entry_done(struct tevent_req *subreq)

         return;

     }

-    if (reply_count == 0) {

-        ret = sysdb_del_autofsentry_by_key(state->id_ctx->be->domain,

-                                           state->mapname, state->entryname);

-        if (ret != EOK) {

-            DEBUG(SSSDBG_MINOR_FAILURE, "Cannot delete entry %s:%s\n",

-                  state->mapname, state->entryname);

-            tevent_req_error(req, ret);

-            return;

-        }

-

-        tevent_req_done(req);

-        return;

-    }

-

-    ret = add_autofs_entry(state->id_ctx->be->domain, state->mapname,

-                           state->opts, reply[0], time(NULL));

+    ret = sdap_autofs_save_entry(state->id_ctx->be->domain,

+                                 state->opts,

+                                 reply_count != 0 ? reply[0] : NULL,

+                                 state->mapname,

+                                 state->entryname);

     if (ret != EOK) {

-        DEBUG(SSSDBG_OP_FAILURE,

-             "Cannot save autofs entry %s:%s [%d]: %s\n",

-              state->mapname, state->entryname, ret, strerror(ret));

         tevent_req_error(req, ret);

         return;

     }

     tevent_req_done(req);

+    return;

 }

 errno_t sdap_autofs_get_entry_recv(struct tevent_req *req,

@@ -1405,3 +1398,65 @@ errno_t sdap_autofs_get_entry_recv(struct tevent_req *req,

     return EOK;

 }

+

+static errno_t sdap_autofs_save_entry(struct sss_domain_info *domain,

+                                      struct sdap_options *opts,

+                                      struct sysdb_attrs *newentry,

+                                      const char *mapname,

+                                      const char *entryname)

+{

+    bool in_transaction = false;

+    errno_t ret;

+    int tret;

+

+    ret = sysdb_transaction_start(domain->sysdb);

+    if (ret != EOK) {

+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot start sysdb transaction [%d]: %s\n",

+              ret, sss_strerror(ret));

+        goto done;

+    }

+    in_transaction = true;

+

+    /* Delete existing entry to cover case where new entry has the same key

+     * but different automountInformation. Because the dn is created from the

+     * combination of key and information it would be possible to end up with

+     * two entries with same key but different information otherwise.

+     */

+    ret = sysdb_del_autofsentry_by_key(domain, mapname, entryname);

+    if (ret != EOK) {

+        DEBUG(SSSDBG_MINOR_FAILURE, "Cannot delete entry %s:%s\n",

+              mapname, entryname);

+        goto done;

+    }

+

+    if (newentry != NULL) {

+        ret = add_autofs_entry(domain, mapname, opts, newentry, time(NULL));

+        if (ret != EOK) {

+            DEBUG(SSSDBG_OP_FAILURE,

+                  "Cannot save autofs entry %s:%s [%d]: %s\n",

+                  mapname, entryname, ret, sss_strerror(ret));

+            goto done;

+        }

+    }

+

+    ret = sysdb_transaction_commit(domain->sysdb);

+    if (ret != EOK) {

+        DEBUG(SSSDBG_CRIT_FAILURE, "Cannot commit sysdb transaction [%d]: %s\n",

+              ret, sss_strerror(ret));

+        goto done;

+    }

+    in_transaction = false;

+

+    ret = EOK;

+

+done:

+    if (in_transaction) {

+        tret = sysdb_transaction_cancel(domain->sysdb);

+        if (tret != EOK) {

+            DEBUG(SSSDBG_CRIT_FAILURE, "Cannot cancel sysdb transaction "

+                  "[%d]: %s\n", ret, sss_strerror(ret));

+        }

+    }

+

+    return ret;

+}

-- 

2.20.1