diff --git a/Makefile.am b/Makefile.am
index 7dc481408c4..35d9075f783 100644
--- a/Makefile.am
+++ b/Makefile.am
@@ -5683,7 +5683,6 @@ dist_noinst_DATA += \
src/tests/multihost/conftest.py \
src/tests/multihost/basic/mhc.yaml \
src/tests/multihost/basic/test_basic.py \
- src/tests/multihost/basic/test_config.py \
src/tests/multihost/basic/test_files.py \
src/tests/multihost/basic/test_ifp.py \
src/tests/multihost/basic/test_kcm.py \
diff --git a/src/confdb/confdb_setup.c b/src/confdb/confdb_setup.c
index 5b459262ea2..ca75a0dcbd8 100644
--- a/src/confdb/confdb_setup.c
+++ b/src/confdb/confdb_setup.c
@@ -28,6 +28,22 @@
#include "confdb_setup.h"
#include "util/sss_ini.h"
+#define CONFDB_BASE_LDIF \
+ "dn: @ATTRIBUTES\n" \
+ "cn: CASE_INSENSITIVE\n" \
+ "dc: CASE_INSENSITIVE\n" \
+ "dn: CASE_INSENSITIVE\n" \
+ "name: CASE_INSENSITIVE\n" \
+ "objectclass: CASE_INSENSITIVE\n" \
+ "\n" \
+ "dn: @INDEXLIST\n" \
+ "@IDXATTR: cn\n" \
+ "\n" \
+ "dn: @MODULES\n" \
+ "@LIST: server_sort\n" \
+ "\n"
+
+
static int confdb_purge(struct confdb_ctx *cdb)
{
int ret;
@@ -116,9 +132,7 @@ static int confdb_ldif_from_ini_file(TALLOC_CTX *mem_ctx,
return EOK;
}
-static int confdb_write_ldif(struct confdb_ctx *cdb,
- const char *config_ldif,
- bool replace_whole_db)
+static int confdb_write_ldif(struct confdb_ctx *cdb, const char *config_ldif)
{
int ret;
struct ldb_ldif *ldif;
@@ -133,21 +147,11 @@ static int confdb_write_ldif(struct confdb_ctx *cdb,
}
} else {
ret = ldb_add(cdb->ldb, ldif->msg);
- if (ret != LDB_SUCCESS && replace_whole_db == false) {
- /* This section already existed, remove and re-add it. We
- * really want to replace the whole thing instead of messing
- * around with changetypes and flags on individual elements
- */
- ret = ldb_delete(cdb->ldb, ldif->msg->dn);
- if (ret == LDB_SUCCESS) {
- ret = ldb_add(cdb->ldb, ldif->msg);
- }
- }
}
if (ret != LDB_SUCCESS) {
DEBUG(SSSDBG_FATAL_FAILURE,
- "Failed to initialize DB (%d,[%s]), aborting!\n",
+ "Failed to update DB (%d,[%s]), aborting!\n",
ret, ldb_errstring(cdb->ldb));
return EIO;
}
@@ -215,19 +219,14 @@ static int confdb_init_db(const char *config_file,
}
in_transaction = true;
- /* Purge existing database, if we are reinitializing the confdb completely */
- if (only_section == NULL) {
- ret = confdb_purge(cdb);
- if (ret != EOK) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- "Could not purge existing configuration\n");
- goto done;
- }
+ ret = confdb_purge(cdb);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ "Could not purge existing configuration\n");
+ goto done;
}
- ret = confdb_write_ldif(cdb,
- config_ldif,
- only_section == NULL ? true : false);
+ ret = confdb_write_ldif(cdb, config_ldif);
if (ret != EOK) {
goto done;
}
diff --git a/src/confdb/confdb_setup.h b/src/confdb/confdb_setup.h
index d816c7ea0a7..c2186f753d2 100644
--- a/src/confdb/confdb_setup.h
+++ b/src/confdb/confdb_setup.h
@@ -27,21 +27,6 @@
#include "util/util_errors.h"
-#define CONFDB_BASE_LDIF \
- "dn: @ATTRIBUTES\n" \
- "cn: CASE_INSENSITIVE\n" \
- "dc: CASE_INSENSITIVE\n" \
- "dn: CASE_INSENSITIVE\n" \
- "name: CASE_INSENSITIVE\n" \
- "objectclass: CASE_INSENSITIVE\n" \
- "\n" \
- "dn: @INDEXLIST\n" \
- "@IDXATTR: cn\n" \
- "\n" \
- "dn: @MODULES\n" \
- "@LIST: server_sort\n" \
- "\n"
-
struct confdb_ctx;
errno_t confdb_setup(TALLOC_CTX *mem_ctx,
diff --git a/src/man/sssd.8.xml b/src/man/sssd.8.xml
index 5f507c631ec..eeefe38e30f 100644
--- a/src/man/sssd.8.xml
+++ b/src/man/sssd.8.xml
@@ -145,33 +145,6 @@
-
-
- ,
-
-
-
- Do not start the SSSD, but refresh the configuration
- database from the contents of
- /etc/sssd/sssd.conf and exit.
