mirror of
https://sourceware.org/git/glibc.git
synced 2024-11-22 21:10:07 +00:00
ced8f89336
https://sourceware.org/glibc/wiki/Proposals/GroupMerging == Justification == It is common today for users to rely on centrally-managed user stores for handling their user accounts. However, much software existing today does not have an innate understanding of such accounts. Instead, they commonly rely on membership in known groups for managing access-control (for example the "wheel" group on Fedora and RHEL systems or the "adm" group on Debian-derived systems). In the present incarnation of nsswitch, the only way to have such groups managed by a remote user store such as FreeIPA or Active Directory would be to manually remove the groups from /etc/group on the clients so that nsswitch would then move past nss_files and into the SSSD, nss-ldap or other remote user database. == Solution == With this patch, a new action is introduced for nsswitch: NSS_ACTION_MERGE. To take advantage of it, one will add [SUCCESS=merge] between two database entries in the nsswitch.conf file. When a group is located in the first of the two group entries, processing will continue on to the next one. If the group is also found in the next entry (and the group name and GID are an exact match), the member list of the second entry will be added to the group object to be returned. == Implementation == After each DL_LOOKUP_FN() returns, the next action is checked. If the function returned NSS_STATUS_SUCCESS and the next action is NSS_ACTION_MERGE, a copy of the result buffer is saved for the next pass through the loop. If on this next pass through the loop the database returns another instance of a group matching both the group name and GID, the member list is added to the previous list and it is returned as a single object. If the following database does not contain the same group, then the original is copied back into the destination buffer. This patch implements merge functionality only for the group database. For other databases, there is a default implementation that will return the EINVAL errno if a merge is requested. The merge functionality can be implemented for other databases at a later time if such is needed. Each database must provide a unique implementation of the deep-copy and merge functions. If [SUCCESS=merge] is present in nsswitch.conf for a glibc version that does not support it, glibc will process results up until that operation, at which time it will return results if it has found them or else will simply return an error. In practical terms, this ends up behaving like the remainder of the nsswitch.conf line does not exist. == Iterators == This feature does not modify the iterator functionality from its current behavior. If getgrnam() or getgrgid() is called, glibc will iterate through all entries in the `group` line in nsswitch.conf and display the list of members without attempting to merge them. This is consistent with the behavior of nss_files where if two separate lines are specified for the same group in /etc/groups, getgrnam()/getgrgid() will display both. Clients are already expected to handle this gracefully. == No Premature Optimizations == The following is a list of places that might be eligible for optimization, but were not overengineered for this initial contribution: * Any situation where a merge may occur will result in one malloc() of the same size as the input buffer. * Any situation where a merge does occur will result in a second malloc() to hold the list of pointers to member name strings. * The list of members is simply concatenated together and is not tested for uniqueness (which is identical to the behavior for nss_files, which will simply return identical values if they both exist on the line in the file. This could potentially be optimized to reduce space usage in the buffer, but it is both complex and computationally expensive to do so. == Testing == I performed testing by running the getent utility against my newly-built glibc and configuring /etc/nsswitch.conf with the following entry: group: group: files [SUCCESS=merge] sss In /etc/group I included the line: wheel❌10:sgallagh I then configured my local SSSD using the id_provider=local to respond with: wheel:*:10:localuser,localuser2 I then ran `getent group wheel` against the newly-built glibc in multiple situations and received the expected output as described above: * When SSSD was running. * When SSSD was configured in nsswitch.conf but the daemon was not running. * When SSSD was configured in nsswitch.conf but nss_sss.so.2 was not installed on the system. * When the order of 'sss' and 'files' was reversed. * All of the above with the [SUCCESS=merge] removed (to ensure no regressions). * All of the above with `getent group 10`. * All of the above with `getent group` with and without `enumerate=true` set in SSSD. * All of the above with and without nscd enabled on the system.
