Line data Source code
1 : /*
2 : SSSD
3 :
4 : NSS Responder
5 :
6 : Copyright (C) Simo Sorce <ssorce@redhat.com> 2008
7 :
8 : This program is free software; you can redistribute it and/or modify
9 : it under the terms of the GNU General Public License as published by
10 : the Free Software Foundation; either version 3 of the License, or
11 : (at your option) any later version.
12 :
13 : This program is distributed in the hope that it will be useful,
14 : but WITHOUT ANY WARRANTY; without even the implied warranty of
15 : MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
16 : GNU General Public License for more details.
17 :
18 : You should have received a copy of the GNU General Public License
19 : along with this program. If not, see <http://www.gnu.org/licenses/>.
20 : */
21 :
22 : #include <stdio.h>
23 : #include <unistd.h>
24 : #include <fcntl.h>
25 : #include <sys/types.h>
26 : #include <sys/stat.h>
27 : #include <sys/socket.h>
28 : #include <sys/un.h>
29 : #include <string.h>
30 : #include <sys/time.h>
31 : #include <errno.h>
32 : #include <popt.h>
33 : #include <dbus/dbus.h>
34 :
35 : #include "util/util.h"
36 : #include "responder/nss/nsssrv.h"
37 : #include "responder/nss/nsssrv_private.h"
38 : #include "responder/nss/nsssrv_mmap_cache.h"
39 : #include "responder/nss/nsssrv_netgroup.h"
40 : #include "responder/common/negcache.h"
41 : #include "db/sysdb.h"
42 : #include "confdb/confdb.h"
43 : #include "sbus/sssd_dbus.h"
44 : #include "responder/common/responder_packet.h"
45 : #include "responder/common/responder.h"
46 : #include "responder/common/responder_sbus.h"
47 : #include "providers/data_provider.h"
48 : #include "monitor/monitor_interfaces.h"
49 : #include "sbus/sbus_client.h"
50 : #include "util/util_sss_idmap.h"
51 :
52 : #define DEFAULT_PWFIELD "*"
53 : #define DEFAULT_NSS_FD_LIMIT 8192
54 :
55 : #define SHELL_REALLOC_INCREMENT 5
56 : #define SHELL_REALLOC_MAX 50
57 :
58 : static int nss_clear_memcache(struct sbus_request *dbus_req, void *data);
59 : static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *data);
60 :
61 : struct mon_cli_iface monitor_nss_methods = {
62 : { &mon_cli_iface_meta, 0 },
63 : .ping = monitor_common_pong,
64 : .resInit = monitor_common_res_init,
65 : .shutDown = NULL,
66 : .goOffline = NULL,
67 : .resetOffline = NULL,
68 : .rotateLogs = responder_logrotate,
69 : .clearMemcache = nss_clear_memcache,
70 : .clearEnumCache = nss_clear_netgroup_hash_table,
71 : .sysbusReconnect = NULL,
72 : };
73 :
74 0 : static int nss_clear_memcache(struct sbus_request *dbus_req, void *data)
75 : {
76 : errno_t ret;
77 : int memcache_timeout;
78 0 : struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx);
79 0 : struct nss_ctx *nctx = (struct nss_ctx*) rctx->pvt_ctx;
80 :
81 0 : ret = unlink(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG);
82 0 : if (ret != 0) {
83 0 : ret = errno;
84 0 : if (ret == ENOENT) {
85 0 : DEBUG(SSSDBG_TRACE_FUNC,
86 : "CLEAR_MC_FLAG not found. Nothing to do.\n");
87 0 : goto done;
88 : } else {
89 0 : DEBUG(SSSDBG_CRIT_FAILURE, "Failed to unlink file: %s.\n",
90 : strerror(ret));
91 0 : return ret;
92 : }
93 : }
94 :
95 : /* CLEAR_MC_FLAG removed successfully. Clearing memory caches. */
96 :
