int pac_process_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct confdb_ctx *cdb)
{
struct resp_ctx *rctx;
struct sss_cmd_table *pac_cmds;
struct be_conn *iter;
struct pac_ctx *pac_ctx;
int ret, max_retries;
enum idmap_error_code err;
int fd_limit;
char *uid_str;
pac_cmds = get_pac_cmds();
ret = sss_process_init(mem_ctx, ev, cdb,
pac_cmds,
SSS_PAC_SOCKET_NAME, -1, NULL, -1,
CONFDB_PAC_CONF_ENTRY,
PAC_SBUS_SERVICE_NAME,
PAC_SBUS_SERVICE_VERSION,
&monitor_pac_methods,
"PAC", &pac_dp_methods.vtable,
sss_connection_setup,
&rctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "sss_process_init() failed\n");
return ret;
}
pac_ctx = talloc_zero(rctx, struct pac_ctx);
if (!pac_ctx) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing pac_ctx\n");
ret = ENOMEM;
goto fail;
}
pac_ctx->rctx = rctx;
pac_ctx->rctx->pvt_ctx = pac_ctx;
ret = confdb_get_string(pac_ctx->rctx->cdb, pac_ctx->rctx,
CONFDB_PAC_CONF_ENTRY, CONFDB_SERVICE_ALLOWED_UIDS,
DEFAULT_ALLOWED_UIDS, &uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get allowed UIDs.\n");
goto fail;
}
ret = csv_string_to_uid_array(pac_ctx->rctx, uid_str, true,
&pac_ctx->rctx->allowed_uids_count,
&pac_ctx->rctx->allowed_uids);
talloc_free(uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to set allowed UIDs.\n");
goto fail;
}
/* Enable automatic reconnection to the Data Provider */
ret = confdb_get_int(pac_ctx->rctx->cdb,
CONFDB_PAC_CONF_ENTRY,
CONFDB_SERVICE_RECON_RETRIES,
3, &max_retries);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to set up automatic reconnection\n");
goto fail;
}
for (iter = pac_ctx->rctx->be_conns; iter; iter = iter->next) {
sbus_reconnect_init(iter->conn, max_retries,
pac_dp_reconnect_init, iter);
}
err = sss_idmap_init(sss_idmap_talloc, pac_ctx, sss_idmap_talloc_free,
&pac_ctx->idmap_ctx);
if (err != IDMAP_SUCCESS) {
DEBUG(SSSDBG_FATAL_FAILURE, "sss_idmap_init failed.\n");
ret = EFAULT;
goto fail;
}
/* Set up file descriptor limits */
ret = confdb_get_int(pac_ctx->rctx->cdb,
CONFDB_PAC_CONF_ENTRY,
CONFDB_SERVICE_FD_LIMIT,
DEFAULT_PAC_FD_LIMIT,
&fd_limit);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to set up file descriptor limit\n");
goto fail;
}
responder_set_fd_limit(fd_limit);
ret = confdb_get_int(pac_ctx->rctx->cdb, CONFDB_PAC_CONF_ENTRY,
CONFDB_PAC_LIFETIME, 300,
&pac_ctx->pac_lifetime);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to setup negative cache timeout.\n");
goto fail;
}
ret = schedule_get_domains_task(rctx, rctx->ev, rctx, NULL);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "schedule_get_domains_tasks failed.\n");
goto fail;
}
DEBUG(SSSDBG_TRACE_FUNC, "PAC Initialization complete\n");
return EOK;
fail:
talloc_free(rctx);
return ret;
}
int ifp_process_init(TALLOC_CTX *mem_ctx,
struct tevent_context *ev,
struct confdb_ctx *cdb)
{
struct resp_ctx *rctx;
struct sss_cmd_table *ifp_cmds;
struct ifp_ctx *ifp_ctx;
struct be_conn *iter;
int ret;
int max_retries;
char *uid_str;
char *attr_list_str;
char *wildcard_limit_str;
ifp_cmds = get_ifp_cmds();
ret = sss_process_init(mem_ctx, ev, cdb,
ifp_cmds,
NULL, -1, NULL, -1,
CONFDB_IFP_CONF_ENTRY,
SSS_IFP_SBUS_SERVICE_NAME,
SSS_IFP_SBUS_SERVICE_VERSION,