467 lines
13 KiB
C
467 lines
13 KiB
C
/* Copyright (C) 1996-2016 Free Software Foundation, Inc.
|
|
This file is part of the GNU C Library.
|
|
Contributed by Ulrich Drepper <drepper@cygnus.com>, 1996.
|
|
|
|
The GNU C Library is free software; you can redistribute it and/or
|
|
modify it under the terms of the GNU Lesser General Public
|
|
License as published by the Free Software Foundation; either
|
|
version 2.1 of the License, or (at your option) any later version.
|
|
|
|
The GNU C Library is distributed in the hope that it will be useful,
|
|
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
|
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
|
|
Lesser General Public License for more details.
|
|
|
|
You should have received a copy of the GNU Lesser General Public
|
|
License along with the GNU C Library; if not, see
|
|
<http://www.gnu.org/licenses/>. */
|
|
|
|
#include <assert.h>
|
|
#include <atomic.h>
|
|
#include <errno.h>
|
|
#include <stdbool.h>
|
|
#include "nsswitch.h"
|
|
#include "sysdep.h"
|
|
#ifdef USE_NSCD
|
|
# include <nscd/nscd_proto.h>
|
|
#endif
|
|
#ifdef NEED__RES_HCONF
|
|
# include <resolv/res_hconf.h>
|
|
#endif
|
|
#ifdef NEED__RES
|
|
# include <resolv.h>
|
|
#endif
|
|
/*******************************************************************\
|
|
|* Here we assume several symbols to be defined: *|
|
|
|* *|
|
|
|* LOOKUP_TYPE - the return type of the function *|
|
|
|* *|
|
|
|* FUNCTION_NAME - name of the non-reentrant function *|
|
|
|* *|
|
|
|* DATABASE_NAME - name of the database the function accesses *|
|
|
|* (e.g., host, services, ...) *|
|
|
|* *|
|
|
|* ADD_PARAMS - additional parameters, can vary in number *|
|
|
|* *|
|
|
|* ADD_VARIABLES - names of additional parameters *|
|
|
|* *|
|
|
|* Optionally the following vars can be defined: *|
|
|
|* *|
|
|
|* EXTRA_PARAMS - optional parameters, can vary in number *|
|
|
|* *|
|
|
|* EXTRA_VARIABLES - names of optional parameter *|
|
|
|* *|
|
|
|* FUNCTION2_NAME - alternative name of the non-reentrant function *|
|
|
|* *|
|
|
|* NEED_H_ERRNO - an extra parameter will be passed to point to *|
|
|
|* the global `h_errno' variable. *|
|
|
|* *|
|
|
|* NEED__RES - the global _res variable might be used so we *|
|
|
|* will have to initialize it if necessary *|
|
|
|* *|
|
|
|* PREPROCESS - code run before anything else *|
|
|
|* *|
|
|
|* POSTPROCESS - code run after the lookup *|
|
|
|* *|
|
|
\*******************************************************************/
|
|
|
|
/* To make the real sources a bit prettier. */
|
|
#define REENTRANT_NAME APPEND_R (FUNCTION_NAME)
|
|
#ifdef FUNCTION2_NAME
|
|
# define REENTRANT2_NAME APPEND_R (FUNCTION2_NAME)
|
|
#else