97 0 : ret = confdb_get_int(rctx->cdb,
98 : CONFDB_NSS_CONF_ENTRY,
99 : CONFDB_MEMCACHE_TIMEOUT,
100 : 300, &memcache_timeout);
101 0 : if (ret != EOK) {
102 0 : DEBUG(SSSDBG_FATAL_FAILURE,
103 : "Unable to get memory cache entry timeout.\n");
104 0 : return ret;
105 : }
106 :
107 : /* TODO: read cache sizes from configuration */
108 0 : DEBUG(SSSDBG_TRACE_FUNC, "Clearing memory caches.\n");
109 0 : ret = sss_mmap_cache_reinit(nctx, SSS_MC_CACHE_ELEMENTS,
110 : (time_t) memcache_timeout,
111 : &nctx->pwd_mc_ctx);
112 0 : if (ret != EOK) {
113 0 : DEBUG(SSSDBG_CRIT_FAILURE,
114 : "passwd mmap cache invalidation failed\n");
115 0 : return ret;
116 : }
117 :
118 0 : ret = sss_mmap_cache_reinit(nctx, SSS_MC_CACHE_ELEMENTS,
119 : (time_t) memcache_timeout,
120 : &nctx->grp_mc_ctx);
121 0 : if (ret != EOK) {
122 0 : DEBUG(SSSDBG_CRIT_FAILURE,
123 : "group mmap cache invalidation failed\n");
124 0 : return ret;
125 : }
126 :
127 0 : ret = sss_mmap_cache_reinit(nctx, SSS_MC_CACHE_ELEMENTS,
128 : (time_t)memcache_timeout,
129 : &nctx->initgr_mc_ctx);
130 0 : if (ret != EOK) {
131 0 : DEBUG(SSSDBG_CRIT_FAILURE,
132 : "initgroups mmap cache invalidation failed\n");
133 0 : return ret;
134 : }
135 :
136 : done:
137 0 : return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID);
138 : }
139 :
140 0 : static int nss_clear_netgroup_hash_table(struct sbus_request *dbus_req, void *data)
141 : {
142 : errno_t ret;
143 0 : struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx);
144 0 : struct nss_ctx *nctx = (struct nss_ctx*) rctx->pvt_ctx;
145 :
146 0 : ret = nss_orphan_netgroups(nctx);
147 0 : if (ret != EOK) {
148 0 : DEBUG(SSSDBG_CRIT_FAILURE,
149 : "Could not invalidate netgroups\n");
150 0 : return ret;
151 : }
152 :
153 0 : return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID);
154 : }
155 :
156 0 : static errno_t nss_get_etc_shells(TALLOC_CTX *mem_ctx, char ***_shells)
157 : {
158 0 : int i = 0;
159 : char *sh;
160 0 : char **shells = NULL;
161 : TALLOC_CTX *tmp_ctx;
162 : errno_t ret;
163 : int size;
164 :
165 0 : tmp_ctx = talloc_new(NULL);
166 0 : if (!tmp_ctx) return ENOMEM;
167 :
168 0 : shells = talloc_array(tmp_ctx, char *, SHELL_REALLOC_INCREMENT);
169 0 : if (!shells) {
170 0 : ret = ENOMEM;
171 0 : goto done;
172 : }
173 0 : size = SHELL_REALLOC_INCREMENT;
174 :
175 0 : setusershell();
176 0 : while ((sh = getusershell())) {
177 0 : shells[i] = talloc_strdup(shells, sh);
178 0 : if (!shells[i]) {
179 0 : endusershell();
180 0 : ret = ENOMEM;
181 0 : goto done;
182 : }
183 0 : DEBUG(SSSDBG_TRACE_FUNC, "Found shell %s in /etc/shells\n", shells[i]);
184 0 : i++;
185 :
186 0 : if (i == size) {
187 0 : size += SHELL_REALLOC_INCREMENT;
188 0 : if (size > SHELL_REALLOC_MAX) {
189 0 : DEBUG(SSSDBG_FATAL_FAILURE,
190 : "Reached maximum number of shells [%d]. "
191 : "Users may be denied access. "
192 : "Please check /etc/shells for sanity\n",
193 : SHELL_REALLOC_MAX);
194 0 : break;
195 : }
196 0 : shells = talloc_realloc(NULL, shells, char *,
197 : size);
198 0 : if (!shells) {
199 0 : ret = ENOMEM;
200 0 : goto done;
201 : }
202 : }
203 : }
204 0 : endusershell();
205 :
206 0 : if (i + 1 < size) {
207 0 : shells = talloc_realloc(NULL, shells, char *, i + 1);
208 0 : if (!shells) {