-
-
-
-
-
- ,
-
-
-
- Similar to --genconf
, but only refresh
- a single section from the configuration file. This
- option is useful mainly to be called from systemd
- unit files to allow socket-activated responders
- to refresh their configuration without requiring
- the administrator to restart the whole SSSD.
-
-
-
diff --git a/src/monitor/monitor.c b/src/monitor/monitor.c
index 2cf8a476041..034d17c0fc9 100644
--- a/src/monitor/monitor.c
+++ b/src/monitor/monitor.c
@@ -1478,7 +1478,6 @@ static int monitor_ctx_destructor(void *mem)
errno_t load_configuration(TALLOC_CTX *mem_ctx,
const char *config_file,
const char *config_dir,
- const char *only_section,
struct mt_ctx **monitor)
{
errno_t ret;
@@ -1502,21 +1501,15 @@ errno_t load_configuration(TALLOC_CTX *mem_ctx,
goto done;
}
- ret = confdb_setup(ctx, cdb_file, config_file, config_dir, only_section,
- false, &ctx->cdb);
+
+ ret = confdb_setup(ctx, cdb_file, config_file, config_dir, NULL, false,
+ &ctx->cdb);
if (ret != EOK) {
DEBUG(SSSDBG_FATAL_FAILURE, "Unable to setup ConfDB [%d]: %s\n",
ret, sss_strerror(ret));
goto done;
}
- /* return EOK for genconf-section to exit 0 when no
- * sssd configuration exists (KCM use case) */
- if (only_section != NULL) {
- *monitor = NULL;
- goto done;
- }
-
/* Validate the configuration in the database */
/* Read in the monitor's configuration */
ret = get_monitor_config(ctx);
@@ -1542,7 +1535,7 @@ errno_t load_configuration(TALLOC_CTX *mem_ctx,
done:
talloc_free(cdb_file);
- if (ret != EOK || only_section != NULL) {
+ if (ret != EOK) {
talloc_free(ctx);
}
return ret;
@@ -1986,12 +1979,10 @@ int main(int argc, const char *argv[])
poptContext pc;
int opt_daemon = 0;
int opt_interactive = 0;
- int opt_genconf = 0;
int opt_version = 0;
char *opt_config_file = NULL;
const char *opt_logger = NULL;
char *config_file = NULL;
- char *opt_genconf_section = NULL;
int flags = FLAGS_NO_WATCHDOG;
struct main_context *main_ctx;
TALLOC_CTX *tmp_ctx;
@@ -2013,10 +2004,6 @@ int main(int argc, const char *argv[])
_("Become a daemon (default)"), NULL },
{"interactive", 'i', POPT_ARG_NONE, &opt_interactive, 0,
_("Run interactive (not a daemon)"), NULL},
- {"genconf", 'g', POPT_ARG_NONE, &opt_genconf, 0,
- _("Refresh the configuration database, then exit"), NULL},
- {"genconf-section", 's', POPT_ARG_STRING, &opt_genconf_section, 0,
- _("Similar to --genconf, but only refreshes the given section"), NULL},
{"version", '\0', POPT_ARG_NONE, &opt_version, 0,
_("Print version number and exit"), NULL },
POPT_TABLEEND
@@ -2048,28 +2035,13 @@ int main(int argc, const char *argv[])
cmdline_debug_timestamps = debug_timestamps;
cmdline_debug_microseconds = debug_microseconds;
- if (opt_genconf_section) {
- /* --genconf-section implies genconf, just limited to a single section */
- opt_genconf = 1;
- }
- if (opt_genconf && (opt_daemon || opt_interactive)) {
- ERROR("Option -g is incompatible with -D or -i\n");
- poptPrintUsage(pc, stderr, 0);
- return 1;
- }
- if (opt_genconf) {
- if (!opt_logger) {
- opt_logger = sss_logger_str[STDERR_LOGGER];
- }
- }
-
if (opt_daemon && opt_interactive) {