|
|
# define REENTRANT2_NAME NULL
|
|
#endif
|
|
#define APPEND_R(name) APPEND_R1 (name)
|
|
#define APPEND_R1(name) name##_r
|
|
#define INTERNAL(name) INTERNAL1 (name)
|
|
#define INTERNAL1(name) __##name
|
|
#define NEW(name) NEW1 (name)
|
|
#define NEW1(name) __new_##name
|
|
|
|
#ifdef USE_NSCD
|
|
# define NSCD_NAME ADD_NSCD (REENTRANT_NAME)
|
|
# define ADD_NSCD(name) ADD_NSCD1 (name)
|
|
# define ADD_NSCD1(name) __nscd_##name
|
|
# define NOT_USENSCD_NAME ADD_NOT_NSCDUSE (DATABASE_NAME)
|
|
# define ADD_NOT_NSCDUSE(name) ADD_NOT_NSCDUSE1 (name)
|
|
# define ADD_NOT_NSCDUSE1(name) __nss_not_use_nscd_##name
|
|
# define CONCAT2(arg1, arg2) CONCAT2_2 (arg1, arg2)
|
|
# define CONCAT2_2(arg1, arg2) arg1##arg2
|
|
#endif
|
|
|
|
#define FUNCTION_NAME_STRING STRINGIZE (FUNCTION_NAME)
|
|
#define REENTRANT_NAME_STRING STRINGIZE (REENTRANT_NAME)
|
|
#ifdef FUNCTION2_NAME
|
|
# define REENTRANT2_NAME_STRING STRINGIZE (REENTRANT2_NAME)
|
|
#else
|
|
# define REENTRANT2_NAME_STRING NULL
|
|
#endif
|
|
#define DATABASE_NAME_STRING STRINGIZE (DATABASE_NAME)
|
|
#define STRINGIZE(name) STRINGIZE1 (name)
|
|
#define STRINGIZE1(name) #name
|
|
|
|
#ifndef DB_LOOKUP_FCT
|
|
# define DB_LOOKUP_FCT CONCAT3_1 (__nss_, DATABASE_NAME, _lookup2)
|
|
# define CONCAT3_1(Pre, Name, Post) CONCAT3_2 (Pre, Name, Post)
|
|
# define CONCAT3_2(Pre, Name, Post) Pre##Name##Post
|
|
#endif
|
|
|
|
/* Sometimes we need to store error codes in the `h_errno' variable. */
|
|
#ifdef NEED_H_ERRNO
|
|
# define H_ERRNO_PARM , int *h_errnop
|
|
# define H_ERRNO_VAR , h_errnop
|
|
# define H_ERRNO_VAR_P h_errnop
|
|
#else
|
|
# define H_ERRNO_PARM
|
|
# define H_ERRNO_VAR
|
|
# define H_ERRNO_VAR_P NULL
|
|
#endif
|
|
|
|
#ifndef EXTRA_PARAMS
|
|
# define EXTRA_PARAMS
|
|
#endif
|
|
#ifndef EXTRA_VARIABLES
|
|
# define EXTRA_VARIABLES
|
|
#endif
|
|
|
|
#ifdef HAVE_AF
|
|
# define AF_VAL af
|
|
#else
|
|
# define AF_VAL AF_INET
|
|
#endif
|
|
|
|
|
|
/* Set defaults for merge functions that haven't been defined. */
|
|
#ifndef DEEPCOPY_FN
|
|
static inline int
|
|
__copy_einval (LOOKUP_TYPE a,
|
|
const size_t b,
|
|
LOOKUP_TYPE *c,
|
|
char *d,
|
|
char **e)
|
|
{
|
|
return EINVAL;
|
|
}
|
|
# define DEEPCOPY_FN __copy_einval
|
|
#endif
|
|
|
|
#ifndef MERGE_FN
|
|
static inline int
|
|
__merge_einval (LOOKUP_TYPE *a,
|
|
char *b,
|
|
char *c,
|
|
size_t d,
|
|
LOOKUP_TYPE *e,
|
|
char *f)
|
|
{
|
|
return EINVAL;
|
|
}
|
|
# define MERGE_FN __merge_einval
|
|
#endif
|
|
|
|
#define CHECK_MERGE(err, status) \
|
|
({ \
|
|
do \
|
|
{ \
|
|
if (err) \
|
|
{ \
|
|
__set_errno (err); \
|
|
if (err == ERANGE) \
|
|
status = NSS_STATUS_TRYAGAIN; \
|
|
else \
|
|
status = NSS_STATUS_UNAVAIL; \