209 0 : ret = ENOMEM;
210 0 : goto done;
211 : }
212 : }
213 0 : shells[i] = NULL;
214 :
215 0 : *_shells = talloc_move(mem_ctx, &shells);
216 0 : ret = EOK;
217 : done:
218 0 : talloc_zfree(tmp_ctx);
219 0 : return ret;
220 : }
221 :
222 0 : static int nss_get_config(struct nss_ctx *nctx,
223 : struct confdb_ctx *cdb)
224 : {
225 : int ret;
226 : char *tmp_str;
227 :
228 0 : ret = confdb_get_int(cdb, CONFDB_NSS_CONF_ENTRY,
229 : CONFDB_NSS_ENUM_CACHE_TIMEOUT, 120,
230 : &nctx->enum_cache_timeout);
231 0 : if (ret != EOK) goto done;
232 :
233 0 : ret = confdb_get_int(cdb, CONFDB_NSS_CONF_ENTRY,
234 : CONFDB_NSS_ENTRY_NEG_TIMEOUT, 15,
235 : &nctx->neg_timeout);
236 0 : if (ret != EOK) goto done;
237 :
238 0 : ret = confdb_get_bool(cdb, CONFDB_NSS_CONF_ENTRY,
239 : CONFDB_NSS_FILTER_USERS_IN_GROUPS, true,
240 : &nctx->filter_users_in_groups);
241 0 : if (ret != EOK) goto done;
242 :
243 0 : ret = confdb_get_int(cdb, CONFDB_NSS_CONF_ENTRY,
244 : CONFDB_NSS_ENTRY_CACHE_NOWAIT_PERCENTAGE, 50,
245 : &nctx->cache_refresh_percent);
246 0 : if (ret != EOK) goto done;
247 0 : if (nctx->cache_refresh_percent < 0 ||
248 0 : nctx->cache_refresh_percent > 99) {
249 0 : DEBUG(SSSDBG_FATAL_FAILURE,
250 : "Configuration error: entry_cache_nowait_percentage is "
251 : "invalid. Disabling feature.\n");
252 0 : nctx->cache_refresh_percent = 0;
253 : }
254 :
255 0 : ret = sss_ncache_prepopulate(nctx->ncache, cdb, nctx->rctx);
256 0 : if (ret != EOK) {
257 0 : goto done;
258 : }
259 :
260 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
261 : CONFDB_NSS_PWFIELD, DEFAULT_PWFIELD,
262 : &nctx->pwfield);
263 0 : if (ret != EOK) goto done;
264 :
265 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
266 : CONFDB_NSS_OVERRIDE_HOMEDIR, NULL,
267 : &nctx->override_homedir);
268 0 : if (ret != EOK) goto done;
269 :
270 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
271 : CONFDB_NSS_FALLBACK_HOMEDIR, NULL,
272 : &nctx->fallback_homedir);
273 0 : if (ret != EOK) goto done;
274 :
275 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
276 : CONFDB_NSS_OVERRIDE_SHELL, NULL,
277 : &nctx->override_shell);
278 0 : if (ret != EOK && ret != ENOENT) goto done;
279 :
280 0 : ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
281 : CONFDB_NSS_ALLOWED_SHELL,
282 : &nctx->allowed_shells);
283 0 : if (ret != EOK && ret != ENOENT) goto done;
284 :
285 0 : ret = confdb_get_string_as_list(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
286 : CONFDB_NSS_VETOED_SHELL,
287 : &nctx->vetoed_shells);
288 0 : if (ret != EOK && ret != ENOENT) goto done;
289 :
290 0 : ret = nss_get_etc_shells(nctx, &nctx->etc_shells);
291 0 : if (ret != EOK) goto done;
292 :
293 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
294 : CONFDB_NSS_SHELL_FALLBACK,
295 : CONFDB_DEFAULT_SHELL_FALLBACK,
296 : &nctx->shell_fallback);
297 0 : if (ret != EOK) goto done;
298 :
299 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
300 : CONFDB_NSS_DEFAULT_SHELL,
301 : NULL,
302 : &nctx->default_shell);
303 0 : if (ret != EOK) goto done;
304 :
305 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
306 : CONFDB_NSS_HOMEDIR_SUBSTRING,
307 : CONFDB_DEFAULT_HOMEDIR_SUBSTRING,
308 : &nctx->homedir_substr);
309 0 : if (ret != EOK) goto done;