ERROR("Option -i|--interactive is not allowed together with -D|--daemon\n");
poptPrintUsage(pc, stderr, 0);
return 1;
}
- if (!opt_daemon && !opt_interactive && !opt_genconf) {
+ if (!opt_daemon && !opt_interactive) {
opt_daemon = 1;
}
if (opt_daemon) {
@@ -2133,58 +2105,53 @@ int main(int argc, const char *argv[])
}
#endif
- /* Check if the SSSD is already running and for nscd conflicts unless we're
- * only interested in re-reading the configuration
- */
- if (opt_genconf == 0) {
- ret = check_file(SSSD_PIDFILE, 0, 0, S_IFREG|0600, 0, NULL, false);
- if (ret == EOK) {
- ret = check_pidfile(SSSD_PIDFILE);
- if (ret != EOK) {
- DEBUG(SSSDBG_FATAL_FAILURE,
- "pidfile exists at %s\n", SSSD_PIDFILE);
- ERROR("SSSD is already running\n");
- return 5;
- }
+ /* Check if the SSSD is already running and for nscd conflicts */
+ ret = check_file(SSSD_PIDFILE, 0, 0, S_IFREG|0600, 0, NULL, false);
+ if (ret == EOK) {
+ ret = check_pidfile(SSSD_PIDFILE);
+ if (ret != EOK) {
+ DEBUG(SSSDBG_FATAL_FAILURE,
+ "pidfile exists at %s\n", SSSD_PIDFILE);
+ ERROR("SSSD is already running\n");
+ return 5;
}
+ }
- /* Warn if nscd seems to be running */
- ret = check_file(NSCD_SOCKET_PATH,
- -1, -1, S_IFSOCK, S_IFMT, NULL, false);
- if (ret == EOK) {
- ret = sss_nscd_parse_conf(NSCD_CONF_PATH);
-
- switch (ret) {
- case ENOENT:
- sss_log(SSS_LOG_NOTICE,
- "NSCD socket was detected. NSCD caching capabilities "
- "may conflict with SSSD for users and groups. It is "
- "recommended not to run NSCD in parallel with SSSD, "
- "unless NSCD is configured not to cache the passwd, "
- "group, netgroup and services nsswitch maps.");
- break;
-
- case EEXIST:
- sss_log(SSS_LOG_NOTICE,
- "NSCD socket was detected and seems to be configured "
- "to cache some of the databases controlled by "
- "SSSD [passwd,group,netgroup,services]. It is "
- "recommended not to run NSCD in parallel with SSSD, "
- "unless NSCD is configured not to cache these.");
- break;
-
- case EOK:
- DEBUG(SSSDBG_TRACE_FUNC, "NSCD socket was detected and it "
- "seems to be configured not to interfere with "
- "SSSD's caching capabilities\n");
- }
- }
+ /* Warn if nscd seems to be running */
+ ret = check_file(NSCD_SOCKET_PATH,
+ -1, -1, S_IFSOCK, S_IFMT, NULL, false);
+ if (ret == EOK) {
+ ret = sss_nscd_parse_conf(NSCD_CONF_PATH);
+
+ switch (ret) {
+ case ENOENT:
+ sss_log(SSS_LOG_NOTICE,
+ "NSCD socket was detected. NSCD caching capabilities "
+ "may conflict with SSSD for users and groups. It is "
+ "recommended not to run NSCD in parallel with SSSD, "
+ "unless NSCD is configured not to cache the passwd, "
+ "group, netgroup and services nsswitch maps.");
+ break;
+ case EEXIST:
+ sss_log(SSS_LOG_NOTICE,
+ "NSCD socket was detected and seems to be configured "
+ "to cache some of the databases controlled by "
+ "SSSD [passwd,group,netgroup,services]. It is "
+ "recommended not to run NSCD in parallel with SSSD, "
+ "unless NSCD is configured not to cache these.");
+ break;
+
+ case EOK:
+ DEBUG(SSSDBG_TRACE_FUNC, "NSCD socket was detected and it "
+ "seems to be configured not to interfere with "