|
|
break; \
|
|
} \
|
|
} \
|
|
while (0); \
|
|
})
|
|
|
|
/* Type of the lookup function we need here. */
|
|
typedef enum nss_status (*lookup_function) (ADD_PARAMS, LOOKUP_TYPE *, char *,
|
|
size_t, int * H_ERRNO_PARM
|
|
EXTRA_PARAMS);
|
|
|
|
/* The lookup function for the first entry of this service. */
|
|
extern int DB_LOOKUP_FCT (service_user **nip, const char *name,
|
|
const char *name2, void **fctp)
|
|
internal_function;
|
|
libc_hidden_proto (DB_LOOKUP_FCT)
|
|
|
|
|
|
int
|
|
INTERNAL (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer,
|
|
size_t buflen, LOOKUP_TYPE **result H_ERRNO_PARM
|
|
EXTRA_PARAMS)
|
|
{
|
|
static bool startp_initialized;
|
|
static service_user *startp;
|
|
static lookup_function start_fct;
|
|
service_user *nip;
|
|
int do_merge = 0;
|
|
LOOKUP_TYPE mergegrp;
|
|
char *mergebuf = NULL;
|
|
char *endptr = NULL;
|
|
union
|
|
{
|
|
lookup_function l;
|
|
void *ptr;
|
|
} fct;
|
|
int no_more, err;
|
|
enum nss_status status = NSS_STATUS_UNAVAIL;
|
|
#ifdef USE_NSCD
|
|
int nscd_status;
|
|
#endif
|
|
#ifdef NEED_H_ERRNO
|
|
bool any_service = false;
|
|
#endif
|
|
|
|
#ifdef PREPROCESS
|
|
PREPROCESS;
|
|
#endif
|
|
|
|
#ifdef HANDLE_DIGITS_DOTS
|
|
switch (__nss_hostname_digits_dots (name, resbuf, &buffer, NULL,
|
|
buflen, result, &status, AF_VAL,
|
|
H_ERRNO_VAR_P))
|
|
{
|
|
case -1:
|
|
return errno;
|
|
case 1:
|
|
#ifdef NEED_H_ERRNO
|
|
any_service = true;
|
|
#endif
|
|
goto done;
|
|
}
|
|
#endif
|
|
|
|
#ifdef USE_NSCD
|
|
if (NOT_USENSCD_NAME > 0 && ++NOT_USENSCD_NAME > NSS_NSCD_RETRY)
|
|
NOT_USENSCD_NAME = 0;
|
|
|
|
if (!NOT_USENSCD_NAME
|
|
&& !__nss_database_custom[CONCAT2 (NSS_DBSIDX_, DATABASE_NAME)])
|
|
{
|
|
nscd_status = NSCD_NAME (ADD_VARIABLES, resbuf, buffer, buflen, result
|
|
H_ERRNO_VAR);
|
|
if (nscd_status >= 0)
|
|
return nscd_status;
|
|
}
|
|
#endif
|
|
|
|
if (! startp_initialized)
|
|
{
|
|
no_more = DB_LOOKUP_FCT (&nip, REENTRANT_NAME_STRING,
|
|
REENTRANT2_NAME_STRING, &fct.ptr);
|
|
if (no_more)
|
|
{
|
|
void *tmp_ptr = (service_user *) -1l;
|
|
#ifdef PTR_MANGLE
|
|
PTR_MANGLE (tmp_ptr);
|
|
#endif
|
|
startp = tmp_ptr;
|
|
}
|
|
else
|
|
{
|
|
#ifdef NEED__RES
|
|
/* The resolver code will really be used so we have to
|
|
initialize it. */
|
|
if (__res_maybe_init (&_res, 0) == -1)
|
|
{
|
|
*h_errnop = NETDB_INTERNAL;
|
|
*result = NULL;
|
|
return errno;
|
|
}
|
|
#endif /* need _res */
|
|
#ifdef NEED__RES_HCONF
|
|
if (!_res_hconf.initialized)
|
|
_res_hconf_init ();
|
|
#endif /* need _res_hconf */
|
|
|
|
void *tmp_ptr = fct.l;
|
|
#ifdef PTR_MANGLE
|
|
PTR_MANGLE (tmp_ptr);
|
|
#endif
|
|
start_fct = tmp_ptr;
|
|
tmp_ptr = nip;
|
|
#ifdef PTR_MANGLE