310 :
311 :
312 0 : ret = confdb_get_string(cdb, nctx, CONFDB_NSS_CONF_ENTRY,
313 : CONFDB_IFP_USER_ATTR_LIST, NULL, &tmp_str);
314 0 : if (ret != EOK) goto done;
315 :
316 0 : if (tmp_str == NULL) {
317 0 : ret = confdb_get_string(cdb, nctx, CONFDB_IFP_CONF_ENTRY,
318 : CONFDB_IFP_USER_ATTR_LIST, NULL, &tmp_str);
319 0 : if (ret != EOK) goto done;
320 : }
321 :
322 0 : if (tmp_str != NULL) {
323 0 : nctx->extra_attributes = parse_attr_list_ex(nctx, tmp_str, NULL);
324 0 : if (nctx->extra_attributes == NULL) {
325 0 : ret = ENOMEM;
326 0 : goto done;
327 : }
328 : }
329 :
330 0 : ret = 0;
331 : done:
332 0 : return ret;
333 : }
334 :
335 0 : static int nss_update_memcache(struct sbus_request *dbus_req, void *data)
336 : {
337 0 : struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx);
338 0 : struct nss_ctx *nctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx);
339 :
340 0 : nss_update_pw_memcache(nctx);
341 0 : nss_update_gr_memcache(nctx);
342 :
343 0 : return EOK;
344 : }
345 :
346 0 : static int nss_memcache_initgr_check(struct sbus_request *dbus_req, void *data)
347 : {
348 0 : struct resp_ctx *rctx = talloc_get_type(data, struct resp_ctx);
349 0 : struct nss_ctx *nctx = talloc_get_type(rctx->pvt_ctx, struct nss_ctx);
350 : char *user;
351 : char *domain;
352 : uint32_t *groups;
353 : int gnum;
354 :
355 0 : if (!sbus_request_parse_or_finish(dbus_req,
356 : DBUS_TYPE_STRING, &user,
357 : DBUS_TYPE_STRING, &domain,
358 : DBUS_TYPE_ARRAY, DBUS_TYPE_UINT32, &groups, &gnum,
359 : DBUS_TYPE_INVALID)) {
360 0 : return EOK; /* handled */
361 : }
362 :
363 0 : DEBUG(SSSDBG_TRACE_LIBS,
364 : "Got request for [%s@%s]\n", user, domain);
365 :
366 0 : nss_update_initgr_memcache(nctx, user, domain, gnum, groups);
367 :
368 0 : return sbus_request_return_and_finish(dbus_req, DBUS_TYPE_INVALID);
369 : }
370 :
371 : static struct data_provider_rev_iface nss_dp_methods = {
372 : { &data_provider_rev_iface_meta, 0 },
373 : .updateCache = nss_update_memcache,
374 : .initgrCheck = nss_memcache_initgr_check
375 : };
376 :
377 0 : static void nss_dp_reconnect_init(struct sbus_connection *conn,
378 : int status, void *pvt)
379 : {
380 0 : struct be_conn *be_conn = talloc_get_type(pvt, struct be_conn);
381 : int ret;
382 :
383 : /* Did we reconnect successfully? */
384 0 : if (status == SBUS_RECONNECT_SUCCESS) {
385 0 : DEBUG(SSSDBG_CRIT_FAILURE, "Reconnected to the Data Provider.\n");
386 :
387 : /* Identify ourselves to the data provider */
388 0 : ret = dp_common_send_id(be_conn->conn,
389 : DATA_PROVIDER_VERSION,
390 : "NSS");
391 : /* all fine */
392 0 : if (ret == EOK) {
393 0 : handle_requests_after_reconnect(be_conn->rctx);
394 0 : return;
395 : }
396 : }
397 :
398 : /* Failed to reconnect */
399 0 : DEBUG(SSSDBG_FATAL_FAILURE, "Could not reconnect to %s provider.\n",
400 : be_conn->domain->name);
401 :
402 : /* FIXME: kill the frontend and let the monitor restart it ? */
403 : /* nss_shutdown(rctx); */
404 : }
405 :
406 0 : int nss_process_init(TALLOC_CTX *mem_ctx,
407 : struct tevent_context *ev,
408 : struct confdb_ctx *cdb)
409 : {
410 : struct resp_ctx *rctx;
411 : struct sss_cmd_table *nss_cmds;
412 : struct be_conn *iter;
413 : struct nss_ctx *nctx;
414 : int memcache_timeout;
