2c812f3
From d38421b5beb91de9213203bee87a3717952f52bc Mon Sep 17 00:00:00 2001
2c812f3
From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= <fidencio@redhat.com>
2c812f3
Date: Wed, 14 Mar 2018 22:55:21 +0100
2c812f3
Subject: [PATCH 03/15] CONFDB: Start a ldb transaction from
2c812f3
 sss_ldb_modify_permissive()
2c812f3
MIME-Version: 1.0
2c812f3
Content-Type: text/plain; charset=UTF-8
2c812f3
Content-Transfer-Encoding: 8bit
2c812f3
2c812f3
The reason why confdb_expand_app_domains() always fails is because we
2c812f3
try to do a ldb_request() without starting a ldb transaction.
2c812f3
2c812f3
When we're dealing with ldb_modify(), ldb_add(), ldb_delete() kind of
2c812f3
messages, those call ldb_autotransaction_request() which will start a
2c812f3
new transaction and treat it properly when doing the ldb_request(). In
2c812f3
our case that we're calling ldb_request() by our own, we must ensure
2c812f3
that the transaction is started and properly deal with it._
2c812f3
2c812f3
It's never been noticed because in the only place the function is used
2c812f3
its errors are ignored.
2c812f3
2c812f3
Resolves:
2c812f3
https://pagure.io/SSSD/sssd/issue/3660
2c812f3
2c812f3
Signed-off-by: Fabiano FidĂȘncio <fidencio@redhat.com>
2c812f3
2c812f3
Reviewed-by: Jakub Hrozek <jhrozek@redhat.com>
2c812f3
---
2c812f3
 src/db/sysdb_ops.c | 39 ++++++++++++++++++++++++++++++++++++++-
2c812f3
 1 file changed, 38 insertions(+), 1 deletion(-)
2c812f3
2c812f3
diff --git a/src/db/sysdb_ops.c b/src/db/sysdb_ops.c
2c812f3
index 15915101e..cc86a114e 100644
2c812f3
--- a/src/db/sysdb_ops.c
2c812f3
+++ b/src/db/sysdb_ops.c
2c812f3
@@ -66,7 +66,9 @@ int sss_ldb_modify_permissive(struct ldb_context *ldb,
2c812f3
                               struct ldb_message *msg)
2c812f3
 {
2c812f3
     struct ldb_request *req;
2c812f3
-    int ret = EOK;
2c812f3
+    int ret;
2c812f3
+    int cancel_ret;
2c812f3
+    bool in_transaction = false;
2c812f3
 
2c812f3
     ret = ldb_build_mod_req(&req, ldb, ldb,
2c812f3
                             msg,
2c812f3
@@ -84,9 +86,44 @@ int sss_ldb_modify_permissive(struct ldb_context *ldb,
2c812f3
         return ret;
2c812f3
     }
2c812f3
 
2c812f3
+    ret = ldb_transaction_start(ldb);
2c812f3
+    if (ret != LDB_SUCCESS) {
2c812f3
+        DEBUG(SSSDBG_CRIT_FAILURE,
2c812f3
+              "Failed to start ldb transaction [%d]: %s\n",
2c812f3
+              ret, sss_strerror(ret));
2c812f3
+        goto done;
2c812f3
+    }
2c812f3
+
2c812f3
+    in_transaction = true;
2c812f3
+
2c812f3
     ret = ldb_request(ldb, req);
2c812f3
     if (ret == LDB_SUCCESS) {
2c812f3
         ret = ldb_wait(req->handle, LDB_WAIT_ALL);
2c812f3
+        if (ret != LDB_SUCCESS) {
2c812f3
+            goto done;
2c812f3
+        }
2c812f3
+    }
2c812f3
+
2c812f3
+    ret = ldb_transaction_commit(ldb);
2c812f3
+    if (ret != LDB_SUCCESS) {
2c812f3
+        DEBUG(SSSDBG_CRIT_FAILURE,
2c812f3
+              "Failed to commit ldb transaction [%d]: %s\n",
2c812f3
+              ret, sss_strerror(ret));
2c812f3
+        goto done;
2c812f3
+    }
2c812f3
+
2c812f3
+    in_transaction = false;
2c812f3
+
2c812f3
+    ret = LDB_SUCCESS;
2c812f3
+
2c812f3
+done:
2c812f3
+    if (in_transaction) {
2c812f3
+        cancel_ret = ldb_transaction_cancel(ldb);
2c812f3
+        if (cancel_ret != LDB_SUCCESS) {
2c812f3
+            DEBUG(SSSDBG_CRIT_FAILURE,
2c812f3
+                  "Failed to cancel ldb transaction [%d]: %s\n",
2c812f3
+                  cancel_ret, sss_strerror(cancel_ret));
2c812f3
+        }
2c812f3
     }
2c812f3
 
2c812f3
     talloc_free(req);
2c812f3
-- 
2c812f3
2.14.3
2c812f3