+ "SSSD's caching capabilities\n");
+ }
}
/* Parse config file, fail if cannot be done */
ret = load_configuration(tmp_ctx, config_file, CONFDB_DEFAULT_CONFIG_DIR,
- opt_genconf_section, &monitor);
+ &monitor);
if (ret != EOK) {
switch (ret) {
case EPERM:
@@ -2205,10 +2172,6 @@ int main(int argc, const char *argv[])
return 5;
}
- /* at this point we are done generating the config file, we may exit
- * if that's all we were asked to do */
- if (opt_genconf) return 0;
-
/* set up things like debug, signals, daemonization, etc. */
monitor->conf_path = CONFDB_MONITOR_CONF_ENTRY;
ret = close(STDIN_FILENO);
diff --git a/src/tests/multihost/basic/test_config.py b/src/tests/multihost/basic/test_config.py
deleted file mode 100644
index 8d4847b9e5f..00000000000
--- a/src/tests/multihost/basic/test_config.py
+++ /dev/null
@@ -1,114 +0,0 @@
-""" SSSD Configuration-related Test Cases
-
-:requirement: IDM-SSSD-REQ: Configuration merging
-:casecomponent: sssd
-:subsystemteam: sst_idm_sssd
-:upstream: yes
-:status: approved
-"""
-
-import pytest
-from utils_config import remove_section, set_param
-
-
-class TestSSSDConfig(object):
- """
- Test cases around SSSD config management
- """
- def _assert_config_value(self, multihost, section, key, value):
- # This would really be much, much nicer to implement using python-ldb
- # but at the moment, the multihost tests rely on a virtual environment
- # where everything is pip-installed..and python-ldb is not present in
- # pip
- confdb_dn = 'cn=%s,cn=config' % (section)
- ldb_cmd = 'ldbsearch -H /var/lib/sss/db/config.ldb -b %s' % (confdb_dn)
- cmd = multihost.master[0].run_command(ldb_cmd)
- check_str = '%s: %s' % (key, value)
- assert check_str in cmd.stdout_text
-
- @pytest.mark.converted('test_config.py', 'test_config__change_config_while_sssd_running')
- def test_sssd_genconf_sssd_running(self, multihost):
- """
- :title: config: sssd --genconf is able to re-generate
- the configuration even while SSSD is running
- :id: 078721e9-536b-4fd8-a36d-bd94673228fc
- """
- multihost.master[0].service_sssd('restart')
-
- self._assert_config_value(multihost, 'pam', 'debug_level', '9')
-
- set_param(multihost, 'pam', 'debug_level', '1')
- multihost.master[0].run_command('/usr/sbin/sssd --genconf')
- self._assert_config_value(multihost, 'pam', 'debug_level', '1')
-
- set_param(multihost, 'pam', 'debug_level', '9')
-
- @pytest.mark.converted('test_config.py', 'test_config__genconf_particular_section')
- def test_sssd_genconf_section_only(self, multihost):
- """
- :title: config: sssd --genconf-section only
- refreshes those sections given on the command line
- :id: 011bf2ad-4a2a-4350-adfa-7826349e262f
- """
- multihost.master[0].service_sssd('restart')
-
- self._assert_config_value(multihost, 'pam', 'debug_level', '9')
- self._assert_config_value(multihost, 'nss', 'debug_level', '9')
-
- set_param(multihost, 'pam', 'debug_level', '1')
- set_param(multihost, 'nss', 'debug_level', '1')
- multihost.master[0].run_command(
- '/usr/sbin/sssd --genconf-section=pam')
-
- # We only told genconf to touch the pam section..