415 : int ret, max_retries;
416 : enum idmap_error_code err;
417 : int hret;
418 : int fd_limit;
419 :
420 0 : nss_cmds = get_nss_cmds();
421 :
422 0 : ret = sss_process_init(mem_ctx, ev, cdb,
423 : nss_cmds,
424 : SSS_NSS_SOCKET_NAME, -1, NULL, -1,
425 : CONFDB_NSS_CONF_ENTRY,
426 : NSS_SBUS_SERVICE_NAME,
427 : NSS_SBUS_SERVICE_VERSION,
428 : &monitor_nss_methods,
429 : "NSS", &nss_dp_methods.vtable,
430 : &rctx);
431 0 : if (ret != EOK) {
432 0 : DEBUG(SSSDBG_FATAL_FAILURE, "sss_process_init() failed\n");
433 0 : return ret;
434 : }
435 :
436 0 : nctx = talloc_zero(rctx, struct nss_ctx);
437 0 : if (!nctx) {
438 0 : DEBUG(SSSDBG_FATAL_FAILURE, "fatal error initializing nss_ctx\n");
439 0 : ret = ENOMEM;
440 0 : goto fail;
441 : }
442 :
443 0 : ret = sss_ncache_init(rctx, &nctx->ncache);
444 0 : if (ret != EOK) {
445 0 : DEBUG(SSSDBG_FATAL_FAILURE,
446 : "fatal error initializing negative cache\n");
447 0 : goto fail;
448 : }
449 :
450 0 : nctx->rctx = rctx;
451 0 : nctx->rctx->pvt_ctx = nctx;
452 :
453 0 : ret = nss_get_config(nctx, cdb);
454 0 : if (ret != EOK) {
455 0 : DEBUG(SSSDBG_FATAL_FAILURE, "fatal error getting nss config\n");
456 0 : goto fail;
457 : }
458 :
459 : /* Enable automatic reconnection to the Data Provider */
460 0 : ret = confdb_get_int(nctx->rctx->cdb,
461 : CONFDB_NSS_CONF_ENTRY,
462 : CONFDB_SERVICE_RECON_RETRIES,
463 : 3, &max_retries);
464 0 : if (ret != EOK) {
465 0 : DEBUG(SSSDBG_FATAL_FAILURE,
466 : "Failed to set up automatic reconnection\n");
467 0 : goto fail;
468 : }
469 :
470 0 : for (iter = nctx->rctx->be_conns; iter; iter = iter->next) {
471 0 : sbus_reconnect_init(iter->conn, max_retries,
472 : nss_dp_reconnect_init, iter);
473 : }
474 :
475 0 : err = sss_idmap_init(sss_idmap_talloc, nctx, sss_idmap_talloc_free,
476 : &nctx->idmap_ctx);
477 0 : if (err != IDMAP_SUCCESS) {
478 0 : DEBUG(SSSDBG_FATAL_FAILURE, "sss_idmap_init failed.\n");
479 0 : ret = EFAULT;
480 0 : goto fail;
481 : }
482 :
483 : /* Create the lookup table for netgroup results */
484 0 : hret = sss_hash_create_ex(nctx, 10, &nctx->netgroups, 0, 0, 0, 0,
485 : netgroup_hash_delete_cb, NULL);
486 0 : if (hret != HASH_SUCCESS) {
487 0 : DEBUG(SSSDBG_FATAL_FAILURE,
488 : "Unable to initialize netgroup hash table\n");
489 0 : ret = EIO;
490 0 : goto fail;
491 : }
492 :
493 : /* create mmap caches */
494 : /* Remove the CLEAR_MC_FLAG file if exists. */
495 0 : ret = unlink(SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG);
496 0 : if (ret != 0 && errno != ENOENT) {
497 0 : ret = errno;
498 0 : DEBUG(SSSDBG_CRIT_FAILURE,
499 : "Failed to unlink file [%s]. This can cause memory cache to "
500 : "be purged when next log rotation is requested. %d: %s\n",
501 : SSS_NSS_MCACHE_DIR"/"CLEAR_MC_FLAG, ret, strerror(ret));
502 : }
503 :
504 0 : ret = confdb_get_int(nctx->rctx->cdb,
505 : CONFDB_NSS_CONF_ENTRY,
506 : CONFDB_MEMCACHE_TIMEOUT,
507 : 300, &memcache_timeout);
508 0 : if (ret != EOK) {
509 0 : DEBUG(SSSDBG_FATAL_FAILURE,
510 : "Failed to get 'memcache_timeout' option from confdb.\n");
511 0 : goto fail;
512 : }
513 :
514 : /* TODO: read cache sizes from configuration */
515 0 : ret = sss_mmap_cache_init(nctx, "passwd", SSS_MC_PASSWD,
516 : SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