&monitor_ifp_methods,
"InfoPipe",
&ifp_dp_methods.vtable,
&rctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "sss_process_init() failed\n");
return ret;
}
ifp_ctx = talloc_zero(rctx, struct ifp_ctx);
if (ifp_ctx == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing ifp_ctx\n");
ret = ENOMEM;
goto fail;
}
ifp_ctx->rctx = rctx;
ifp_ctx->rctx->pvt_ctx = ifp_ctx;
ret = sss_names_init_from_args(ifp_ctx,
"(?P<name>[^@]+)@?(?P<domain>[^@]*$)",
"%1$s@%2$s", &ifp_ctx->snctx);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing regex data\n");
goto fail;
}
ret = confdb_get_string(ifp_ctx->rctx->cdb, ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY, CONFDB_SERVICE_ALLOWED_UIDS,
DEFAULT_ALLOWED_UIDS, &uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get allowed UIDs.\n");
goto fail;
}
ret = csv_string_to_uid_array(ifp_ctx->rctx, uid_str, true,
&ifp_ctx->rctx->allowed_uids_count,
&ifp_ctx->rctx->allowed_uids);
talloc_free(uid_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to set allowed UIDs.\n");
goto fail;
}
ret = confdb_get_string(ifp_ctx->rctx->cdb, ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY, CONFDB_IFP_USER_ATTR_LIST,
NULL, &attr_list_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Failed to get user attribute list.\n");
goto fail;
}
ifp_ctx->user_whitelist = ifp_parse_user_attr_list(ifp_ctx, attr_list_str);
talloc_free(attr_list_str);
if (ifp_ctx->user_whitelist == NULL) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to parse the allowed attribute list\n");
goto fail;
}
/* Enable automatic reconnection to the Data Provider */
ret = confdb_get_int(ifp_ctx->rctx->cdb,
CONFDB_IFP_CONF_ENTRY,
CONFDB_SERVICE_RECON_RETRIES,
3, &max_retries);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to set up automatic reconnection\n");
goto fail;
}
/* A bit convoluted way until we have a confdb_get_uint32 */
ret = confdb_get_string(ifp_ctx->rctx->cdb,
ifp_ctx->rctx,
CONFDB_IFP_CONF_ENTRY,
CONFDB_IFP_WILDCARD_LIMIT,
NULL, /* no limit by default */
&wildcard_limit_str);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"Failed to retrieve limit for a wildcard search\n");
goto fail;
}
if (wildcard_limit_str) {
ifp_ctx->wildcard_limit = strtouint32(wildcard_limit_str, NULL, 10);
ret = errno;
if (ret != EOK) {
goto fail;
}
}
for (iter = ifp_ctx->rctx->be_conns; iter; iter = iter->next) {
sbus_reconnect_init(iter->conn, max_retries,
ifp_dp_reconnect_init, iter);
}
/* Connect to the D-BUS system bus and set up methods */
ret = sysbus_init(ifp_ctx, ifp_ctx->rctx->ev,
IFACE_IFP,
ifp_ctx, &ifp_ctx->sysbus);
if (ret == ERR_NO_SYSBUS) {
DEBUG(SSSDBG_MINOR_FAILURE,
"The system bus is not available..\n");
/* Explicitly ignore, the D-Bus daemon will start us */
} else if (ret != EOK) {
DEBUG(SSSDBG_CRIT_FAILURE,
"Failed to connect to the system message bus\n");
talloc_free(ifp_ctx);
return EIO;
}
ret = schedule_get_domains_task(rctx, rctx->ev, rctx, NULL);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE,
"schedule_get_domains_tasks failed.\n");
goto fail;
}
DEBUG(SSSDBG_TRACE_FUNC, "InfoPipe Initialization complete\n");
return EOK;
fail:
talloc_free(rctx);
return ret;
}
