sssd 2.6.1
Data Structures | Enumerations | Functions
The ConfDB API

The ConfDB is an interface for data providers to access the configuration information provided in the sssd.conf. More...

Data Structures

struct  sss_domain_info
 Data structure storing all of the basic features of a domain. More...
 

Enumerations

enum  sss_domain_state { DOM_ACTIVE , DOM_DISABLED , DOM_INACTIVE , DOM_INCONSISTENT }
 sssd domain state More...
 
enum  sss_domain_type { DOM_TYPE_POSIX , DOM_TYPE_APPLICATION }
 Whether the domain only supports looking up POSIX entries. More...
 

Functions

int confdb_init (TALLOC_CTX *mem_ctx, struct confdb_ctx **cdb_ctx, const char *confdb_location)
 Initialize the connection to the ConfDB. More...
 
int confdb_get_domain (struct confdb_ctx *cdb, const char *name, struct sss_domain_info **domain)
 Get a domain object for the named domain. More...
 
int confdb_get_domains (struct confdb_ctx *cdb, struct sss_domain_info **domains)
 Get a null-terminated linked-list of active domain objects. More...
 
int confdb_list_all_domain_names (TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, char ***_names)
 Get a null-terminated linked-list of all domain names. More...
 
int confdb_add_param (struct confdb_ctx *cdb, bool replace, const char *section, const char *attribute, const char **values)
 Add an arbitrary parameter to the confdb. More...
 
int confdb_get_param (struct confdb_ctx *cdb, TALLOC_CTX *mem_ctx, const char *section, const char *attribute, char ***values)
 Retrieve all values for an attribute. More...
 
int confdb_get_string (struct confdb_ctx *cdb, TALLOC_CTX *ctx, const char *section, const char *attribute, const char *defstr, char **result)
 Convenience function to retrieve a single-valued attribute as a string. More...
 
int confdb_get_int (struct confdb_ctx *cdb, const char *section, const char *attribute, int defval, int *result)
 Convenience function to retrieve a single-valued attribute as an integer. More...
 
int confdb_get_bool (struct confdb_ctx *cdb, const char *section, const char *attribute, bool defval, bool *result)
 Convenience function to retrieve a single-valued attribute as a boolean. More...
 
int confdb_set_string (struct confdb_ctx *cdb, const char *section, const char *attribute, const char *val)
 Convenience function to set a single-valued attribute as a string. More...
 
int confdb_get_string_as_list (struct confdb_ctx *cdb, TALLOC_CTX *ctx, const char *section, const char *attribute, char ***result)
 Convenience function to retrieve a single-valued attribute as a null-terminated array of strings. More...
 
int confdb_get_sub_sections (TALLOC_CTX *mem_ctx, struct confdb_ctx *cdb, const char *section, char ***sections, int *num_sections)
 Convenience function to retrieve a list of subsections given a configuration section name. More...
 
int confdb_certmap_to_sysdb (struct confdb_ctx *cdb, struct sss_domain_info *dom)
 Convenience function to write the certificate mapping and matching rules from the configuration database to the cache of a domain. More...
 

Detailed Description

The ConfDB is an interface for data providers to access the configuration information provided in the sssd.conf.

Enumeration Type Documentation

◆ sss_domain_state

sssd domain state

Enumerator
DOM_ACTIVE 

Domain is usable by both responders and providers.

This is the default state after creating a new domain

DOM_DISABLED 

Domain was removed, should not be used be neither responders not providers.

DOM_INACTIVE 

Domain cannot be contacted.

Providers return an offline error code when receiving request for inactive domain, but responders should return cached data

DOM_INCONSISTENT 

Domain is being updated.

Responders should ignore cached data and always contact the DP

◆ sss_domain_type

Whether the domain only supports looking up POSIX entries.

Enumerator
DOM_TYPE_POSIX 

This is the default domain type.

It resolves only entries with the full POSIX set of attributes

DOM_TYPE_APPLICATION 

In this mode, entries are typically resolved only by name.