- self._assert_config_value(multihost, 'pam', 'debug_level', '1')
- # ..so the NSS section shouldn't be updated at all
- self._assert_config_value(multihost, 'nss', 'debug_level', '9')
-
- set_param(multihost, 'nss', 'debug_level', '9')
- set_param(multihost, 'pam', 'debug_level', '9')
-
- @pytest.mark.converted('test_config.py', 'test_config__add_remove_section')
- def test_sssd_genconf_add_remove_section(self, multihost):
- """
- :title: config: sssd --genconf-section can not only modify
- existing configuration sections, but also add a new section
- :id: 8df66b51-aadc-456e-8f27-a1a787e61769
- """
- # Establish a baseline
- multihost.master[0].service_sssd('restart')
- self._assert_config_value(multihost, 'pam', 'debug_level', '9')
- self._assert_config_value(multihost, 'nss', 'debug_level', '9')
-
- set_param(multihost, 'foo', 'bar', 'baz')
-
- multihost.master[0].run_command(
- '/usr/sbin/sssd --genconf-section=foo')
-
- ldb_cmd = 'ldbsearch -H /var/lib/sss/db/config.ldb -b cn=foo,cn=config'
- cmd = multihost.master[0].run_command(ldb_cmd)
- assert 'bar: baz' in cmd.stdout_text
-
- remove_section(multihost, 'foo')
- multihost.master[0].run_command(
- '/usr/sbin/sssd --genconf-section=foo')
-
- ldb_cmd = 'ldbsearch -H /var/lib/sss/db/config.ldb -b cn=foo,cn=config'
- cmd = multihost.master[0].run_command(ldb_cmd)
- assert 'foo' not in cmd.stdout_text
- # Also make sure the existing sections were intact
- self._assert_config_value(multihost, 'pam', 'debug_level', '9')
- self._assert_config_value(multihost, 'nss', 'debug_level', '9')
-
- @pytest.mark.converted('test_config.py', 'test_config__genconf_no_such_section')
- def test_sssd_genconf_no_such_section(self, multihost):
- """
- :title: config: Referencing a non-existant section must not fail
- :id: 4e160dcc-9789-4f3f-b8d4-c67d27ef4a1c
- :description: Referencing a non-existant section must not fail,
- because we want to call this command from the systemd unit files
- and by default the sections don't have to be present
- """
- multihost.master[0].service_sssd('restart')
- multihost.master[0].run_command(
- '/usr/sbin/sssd --genconf-section=xyz')
diff --git a/src/tests/system/tests/test_config.py b/src/tests/system/tests/test_config.py
deleted file mode 100644
index b4a522a05ee..00000000000
--- a/src/tests/system/tests/test_config.py
+++ /dev/null
@@ -1,172 +0,0 @@
-"""
-SSSD Configuration-related Test Cases
-
-:requirement: IDM-SSSD-REQ: Configuration merging
-"""
-
-from __future__ import annotations
-
-import pytest
-from sssd_test_framework.roles.client import Client
-from sssd_test_framework.topology import KnownTopologyGroup
-
-
-@pytest.mark.importance("critical")
-@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
-def test_config__change_config_while_sssd_running(client: Client):
- """
- :title: Re-generate config while SSSD is running
- :setup:
- 1. In pam domain set "debug_level" to 9
- 2. Start SSSD
- :steps:
- 1. Check that "debug_level" in pam domain is 9
- 2. Change "debug_level" in pam to 1
- 3. Apply config changes
- 4. Call "sssd --genconf"
- 5. Check that "debug_level" in pam is 1
- :expectedresults:
- 1. "debug_level" is set to 9
- 2. "debug_level" is changed successfully
- 3. Changes are apllied successfully
- 4. "sssd --genconf" is called successfully
- 5. "debug_level" is set to 1
- :customerscenario: False
- """
- client.sssd.pam["debug_level"] = "9"
- client.sssd.start()
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb", "cn=pam,cn=config")
- assert result["cn=pam,cn=config"]["debug_level"] == ["9"]
-
- client.sssd.pam["debug_level"] = "1"
- client.sssd.config_apply()
- client.sssd.genconf()
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb", "cn=pam,cn=config")
- assert result["cn=pam,cn=config"]["debug_level"] == ["1"]
-
-
-@pytest.mark.importance("critical")
-@pytest.mark.config
-@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
-def test_config__genconf_particular_section(client: Client):
- """
- :title: Re-generate only particular section in config while SSSD is running
- :setup:
- 1. In pam domain set "debug_level" to 9
- 2. In nss domain set "debug_level" to 9
- 3. Start SSSD
- :steps:
- 1. Check that "debug_level" in pam domain is 9
- 2. Check that "debug_level" in nss domain is 9
- 3. Change "debug_level" in pam and in nss to 1
- 4. Apply config changes
