From 26f1d475af75572a9deffdec73360fb65e787417 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Pavel=20B=C5=99ezina?= <pbrezina@redhat.com>
Date: Wed, 5 Sep 2012 14:49:09 +0200
Subject: [PATCH 1/2] backend: initialize sudo only when it is enabled in
 services

https://fedorahosted.org/sssd/ticket/1458
---
 src/providers/data_provider_be.c | 40 ++++++++++++++++++++++++++--------------
 1 file changed, 26 insertions(+), 14 deletions(-)

diff --git a/src/providers/data_provider_be.c b/src/providers/data_provider_be.c
index dcce69ca42fe4b8f216a69a6877e0aeaf20872cc..0d0c69593f27985f1977ed1acc7d105301686dd1 100644
--- a/src/providers/data_provider_be.c
+++ b/src/providers/data_provider_be.c
@@ -30,6 +30,7 @@
 #include <sys/time.h>
 #include <errno.h>
 #include <dlfcn.h>
+#include <string.h>
 
 #include <security/pam_appl.h>
 #include <security/pam_modules.h>
@@ -2083,6 +2084,7 @@ int be_process_init(TALLOC_CTX *mem_ctx,
 {
     struct be_ctx *ctx;
     struct tevent_signal *tes;
+    char *services = NULL;
     int ret;
 
     ctx = talloc_zero(mem_ctx, struct be_ctx);
@@ -2099,6 +2101,14 @@ int be_process_init(TALLOC_CTX *mem_ctx,
         return ENOMEM;
     }
 
+    ret = confdb_get_string(ctx->cdb, ctx, CONFDB_MONITOR_CONF_ENTRY,
+                            CONFDB_MONITOR_ACTIVE_SERVICES, NULL, &services);
+    if (ret != EOK) {
+        DEBUG(SSSDBG_FATAL_FAILURE,
+              ("Unable to read from confdb [%d]: %s\n", ret, strerror(ret)));
+        return ret;
+    }
+
     ret = be_init_failover(ctx);
     if (ret != EOK) {
         DEBUG(SSSDBG_FATAL_FAILURE,
@@ -2186,21 +2196,22 @@ int be_process_init(TALLOC_CTX *mem_ctx,
                "from provider [%s].\n", ctx->bet_info[BET_CHPASS].mod_name));
     }
 
-    ret = load_backend_module(ctx, BET_SUDO,
-                              &ctx->bet_info[BET_SUDO],
-                              ctx->bet_info[BET_ID].mod_name);
-    if (ret != EOK) {
-        if (ret != ENOENT) {
-            DEBUG(SSSDBG_FATAL_FAILURE,
-                  ("fatal error initializing data providers\n"));
-            return ret;
+    if (strstr(services, "sudo") != NULL) {
+        ret = load_backend_module(ctx, BET_SUDO, &ctx->bet_info[BET_SUDO],
+                                  ctx->bet_info[BET_ID].mod_name);
+        if (ret != EOK) {
+            if (ret != ENOENT) {
+                DEBUG(SSSDBG_FATAL_FAILURE,
+                      ("fatal error initializing data providers\n"));
+                return ret;
+            }
+            DEBUG(SSSDBG_MINOR_FAILURE,
+                  ("No SUDO module provided for [%s] !!\n", be_domain));
+        } else {
+            DEBUG(SSSDBG_TRACE_INTERNAL,
+                  ("SUDO backend target successfully loaded "
+                   "from provider [%s].\n", ctx->bet_info[BET_SUDO].mod_name));
         }
-        DEBUG(SSSDBG_MINOR_FAILURE,
-              ("No SUDO module provided for [%s] !!\n", be_domain));
-    } else {
-        DEBUG(SSSDBG_TRACE_INTERNAL,
-              ("SUDO backend target successfully loaded "
-               "from provider [%s].\n", ctx->bet_info[BET_SUDO].mod_name));
     }
 
     ret = load_backend_module(ctx, BET_AUTOFS,
@@ -2278,6 +2289,7 @@ int be_process_init(TALLOC_CTX *mem_ctx,
         return ret;
     }
 
+    talloc_free(services);
     return EOK;
 }
 
-- 
1.7.11.4