[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Access of entryUUID in an overlay module
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On 20.01.2014 17:24, Alexander Kläser wrote:
> Am Fr 17 Jan 2014 18:31:07 CET schrieb Howard Chu:
>> Alexander Kläser wrote:
>>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>>
>>> Dear all,
>>>
>>> I am new to OpenLDAP. In order to process transactions in a
>>> separate piece of software, I am parsing the output of a
>>> slightly modified version of the auditlog overlay module. As I
>>> need to know the entryUUID of a modified LDAP object, I tried
>>> to query it and write it along with the other information into
>>> the auditlog file.
>>>
>>> My current patch seems to navigate slapd into a deadlock
>>> situation. I do not understand the reason for that and would
>>> be very happy if someone may help to point me into the correct
>>> direction for implementing this.
>
>> Simple: after you fetch the entry, you also must release it.
>
>> Your patch is also broken in that you've inserted your code into
>> the generic code path, so it will execute for Add operations as
>> well. Obviously for an Add operation, there will not be an entry
>> in the DB to fetch, all of the entry data is part of the
>> Operation.
>
> Dear Howard, thank you very much for your reply! True, that sounds
> logical to, me as well. I tried to modify my patch in the suggested
> way, however, after an add operation (that is being written into
> the auditlog file correctly with the entryUUID), slapd aborts with
> a SIGABRT. Do you have another hint for that behaviour?
>
> Here is my latest patch: ...
Dear Howard, that was my mistake, I was testing in my last patch with:
> if (op->o_tag == LDAP_MOD_ADD)
yet needed to change it to
> if (op->o_tag == LDAP_REQ_ADD)
Then the patch worked as excpected. I also replace be_entry_get_rw()
with the convenience function overlay_entry_get_ov(). I attach the
final patch below.
Thanks again for the help!
best regards
Alex
- --- ./servers/slapd/overlays/auditlog.c.orig 2014-01-09
12:26:22.060000000 -0500
+++ ./servers/slapd/overlays/auditlog.c 2014-01-23 06:33:45.540000000
- -0500
@@ -24,6 +24,7 @@
#ifdef SLAPD_OVER_AUDITLOG
#include <stdio.h>
+#include <time.h>
#include <ac/string.h>
#include <ac/ctype.h>
@@ -74,8 +75,13 @@ static int auditlog_response(Operation *
Modifications *m;
struct berval *b, *who = NULL, peername;
char *what, *whatm, *suffix;
- - time_t stamp;
+ struct timeval stamp;
int i;
+ int rc;
+ Entry *e = NULL;
+ Attribute *a_entryUUID;
+ char *entryUUID = NULL;
+ BackendInfo *bi = op->o_bd->bd_info;
if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
@@ -119,16 +125,39 @@ static int auditlog_response(Operation *
if ( !who )
who = &op->o_dn;
+ /* get the entryUUID */
+ if (op->o_tag == LDAP_REQ_ADD) {
+ /* for the ADD operation -> all attribute data is
already part of the operation */
+ a_entryUUID = attr_find( op->ora_e->e_attrs,
slap_schema.si_ad_entryUUID );
+ if (a_entryUUID != NULL) {
+ entryUUID = a_entryUUID->a_vals[0].bv_val;
+ }
+ } else {
+ /* for other operations -> fetch the entry */
+ rc = overlay_entry_get_ov( op, &op->o_req_ndn, NULL,
NULL, 0, &e, on );
+ if ( rc == LDAP_SUCCESS ) {
+ a_entryUUID = attr_find( e->e_attrs,
slap_schema.si_ad_entryUUID );
+ if (a_entryUUID != NULL) {
+ entryUUID = a_entryUUID->a_vals[0].bv_val;
+ }
+ }
+ }
+
peername = op->o_conn->c_peer_name;
ldap_pvt_thread_mutex_lock(&ad->ad_mutex);
if((f = fopen(ad->ad_logfile, "a")) == NULL) {
ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
+ if (e != NULL && op->o_tag != LDAP_REQ_ADD) {
+ overlay_entry_release_ov( op, e, 0, on );
+ }
return SLAP_CB_CONTINUE;
}
- - stamp = slap_get_time();
- - fprintf(f, "# %s %ld %s%s%s %s conn=%ld\n",
- - what, (long)stamp, suffix, who ? " " : "", who ?
who->bv_val : "",
+ gettimeofday(&stamp, NULL);
+ fprintf(f, "# %s %ld.%06ld %s %s%s%s %s conn=%ld\n",
+ what, stamp.tv_sec, stamp.tv_usec,
+ entryUUID,
+ suffix, who ? " " : "", who ? who->bv_val : "",
peername.bv_val ? peername.bv_val: "",
op->o_conn->c_connid);
if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) &&
@@ -176,10 +205,13 @@ static int auditlog_response(Operation *
break;
}
- - fprintf(f, "# end %s %ld\n\n", what, (long)stamp);
+ fprintf(f, "# end %s %ld.%06ld\n\n", what, stamp.tv_sec,
stamp.tv_usec);
fclose(f);
ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
+ if (e != NULL && op->o_tag != LDAP_REQ_ADD) {
+ overlay_entry_release_ov( op, e, 0, on );
+ }
return SLAP_CB_CONTINUE;
}
- --
Dr. Alexander Kläser
Open Source Software Engineer
Univention GmbH
be open.
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-59
Fax : +49 421 22232-99
klaeser@univention.de
http://www.univention.de
Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlLg/1cACgkQgX5Q1Nb/qB2uZgCfQT/NOAOdvrWcq4ayVMFVQaPz
g0QAn29AJTp4OFYUDD6dQpiy0IEi+Plp
=aEqu
-----END PGP SIGNATURE-----