[SSSD] [PATCH] [HBAC]: Better libhbac debuging

Hi,

according to https://fedorahosted.org/sssd/ticket/2703

I tried to add logging to the library HBAC.

A) Logging is performed using an external function, which you can set by: # hbac_enable_debug(...)

B) The specific implementation of such a function, you can see # hbac_debug_messages(...)

C) You can specify debug level:

'...' stands for sssd_cygnus.dev.log:(Fri Jul 24 10:29:36 2015) [sssd[be[cygnus.dev]]] [hbac] (0x0080): [../src/providers/ipa/

* SSSDBG_MINOR_FAILURE produces:

Question: What kind of information could I add for request into this level?

...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:180] ALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >] ...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:173] DISALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >] ...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:173] DISALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >]

* SSSDBG_TRACE_ALL produces:

...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:410] REQUEST: ...hbac_evaluator.c:391] service [sshd] ...hbac_evaluator.c:400] service_group (none) ...hbac_evaluator.c:391] user [csikos] ...hbac_evaluator.c:395] user_group: ...hbac_evaluator.c:397] [ipausers] ...hbac_evaluator.c:391] targethost [albireo.cygnus.dev] ...hbac_evaluator.c:400] targethost_group (none) ...hbac_evaluator.c:391] srchost [192.168.122.106] ...hbac_evaluator.c:400] srchost_group (none) ...hbac_evaluator.c:417] request time Fri Jul 24 14:29:36 2015 ...hbac_evaluator.c:454] RULE [szabo_allowed] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:435] services_names (none) ...hbac_evaluator.c:440] services_groups: ...hbac_evaluator.c:442] [Sudo] ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:435] users_names (none) ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:454] RULE [Test_rule] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] services_names: ...hbac_evaluator.c:432] [login] ...hbac_evaluator.c:432] [sshd] ...hbac_evaluator.c:432] [su] ...hbac_evaluator.c:445] services_groups (none) ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] users_names: ...hbac_evaluator.c:432] [csikos] ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:180] ALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >] ...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:410] REQUEST: ...hbac_evaluator.c:391] service [systemd-user] ...hbac_evaluator.c:400] service_group (none) ...hbac_evaluator.c:391] user [csikos] ...hbac_evaluator.c:395] user_group: ...hbac_evaluator.c:397] [ipausers] ...hbac_evaluator.c:391] targethost [albireo.cygnus.dev] ...hbac_evaluator.c:400] targethost_group (none) ...hbac_evaluator.c:400] srchost_group (none) ...hbac_evaluator.c:417] request time Fri Jul 24 14:29:36 2015 ...hbac_evaluator.c:454] RULE [szabo_allowed] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:435] services_names (none) ...hbac_evaluator.c:440] services_groups: ...hbac_evaluator.c:442] [Sudo] ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:435] users_names (none) ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:454] RULE [Test_rule] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] services_names: ...hbac_evaluator.c:432] [login] ...hbac_evaluator.c:432] [sshd] ...hbac_evaluator.c:432] [su] ...hbac_evaluator.c:445] services_groups (none) ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] users_names: ...hbac_evaluator.c:432] [csikos] ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:173] DISALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >] ...hbac_evaluator.c:150] [< hbac_evaluate() ...hbac_evaluator.c:410] REQUEST: ...hbac_evaluator.c:391] service [sshd] ...hbac_evaluator.c:400] service_group (none) ...hbac_evaluator.c:391] user [szabo] ...hbac_evaluator.c:395] user_group: ...hbac_evaluator.c:397] [ipausers] ...hbac_evaluator.c:391] targethost [albireo.cygnus.dev] ...hbac_evaluator.c:400] targethost_group (none) ...hbac_evaluator.c:391] srchost [192.168.122.106] ...hbac_evaluator.c:400] srchost_group (none) ...hbac_evaluator.c:417] request time Fri Jul 24 14:29:46 2015 ...hbac_evaluator.c:454] RULE [szabo_allowed] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:435] services_names (none) ...hbac_evaluator.c:440] services_groups: ...hbac_evaluator.c:442] [Sudo] ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] users_names: ...hbac_evaluator.c:432] [szabo] ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:173] DISALLOWED by rule [szabo_allowed]. ...hbac_evaluator.c:454] RULE [Test_rule] [ENABLED]: ...hbac_evaluator.c:456] services: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] services_names: ...hbac_evaluator.c:432] [login] ...hbac_evaluator.c:432] [sshd] ...hbac_evaluator.c:432] [su] ...hbac_evaluator.c:445] services_groups (none) ...hbac_evaluator.c:462] users: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] users_names: ...hbac_evaluator.c:432] [csikos] ...hbac_evaluator.c:445] users_groups (none) ...hbac_evaluator.c:468] targethosts: ...hbac_evaluator.c:427] category [0] [NONE] ...hbac_evaluator.c:430] targethosts_names: ...hbac_evaluator.c:432] [albireo.cygnus.dev] ...hbac_evaluator.c:445] targethosts_groups (none) ...hbac_evaluator.c:474] srchosts: ...hbac_evaluator.c:427] category [0x1] [ALL] ...hbac_evaluator.c:173] DISALLOWED by rule [Test_rule]. ...hbac_evaluator.c:214] hbac_evaluate() >]

Thanks.

Petr