File 0039-sss_cache-Do-not-fail-for-missing-domains.patch of Package sssd.24394
From 622a518995865a949ba25ed3d097987eb2bc85be Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Fri, 25 Jan 2019 12:13:45 +0100
Subject: [PATCH 1/3] sss_cache: Do not fail for missing domains
The conf.db needn't exist(sssd has never been started) and in such situation
sss_cache failed when trying to invalidate all entries.
There is nothing to invalidate and therefore we are already in state
which we want to achieve with calling sss_cache.
No reason to fail.
Resolves:
https://pagure.io/SSSD/sssd/issue/3919
Merges: https://pagure.io/SSSD/sssd/pull-request/3926
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/confdb/confdb.c | 2 +-
src/tools/sss_cache.c | 11 +++++++++--
2 files changed, 10 insertions(+), 3 deletions(-)
diff --git a/src/confdb/confdb.c b/src/confdb/confdb.c
index cef9831eb..d89254b3f 100644
--- a/src/confdb/confdb.c
+++ b/src/confdb/confdb.c
@@ -1511,7 +1511,7 @@ int confdb_get_domains(struct confdb_ctx *cdb,
CONFDB_MONITOR_ACTIVE_DOMAINS,
&domlist);
if (ret == ENOENT) {
- DEBUG(SSSDBG_FATAL_FAILURE, "No domains configured, fatal error!\n");
+ DEBUG(SSSDBG_MINOR_FAILURE, "No domains configured, fatal error!\n");
goto done;
}
if (ret != EOK ) {
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index 8a40b38c0..eb310d39a 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -148,7 +148,11 @@ int main(int argc, const char *argv[])
struct sss_domain_info *dinfo;
ret = init_context(argc, argv, &tctx);
- if (ret != EOK) {
+ if (ret == ENOENT) {
+ /* nothing to invalidate; no reason to fail */
+ ret = EOK;
+ goto done;
+ } else if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Error initializing context for the application\n");
goto done;
@@ -847,7 +851,10 @@ static errno_t init_context(int argc, const char *argv[],
}
ret = init_domains(ctx, values.domain);
- if (ret != EOK) {
+ if (ret == ENOENT) {
+ /* Nothing to invalidate; do not log confusing messages. */
+ goto fini;
+ } else if (ret != EOK) {
if (values.domain) {
ERROR("Could not open domain %1$s. If the domain is a subdomain "
"(trusted domain), use fully qualified name instead of "
--
2.31.1
From 55cee526cd57efb399bf55e4756e81663d0908e2 Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Fri, 25 Jan 2019 12:17:59 +0100
Subject: [PATCH 2/3] sss_cache: Do not fail if noting was cached
It might happen that we have some domains in conf.db but nothing
has been cached yet. sss_cache failed in such situation,
bash-4.4# sss_cache -E
No cache object matched the specified search
bash-4.4# echo $?
2
Because there is nothing to invalidate and so we are already in state
which we want to achieve with calling sss_cache.
There is no reason to fail.
We will still fail for invalidating particular entry. User might have a
typo in the name and should be informed about possible mistake.
bash-4.4# sss_cache -u test_user
No cache object matched the specified search
bash-4.4# echo $?
2
Resolves:
https://pagure.io/SSSD/sssd/issue/3919
Merges: https://pagure.io/SSSD/sssd/pull-request/3926
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/tools/sss_cache.c | 7 +++++++
1 file changed, 7 insertions(+)
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index eb310d39a..b6ff87402 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -488,6 +488,13 @@ static bool invalidate_entries(TALLOC_CTX *ctx,
if (ret == ENOENT) {
DEBUG(SSSDBG_TRACE_FUNC, "'%s' %s: Not found in domain '%s'\n",
type_string, name ? name : "", dinfo->name);
+ if (name == NULL) {
+ /* nothing to invalidate in that domain, no reason to fail */
+ return true;
+ } else {
+ /* we failed to invalidate explicit name; inform about it */
+ return false;
+ }
} else {
DEBUG(SSSDBG_CRIT_FAILURE,
"Searching for %s in domain %s with filter %s failed\n",
--
2.31.1
From 7ea4f2168a4e7898f034b267656f8785f26eacca Mon Sep 17 00:00:00 2001
From: Lukas Slebodnik <lslebodn@redhat.com>
Date: Fri, 1 Feb 2019 19:17:08 +0100
Subject: [PATCH 3/3] sss_cache: Fail if unknown domain is passed in parameter
If sss_cache is called with --domain parameter we should fail
in case of unknown domain. It might be a typo and user should know
about such case.
Resolves:
https://pagure.io/SSSD/sssd/issue/3919
Merges: https://pagure.io/SSSD/sssd/pull-request/3940
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
---
src/tools/sss_cache.c | 9 ++++++++-
1 file changed, 8 insertions(+), 1 deletion(-)
diff --git a/src/tools/sss_cache.c b/src/tools/sss_cache.c
index b6ff87402..6bdcf610c 100644
--- a/src/tools/sss_cache.c
+++ b/src/tools/sss_cache.c
@@ -152,6 +152,12 @@ int main(int argc, const char *argv[])
/* nothing to invalidate; no reason to fail */
ret = EOK;
goto done;
+ } else if (ret == ERR_DOMAIN_NOT_FOUND) {
+ /* Cannot find domain specified in the parameter --domain.
+ * It might be a typo and therefore we will fail.
+ */
+ ret = ENOENT;
+ goto done;
} else if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Error initializing context for the application\n");
@@ -858,7 +864,7 @@ static errno_t init_context(int argc, const char *argv[],
}
ret = init_domains(ctx, values.domain);
- if (ret == ENOENT) {
+ if (ret == ENOENT && values.domain == NULL) {
/* Nothing to invalidate; do not log confusing messages. */
goto fini;
} else if (ret != EOK) {
@@ -866,6 +872,7 @@ static errno_t init_context(int argc, const char *argv[],
ERROR("Could not open domain %1$s. If the domain is a subdomain "
"(trusted domain), use fully qualified name instead of "
"--domain/-d parameter.\n", values.domain);
+ ret = ERR_DOMAIN_NOT_FOUND;
} else {
ERROR("Could not open available domains\n");
}
--
2.31.1