|
|
PTR_MANGLE (tmp_ptr);
|
|
#endif
|
|
startp = tmp_ptr;
|
|
}
|
|
|
|
/* Make sure start_fct and startp are written before
|
|
startp_initialized. */
|
|
atomic_write_barrier ();
|
|
startp_initialized = true;
|
|
}
|
|
else
|
|
{
|
|
fct.l = start_fct;
|
|
nip = startp;
|
|
#ifdef PTR_DEMANGLE
|
|
PTR_DEMANGLE (fct.l);
|
|
PTR_DEMANGLE (nip);
|
|
#endif
|
|
no_more = nip == (service_user *) -1l;
|
|
}
|
|
|
|
while (no_more == 0)
|
|
{
|
|
#ifdef NEED_H_ERRNO
|
|
any_service = true;
|
|
#endif
|
|
|
|
status = DL_CALL_FCT (fct.l, (ADD_VARIABLES, resbuf, buffer, buflen,
|
|
&errno H_ERRNO_VAR EXTRA_VARIABLES));
|
|
|
|
/* The status is NSS_STATUS_TRYAGAIN and errno is ERANGE the
|
|
provided buffer is too small. In this case we should give
|
|
the user the possibility to enlarge the buffer and we should
|
|
not simply go on with the next service (even if the TRYAGAIN
|
|
action tells us so). */
|
|
if (status == NSS_STATUS_TRYAGAIN
|
|
#ifdef NEED_H_ERRNO
|
|
&& *h_errnop == NETDB_INTERNAL
|
|
#endif
|
|
&& errno == ERANGE)
|
|
break;
|
|
|
|
if (do_merge)
|
|
{
|
|
|
|
if (status == NSS_STATUS_SUCCESS)
|
|
{
|
|
/* The previous loop saved a buffer for merging.
|
|
Perform the merge now. */
|
|
err = MERGE_FN (&mergegrp, mergebuf, endptr, buflen, resbuf,
|
|
buffer);
|
|
CHECK_MERGE (err,status);
|
|
do_merge = 0;
|
|
}
|
|
else
|
|
{
|
|
/* If the result wasn't SUCCESS, copy the saved buffer back
|
|
into the result buffer and set the status back to
|
|
NSS_STATUS_SUCCESS to match the previous pass through the
|
|
loop.
|
|
* If the next action is CONTINUE, it will overwrite the value
|
|
currently in the buffer and return the new value.
|
|
* If the next action is RETURN, we'll return the previously-
|
|
acquired values.
|
|
* If the next action is MERGE, then it will be added to the
|
|
buffer saved from the previous source. */
|
|
err = DEEPCOPY_FN (mergegrp, buflen, resbuf, buffer, NULL);
|
|
CHECK_MERGE (err, status);
|
|
status = NSS_STATUS_SUCCESS;
|
|
}
|
|
}
|
|
|
|
/* If we were are configured to merge this value with the next one,
|
|
save the current value of the group struct. */
|
|
if (nss_next_action (nip, status) == NSS_ACTION_MERGE
|
|
&& status == NSS_STATUS_SUCCESS)
|
|
{
|
|
/* Copy the current values into a buffer to be merged with the next
|
|
set of retrieved values. */
|
|
if (mergebuf == NULL)
|
|
{
|
|
/* Only allocate once and reuse it for as many merges as we need
|
|
to perform. */
|
|
mergebuf = malloc (buflen);
|
|
if (mergebuf == NULL)
|
|
{
|
|
__set_errno (ENOMEM);
|
|
status = NSS_STATUS_UNAVAIL;
|
|
break;
|
|
}
|
|
}
|
|
|
|
err = DEEPCOPY_FN (*resbuf, buflen, &mergegrp, mergebuf, &endptr);
|
|
CHECK_MERGE (err, status);