517 : &nctx->pwd_mc_ctx);
518 0 : if (ret) {
519 0 : DEBUG(SSSDBG_CRIT_FAILURE, "passwd mmap cache is DISABLED\n");
520 : }
521 :
522 0 : ret = sss_mmap_cache_init(nctx, "group", SSS_MC_GROUP,
523 : SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
524 : &nctx->grp_mc_ctx);
525 0 : if (ret) {
526 0 : DEBUG(SSSDBG_CRIT_FAILURE, "group mmap cache is DISABLED\n");
527 : }
528 :
529 0 : ret = sss_mmap_cache_init(nctx, "initgroups", SSS_MC_INITGROUPS,
530 : SSS_MC_CACHE_ELEMENTS, (time_t)memcache_timeout,
531 : &nctx->initgr_mc_ctx);
532 0 : if (ret) {
533 0 : DEBUG(SSSDBG_CRIT_FAILURE, "inigroups mmap cache is DISABLED\n");
534 : }
535 :
536 : /* Set up file descriptor limits */
537 0 : ret = confdb_get_int(nctx->rctx->cdb,
538 : CONFDB_NSS_CONF_ENTRY,
539 : CONFDB_SERVICE_FD_LIMIT,
540 : DEFAULT_NSS_FD_LIMIT,
541 : &fd_limit);
542 0 : if (ret != EOK) {
543 0 : DEBUG(SSSDBG_FATAL_FAILURE,
544 : "Failed to set up file descriptor limit\n");
545 0 : goto fail;
546 : }
547 0 : responder_set_fd_limit(fd_limit);
548 :
549 0 : ret = schedule_get_domains_task(rctx, rctx->ev, rctx, nctx->ncache);
550 0 : if (ret != EOK) {
551 0 : DEBUG(SSSDBG_FATAL_FAILURE, "schedule_get_domains_tasks failed.\n");
552 0 : goto fail;
553 : }
554 :
555 0 : ret = sss_ad_default_names_ctx(nctx, &nctx->global_names);
556 0 : if (ret != EOK) {
557 0 : DEBUG(SSSDBG_CRIT_FAILURE, "sss_ad_default_names_ctx failed.\n");
558 0 : goto fail;
559 : }
560 :
561 0 : DEBUG(SSSDBG_TRACE_FUNC, "NSS Initialization complete\n");
562 :
563 0 : return EOK;
564 :
565 : fail:
566 0 : talloc_free(rctx);
567 0 : return ret;
568 : }
569 :
570 0 : int main(int argc, const char *argv[])
571 : {
572 : int opt;
573 : poptContext pc;
574 : struct main_context *main_ctx;
575 : int ret;
576 : uid_t uid;
577 : gid_t gid;
578 :
579 0 : struct poptOption long_options[] = {
580 : POPT_AUTOHELP
581 0 : SSSD_MAIN_OPTS
582 0 : SSSD_SERVER_OPTS(uid, gid)
583 : POPT_TABLEEND
584 : };
585 :
586 : /* Set debug level to invalid value so we can deside if -d 0 was used. */
587 0 : debug_level = SSSDBG_INVALID;
588 :
589 0 : umask(DFL_RSP_UMASK);
590 :
591 0 : pc = poptGetContext(argv[0], argc, argv, long_options, 0);
592 0 : while((opt = poptGetNextOpt(pc)) != -1) {
593 : switch(opt) {
594 : default:
595 0 : fprintf(stderr, "\nInvalid option %s: %s\n\n",
596 : poptBadOption(pc, 0), poptStrerror(opt));
597 0 : poptPrintUsage(pc, stderr, 0);
598 0 : return 1;
599 : }
600 : }
601 :
602 0 : poptFreeContext(pc);
603 :
604 0 : DEBUG_INIT(debug_level);
605 :
606 : /* set up things like debug, signals, daemonization, etc... */
607 0 : debug_log_file = "sssd_nss";
608 :
609 0 : ret = server_setup("sssd[nss]", 0, uid, gid, CONFDB_NSS_CONF_ENTRY,
610 : &main_ctx);
611 0 : if (ret != EOK) return 2;
612 :
613 0 : ret = die_if_parent_died();
614 0 : if (ret != EOK) {
615 : /* This is not fatal, don't return */
616 0 : DEBUG(SSSDBG_OP_FAILURE,
617 : "Could not set up to exit when parent process does\n");
618 : }
619 :
620 0 : ret = nss_process_init(main_ctx,
621 0 : main_ctx->event_ctx,
622 0 : main_ctx->confdb_ctx);
623 0 : if (ret != EOK) return 3;
624 :
625 : /* loop on main */
626 0 : server_loop(main_ctx);
627 :
628 0 : return 0;
629 : }
630 :
|