Function Documentation

◆ confdb_add_param()

int confdb_add_param ( struct confdb_ctx *  cdb,
bool  replace,
const char *  section,
const char *  attribute,
const char **  values 
)

Add an arbitrary parameter to the confdb.

This is mostly useful for testing, as they will not persist between SSSD restarts. For persistence, make changes to the sssd.conf file.

Parameters
[in]cdbThe connection object to the confdb
[in]replaceIf replace is set to true, pre-existing values will be overwritten. If it is false, the provided values will be added to the attribute.
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[in]valuesA null-terminated array of values to add to the attribute
Returns
0 - Successfully added the provided value(s)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed
EIO - An I/O error occurred communicating with the ConfDB

◆ confdb_certmap_to_sysdb()

int confdb_certmap_to_sysdb ( struct confdb_ctx *  cdb,
struct sss_domain_info dom 
)

Convenience function to write the certificate mapping and matching rules from the configuration database to the cache of a domain.

Parameters
[in]cdbThe connection object to the confdb
[in]domTarget domain where to rules should be written to
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - Typically internal processing error

◆ confdb_get_bool()

int confdb_get_bool ( struct confdb_ctx *  cdb,
const char *  section,
const char *  attribute,
bool  defval,
bool *  result 
)

Convenience function to retrieve a single-valued attribute as a boolean.

This function will read (in a case-insensitive manner) a "true" or "false" value from the ConfDB and convert it to an integral bool value.

Parameters
[in]cdbThe connection object to the confdb
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[in]defvalIf not NULL, the boolean state to use if the attribute does not exist in the ConfDB
[out]resultA pointer to the retrieved (or default) bool
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed, the attribute was not single-valued, or the value was not a boolean.
EIO - An I/O error occurred while communicating with the ConfDB

◆ confdb_get_domain()

int confdb_get_domain ( struct confdb_ctx *  cdb,
const char *  name,
struct sss_domain_info **  domain 
)

Get a domain object for the named domain.

Parameters
[in]cdbThe connection object to the confdb
[in]nameThe name of the domain to retrieve
[out]domainA pointer to a domain object for the domain given by name
Returns
0 - Lookup succeeded and domain was populated
ENOMEM - There was insufficient memory to complete the operation
ENOENT - The named domain does not exist or is not set active

◆ confdb_get_domains()

int confdb_get_domains ( struct confdb_ctx *  cdb,
struct sss_domain_info **  domains 
)

Get a null-terminated linked-list of active domain objects.

Parameters
[in]cdbThe connection object to the confdb
[out]domainsA pointer to the first entry of a linked-list of domain objects
Returns
0 - Lookup succeeded and all active domains are in the list
ENOMEM - There was insufficient memory to complete the operation
ENOENT - No active domains are configured

◆ confdb_get_int()

int confdb_get_int ( struct confdb_ctx *  cdb,
const char *  section,
const char *  attribute,
int  defval,
int *  result 
)

Convenience function to retrieve a single-valued attribute as an integer.

Parameters
[in]cdbThe connection object to the confdb
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[in]defvalIf not NULL, the integer to use if the attribute does not exist in the ConfDB
[out]resultA pointer to the retrieved (or default) integer
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed, or the attribute was not single-valued.
EIO - An I/O error occurred while communicating with the ConfDB
ERANGE - The value stored in the ConfDB was outside the range [INT_MIN..INT_MAX]

◆ confdb_get_param()

int confdb_get_param ( struct confdb_ctx *  cdb,
TALLOC_CTX *  mem_ctx,
const char *  section,
const char *  attribute,
char ***  values 
)

Retrieve all values for an attribute.

Parameters
[in]cdbThe connection object to the confdb
[in]mem_ctxThe parent memory context for the value list
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[out]valuesA null-terminated array of cstrings containing all values for this attribute
Returns
0 - Successfully retrieved the value(s)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed
EIO - An I/O error occurred while communicating with the ConfDB

◆ confdb_get_string()

int confdb_get_string ( struct confdb_ctx *  cdb,
TALLOC_CTX *  ctx,
const char *  section,
const char *  attribute,
const char *  defstr,
char **  result 
)

Convenience function to retrieve a single-valued attribute as a string.

