[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Access of entryUUID in an overlay module
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Am Fr 17 Jan 2014 18:31:07 CET schrieb Howard Chu:
> Alexander Kläser wrote:
>> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
>>
>> Dear all,
>>
>> I am new to OpenLDAP. In order to process transactions in a
>> separate piece of software, I am parsing the output of a slightly
>> modified version of the auditlog overlay module. As I need to
>> know the entryUUID of a modified LDAP object, I tried to query it
>> and write it along with the other information into the auditlog
>> file.
>>
>> My current patch seems to navigate slapd into a deadlock
>> situation. I do not understand the reason for that and would be
>> very happy if someone may help to point me into the correct
>> direction for implementing this.
>
> Simple: after you fetch the entry, you also must release it.
>
> Your patch is also broken in that you've inserted your code into
> the generic code path, so it will execute for Add operations as
> well. Obviously for an Add operation, there will not be an entry in
> the DB to fetch, all of the entry data is part of the Operation.
Dear Howard, thank you very much for your reply!
True, that sounds logical to, me as well. I tried to modify my patch
in the suggested way, however, after an add operation (that is being
written into the auditlog file correctly with the entryUUID), slapd
aborts with a SIGABRT. Do you have another hint for that behaviour?
Here is my latest patch:
- --- ./servers/slapd/overlays/auditlog.c.orig 2014-01-09
12:26:22.060000000 -0500
+++ ./servers/slapd/overlays/auditlog.c 2014-01-20 10:09:57.164000000
- -0500
@@ -24,6 +24,7 @@
#ifdef SLAPD_OVER_AUDITLOG
#include <stdio.h>
+#include <time.h>
#include <ac/string.h>
#include <ac/ctype.h>
@@ -74,8 +75,13 @@
Modifications *m;
struct berval *b, *who = NULL, peername;
char *what, *whatm, *suffix;
- - time_t stamp;
+ struct timeval stamp;
int i;
+ int rc;
+ Entry *e = NULL;
+ Attribute *a_entryUUID;
+ char *entryUUID = "NULL";
+ BackendInfo *bi = op->o_bd->bd_info;
if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
@@ -119,16 +125,42 @@
if ( !who )
who = &op->o_dn;
+ /* get the entryUUID */
+ if (op->o_tag == LDAP_MOD_ADD) {
+ /* for the ADD operation -> all attribute data is
already part of the operation */
+ a_entryUUID = attr_find( op->ora_e->e_attrs,
slap_schema.si_ad_entryUUID );
+ if (a_entryUUID != NULL) {
+ entryUUID = a_entryUUID->a_vals[0].bv_val;
+ }
+ } else {
+ /* for other operations -> fetch the entry */
+ //rc = overlay_entry_get_ov( op, &op->o_req_ndn, NULL,
NULL, 0, &e, on );
+ op->o_bd->bd_info = (BackendInfo *)on->on_info;
+ rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL,
0, &e );
+ op->o_bd->bd_info = bi;
+ if ( rc == LDAP_SUCCESS ) {
+ a_entryUUID = attr_find( e->e_attrs,
slap_schema.si_ad_entryUUID );
+ if (a_entryUUID != NULL) {
+ entryUUID = a_entryUUID->a_vals[0].bv_val;
+ }
+ }
+ }
+
peername = op->o_conn->c_peer_name;
ldap_pvt_thread_mutex_lock(&ad->ad_mutex);
if((f = fopen(ad->ad_logfile, "a")) == NULL) {
ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
+ if (e != NULL) {
+ be_entry_release_r( op, e );
+ }
return SLAP_CB_CONTINUE;
}
- - stamp = slap_get_time();
- - fprintf(f, "# %s %ld %s%s%s %s conn=%ld\n",
- - what, (long)stamp, suffix, who ? " " : "", who ?
who->bv_val : "",
+ gettimeofday(&stamp, NULL);
+ fprintf(f, "# %s %ld.%06ld %s %s%s%s %s conn=%ld\n",
+ what, stamp.tv_sec, stamp.tv_usec,
+ entryUUID,
+ suffix, who ? " " : "", who ? who->bv_val : "",
peername.bv_val ? peername.bv_val: "",
op->o_conn->c_connid);
if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) &&
@@ -176,10 +208,13 @@
break;
}
- - fprintf(f, "# end %s %ld\n\n", what, (long)stamp);
+ fprintf(f, "# end %s %ld.%06ld\n\n", what, stamp.tv_sec,
stamp.tv_usec);
fclose(f);
ldap_pvt_thread_mutex_unlock(&ad->ad_mutex);
+ if (e != NULL) {
+ be_entry_release_r( op, e );
+ }
return SLAP_CB_CONTINUE;
}
best regards and many thanks in advance
Alex
- --
- --
Dr. Alexander Kläser
Open Source Software Engineer
Univention GmbH
be open.
Mary-Somerville-Str.1
28359 Bremen
Tel. : +49 421 22232-59
Fax : +49 421 22232-99
klaeser@univention.de
http://www.univention.de
Geschäftsführer: Peter H. Ganten
HRB 20755 Amtsgericht Bremen
Steuer-Nr.: 71-597-02876
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlLdTcsACgkQgX5Q1Nb/qB2dNgCfWrIgwMvl20gWoC+o6zynsKzD
YX0An2dHa4zmm86n6eQNq/6l6/xl1gNK
=Eo7+
-----END PGP SIGNATURE-----