|
|
do_merge = 1;
|
|
}
|
|
|
|
no_more = __nss_next2 (&nip, REENTRANT_NAME_STRING,
|
|
REENTRANT2_NAME_STRING, &fct.ptr, status, 0);
|
|
}
|
|
free (mergebuf);
|
|
mergebuf = NULL;
|
|
|
|
#ifdef HANDLE_DIGITS_DOTS
|
|
done:
|
|
#endif
|
|
*result = status == NSS_STATUS_SUCCESS ? resbuf : NULL;
|
|
#ifdef NEED_H_ERRNO
|
|
if (status == NSS_STATUS_UNAVAIL && !any_service && errno != ENOENT)
|
|
/* This happens when we weren't able to use a service for reasons other
|
|
than the module not being found. In such a case, we'd want to tell the
|
|
caller that errno has the real reason for failure. */
|
|
*h_errnop = NETDB_INTERNAL;
|
|
else if (status != NSS_STATUS_SUCCESS && !any_service)
|
|
/* We were not able to use any service. */
|
|
*h_errnop = NO_RECOVERY;
|
|
#endif
|
|
#ifdef POSTPROCESS
|
|
POSTPROCESS;
|
|
#endif
|
|
|
|
int res;
|
|
if (status == NSS_STATUS_SUCCESS || status == NSS_STATUS_NOTFOUND)
|
|
res = 0;
|
|
/* Don't pass back ERANGE if this is not for a too-small buffer. */
|
|
else if (errno == ERANGE && status != NSS_STATUS_TRYAGAIN)
|
|
res = EINVAL;
|
|
#ifdef NEED_H_ERRNO
|
|
/* These functions only set errno if h_errno is NETDB_INTERNAL. */
|
|
else if (status == NSS_STATUS_TRYAGAIN && *h_errnop != NETDB_INTERNAL)
|
|
res = EAGAIN;
|
|
#endif
|
|
else
|
|
return errno;
|
|
|
|
__set_errno (res);
|
|
return res;
|
|
}
|
|
|
|
|
|
#ifdef NO_COMPAT_NEEDED
|
|
strong_alias (INTERNAL (REENTRANT_NAME), REENTRANT_NAME);
|
|
#elif !defined FUNCTION2_NAME
|
|
# include <shlib-compat.h>
|
|
# if SHLIB_COMPAT (libc, GLIBC_2_0, GLIBC_2_1_2)
|
|
# define OLD(name) OLD1 (name)
|
|
# define OLD1(name) __old_##name
|
|
|
|
int
|
|
attribute_compat_text_section
|
|
OLD (REENTRANT_NAME) (ADD_PARAMS, LOOKUP_TYPE *resbuf, char *buffer,
|
|
size_t buflen, LOOKUP_TYPE **result H_ERRNO_PARM)
|
|
{
|
|
int ret = INTERNAL (REENTRANT_NAME) (ADD_VARIABLES, resbuf, buffer,
|
|
buflen, result H_ERRNO_VAR);
|
|
|
|
if (ret != 0 || result == NULL)
|
|
ret = -1;
|
|
|
|
return ret;
|
|
}
|
|
|
|
# define do_symbol_version(real, name, version) \
|
|
compat_symbol (libc, real, name, version)
|
|
do_symbol_version (OLD (REENTRANT_NAME), REENTRANT_NAME, GLIBC_2_0);
|
|
# endif
|
|
|
|
/* As INTERNAL (REENTRANT_NAME) may be hidden, we need an alias
|
|
in between so that the REENTRANT_NAME@@GLIBC_2.1.2 is not
|
|
hidden too. */
|
|
strong_alias (INTERNAL (REENTRANT_NAME), NEW (REENTRANT_NAME));
|
|
|
|
# define do_default_symbol_version(real, name, version) \
|
|
versioned_symbol (libc, real, name, version)
|
|
do_default_symbol_version (NEW (REENTRANT_NAME),
|
|
REENTRANT_NAME, GLIBC_2_1_2);
|
|
#endif
|
|
|
|
nss_interface_function (REENTRANT_NAME)
|