Since the NSS and PAM parts of the views are in the review process and I don't expect any big changes there, I'm sending IFP part. It depends on Sumit's patches.
On Fri, Oct 17, 2014 at 02:09:11PM +0200, Pavel Březina wrote:
Since the NSS and PAM parts of the views are in the review process and I don't expect any big changes there, I'm sending IFP part. It depends on Sumit's patches.
Subject: [PATCH 1/5] Add sysdb_search_[user|group]_override_attrs_by_name
ACK
From 693a2c4392424e95acef1e38647fc5cf67f50f71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Thu, 2 Oct 2014 16:13:53 +0200 Subject: [PATCH 2/5] Add sysdb_get_user_attr_with_views
...
+int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,const char *name,const char **attributes,struct ldb_result **_res)+{
- int ret;
- struct ldb_result *orig_obj = NULL;
- struct ldb_result *override_obj = NULL;
- struct ldb_message_element *el = NULL;
- const char **attrs = NULL;
- bool has_override_dn;
- TALLOC_CTX *tmp_ctx;
- int count;
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");return ENOMEM;- }
- /* We need overrideDN for views, so append it if missing. */
I think you can safely only do this if DOM_HAS_VIEWS(domain).
- has_override_dn = false;
- for (count = 0; attributes[count] != NULL; count++) {
if (strcmp(attributes[count], SYSDB_OVERRIDE_DN) == 0) {has_override_dn = true;break;}- }
- if (has_override_dn) {
/* Use original attributes. */attrs = attributes;- } else {
/* Copy original attributes and add overrideDN. */attrs = talloc_zero_array(tmp_ctx, const char *, count + 2);if (attrs == NULL) {ret = ENOMEM;goto done;}for (count = 0; attributes[count] != NULL; count++) {attrs[count] = attributes[count];}attrs[count] = SYSDB_OVERRIDE_DN;- }
Subject: [PATCH 3/5] IFP: support views
ACK
bye, Sumit
On 10/20/2014 01:31 PM, Sumit Bose wrote:
On Fri, Oct 17, 2014 at 02:09:11PM +0200, Pavel Březina wrote:
Since the NSS and PAM parts of the views are in the review process and I don't expect any big changes there, I'm sending IFP part. It depends on Sumit's patches.
Subject: [PATCH 1/5] Add sysdb_search_[user|group]_override_attrs_by_name
ACK
From 693a2c4392424e95acef1e38647fc5cf67f50f71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Thu, 2 Oct 2014 16:13:53 +0200 Subject: [PATCH 2/5] Add sysdb_get_user_attr_with_views
...
+int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,const char *name,const char **attributes,struct ldb_result **_res)+{
- int ret;
- struct ldb_result *orig_obj = NULL;
- struct ldb_result *override_obj = NULL;
- struct ldb_message_element *el = NULL;
- const char **attrs = NULL;
- bool has_override_dn;
- TALLOC_CTX *tmp_ctx;
- int count;
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");return ENOMEM;- }
- /* We need overrideDN for views, so append it if missing. */
I think you can safely only do this if DOM_HAS_VIEWS(domain).
- has_override_dn = false;
- for (count = 0; attributes[count] != NULL; count++) {
if (strcmp(attributes[count], SYSDB_OVERRIDE_DN) == 0) {has_override_dn = true;break;}- }
- if (has_override_dn) {
/* Use original attributes. */attrs = attributes;- } else {
/* Copy original attributes and add overrideDN. */attrs = talloc_zero_array(tmp_ctx, const char *, count + 2);if (attrs == NULL) {ret = ENOMEM;goto done;}for (count = 0; attributes[count] != NULL; count++) {attrs[count] = attributes[count];}attrs[count] = SYSDB_OVERRIDE_DN;- }
Subject: [PATCH 3/5] IFP: support views
ACK
bye, Sumit
That makes sense. New patches are attached.
On Mon, Oct 20, 2014 at 03:13:18PM +0200, Pavel Březina wrote:
On 10/20/2014 01:31 PM, Sumit Bose wrote:
On Fri, Oct 17, 2014 at 02:09:11PM +0200, Pavel Březina wrote:
Since the NSS and PAM parts of the views are in the review process and I don't expect any big changes there, I'm sending IFP part. It depends on Sumit's patches.
Subject: [PATCH 1/5] Add sysdb_search_[user|group]_override_attrs_by_name
ACK
From 693a2c4392424e95acef1e38647fc5cf67f50f71 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Pavel=20B=C5=99ezina?= pbrezina@redhat.com Date: Thu, 2 Oct 2014 16:13:53 +0200 Subject: [PATCH 2/5] Add sysdb_get_user_attr_with_views
...
+int sysdb_get_user_attr_with_views(TALLOC_CTX *mem_ctx,
struct sss_domain_info *domain,const char *name,const char **attributes,struct ldb_result **_res)+{
- int ret;
- struct ldb_result *orig_obj = NULL;
- struct ldb_result *override_obj = NULL;
- struct ldb_message_element *el = NULL;
- const char **attrs = NULL;
- bool has_override_dn;
- TALLOC_CTX *tmp_ctx;
- int count;
- tmp_ctx = talloc_new(NULL);
- if (tmp_ctx == NULL) {
DEBUG(SSSDBG_OP_FAILURE, "talloc_new failed.\n");return ENOMEM;- }
- /* We need overrideDN for views, so append it if missing. */
I think you can safely only do this if DOM_HAS_VIEWS(domain).
- has_override_dn = false;
- for (count = 0; attributes[count] != NULL; count++) {
if (strcmp(attributes[count], SYSDB_OVERRIDE_DN) == 0) {has_override_dn = true;break;}- }
- if (has_override_dn) {
/* Use original attributes. */attrs = attributes;- } else {
/* Copy original attributes and add overrideDN. */attrs = talloc_zero_array(tmp_ctx, const char *, count + 2);if (attrs == NULL) {ret = ENOMEM;goto done;}for (count = 0; attributes[count] != NULL; count++) {attrs[count] = attributes[count];}attrs[count] = SYSDB_OVERRIDE_DN;- }
Subject: [PATCH 3/5] IFP: support views
ACK
bye, Sumit
That makes sense. New patches are attached.
ACK
bye, Sumit
sssd-devel@lists.fedorahosted.org
-
Jakub Hrozek -
Pavel Březina -
Sumit Bose