Parameters
[in]cdbThe connection object to the confdb
[in]ctxThe parent memory context for the returned string
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[in]defstrIf not NULL, the string to use if the attribute does not exist in the ConfDB
[out]resultA pointer to the retrieved (or default) string
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed, or the attribute was not single-valued.
EIO - An I/O error occurred while communicating with the ConfDB

◆ confdb_get_string_as_list()

int confdb_get_string_as_list ( struct confdb_ctx *  cdb,
TALLOC_CTX *  ctx,
const char *  section,
const char *  attribute,
char ***  result 
)

Convenience function to retrieve a single-valued attribute as a null-terminated array of strings.

This function will automatically split a comma-separated string in an attribute into a null-terminated array of strings. This is useful for storing and retrieving ordered lists, as ConfDB multivalued attributes do not guarantee retrieval order.

Parameters
[in]cdbThe connection object to the confdb
[in]ctxThe parent memory context for the returned string
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[out]resultA pointer to the retrieved array of strings
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed, or the attribute was not single-valued.
ENOENT - The attribute was not found.
EIO - An I/O error occurred while communicating with the ConfDB

◆ confdb_get_sub_sections()

int confdb_get_sub_sections ( TALLOC_CTX *  mem_ctx,
struct confdb_ctx *  cdb,
const char *  section,
char ***  sections,
int *  num_sections 
)

Convenience function to retrieve a list of subsections given a configuration section name.

Parameters
[in]mem_ctxThe parent memory context for the returned list
[in]cdbThe connection object to the confdb
[in]sectionThe ConfDB section to look for. All sections should start with 'config/'. Subsections are separated by slashes.
[out]sectionsNames of the subsections relative to the section requested. If "a/b" is requested then "c/d" is returned for the section named [a/b/c/d]
[out]num_sectionsNumber of section names returned
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed.
ENOENT - No section was found.
EIO - An I/O error occurred while communicating with the ConfDB

◆ confdb_init()

int confdb_init ( TALLOC_CTX *  mem_ctx,
struct confdb_ctx **  cdb_ctx,
const char *  confdb_location 
)

Initialize the connection to the ConfDB.

Parameters
[in]mem_ctxThe parent memory context for the confdb_ctx
[out]cdb_ctxThe newly-created connection object
[in]confdb_locationThe absolute path to the ConfDB file on the filesystem
Returns
0 - Connection succeeded and cdb_ctx was populated
ENOMEM - There was not enough memory to create the cdb_ctx
EIO - There was an I/O error communicating with the ConfDB file

◆ confdb_list_all_domain_names()

int confdb_list_all_domain_names ( TALLOC_CTX *  mem_ctx,
struct confdb_ctx *  cdb,
char ***  _names 
)

Get a null-terminated linked-list of all domain names.

Parameters
[in]mem_ctxThe parent memory context for the value list
[in]cdbThe connection object to the confdb
[out]_namesOutput list
Returns
0 - Lookup succeeded and all domain names are in the list
ENOMEM - There was insufficient memory to complete the operation
ENOENT - No active domains are configured
EIO - There was an I/O error communicating with the ConfDB file
EINVAL - Corrupted confdb object

◆ confdb_set_string()

int confdb_set_string ( struct confdb_ctx *  cdb,
const char *  section,
const char *  attribute,
const char *  val 
)

Convenience function to set a single-valued attribute as a string.

Parameters
[in]cdbThe connection object to the confdb
[in]sectionThe ConfDB section to update. This is constructed from the format of the sssd.conf file. All sections start with 'config/'. Subsections are separated by slashes. e.g. [domain/LDAP] in sssd.conf would translate to config/domain/LDAP
[in]attributeThe name of the attribute to update
[in]valNew value of the attribute.
Returns
0 - Successfully retrieved the entry (or used the default)
ENOMEM - There was insufficient memory to complete the operation
EINVAL - The section could not be parsed
EIO - An I/O error occurred while communicating with the ConfDB