- 5. Call "sssd --genconf-section==pam"
- 6. Check that "debug_level" in pam is 1
- 7. Check that "debug_level" in nss remained 9
- :expectedresults:
- 1. "debug_level" is set to 9
- 2. "debug_level" is set to 9
- 3. "debug_level" is changed successfully
- 4. Changes are apllied successfully
- 5. "sssd --genconf-section==pam" is called successfully
- 6. "debug_level" in pam is 1
- 7. "debug_level" in nss remains 9
- :customerscenario: False
- """
- client.sssd.pam["debug_level"] = "9"
- client.sssd.nss["debug_level"] = "9"
- client.sssd.start()
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb")
- assert result["cn=pam,cn=config"]["debug_level"] == ["9"]
- assert result["cn=nss,cn=config"]["debug_level"] == ["9"]
-
- client.sssd.pam["debug_level"] = "1"
- client.sssd.nss["debug_level"] = "1"
- client.sssd.config_apply()
-
- client.sssd.genconf("pam")
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb")
- assert result["cn=pam,cn=config"]["debug_level"] == ["1"]
- assert result["cn=nss,cn=config"]["debug_level"] == ["9"]
-
-
-@pytest.mark.importance("critical")
-@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
-def test_config__add_remove_section(client: Client):
- """
- :title: Add and remove new section to config file
- with --genconf-section while SSSD is running
- :setup:
- 1. In pam domain set "debug_level" to 9
- 2. In nss domain set "debug_level" to 9
- 3. Start SSSD
- :steps:
- 1. Check that "debug_level" in pam and nss is 9
- 2. Add new section to config with key, value pair set
- 3. Apply config changes
- 4. Call "sssd --genconf-section==$newSection"
- 5. Check that the new section is properly set
- 6. Remove new section
- 7. Call "sssd --genconf-section==$newSection"
- 8. Check that the new section was deleted
- 9. Check that "debug_level" in pam and nss is 9
- :expectedresults:
- 1. "debug_level" is set to 9 in both domains
- 2. Added successfully
- 3. New configuration was written
- 4. Changes are applied successfully
- 5. "sssd --genconf-section==$newSection" is called successfully
- 6. New section is removed successfully
- 7. "sssd --genconf-section==$newSection" is called successfully
- 8. New section was deleted correctly
- 9. "debug_level" in pam and nss remained 9
- :customerscenario: False
- """
- client.sssd.pam["debug_level"] = "9"
- client.sssd.nss["debug_level"] = "9"
- client.sssd.start()
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb")
- assert result["cn=pam,cn=config"]["debug_level"] == ["9"]
- assert result["cn=nss,cn=config"]["debug_level"] == ["9"]
-
- client.sssd.config["new_section"] = {"key": "value"}
- client.sssd.config_apply(check_config=False)
- client.sssd.genconf("new_section")
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb", "cn=new_section,cn=config")
- assert result["cn=new_section,cn=config"]["key"] == ["value"]
-
- del client.sssd.config["new_section"]
-
- client.sssd.config_apply()
- client.sssd.genconf("new_section")
-
- result = client.ldb.search("/var/lib/sss/db/config.ldb")
- assert result["cn=pam,cn=config"]["debug_level"] == ["9"]
- assert result["cn=nss,cn=config"]["debug_level"] == ["9"]
- with pytest.raises(KeyError):
- assert result["cn=new_section,cn=config"]["key"] != ["value"]
-
-
-@pytest.mark.importance("critical")
-@pytest.mark.topology(KnownTopologyGroup.AnyProvider)
-def test_config__genconf_no_such_section(client: Client):
- """
- :title: genconf-section with nonexisting section did not fail
- :setup:
- 1. Start SSSD
- :steps:
- 1. Call 'sssd --genconf-section=$nonexistingSection'
- :expectedresults:
- 1. Call did not fail
- :customerscenario: False
- """
- client.sssd.start()
- result = client.sssd.genconf("nonexistingSection")
- assert result.rc == 0
- assert not result.stderr
diff --git a/src/util/sss_ini.c b/src/util/sss_ini.c
index 6290da8ce9b..450d8150d7a 100644
--- a/src/util/sss_ini.c
+++ b/src/util/sss_ini.c
@@ -424,14 +424,6 @@ int sss_confdb_create_ldif(TALLOC_CTX *mem_ctx,
size_t ldif_len = 0;
size_t attr_len;
struct value_obj *obj = NULL;
- bool section_handled = true;
-
- if (only_section != NULL) {
- /* If the section is specified, we must handle it, either by adding
- * its contents or by deleting the section if it doesn't exist
- */
- section_handled = false;
- }
tmp_ctx = talloc_new(mem_ctx);
if (!tmp_ctx) {
@@ -460,11 +452,6 @@ int sss_confdb_create_ldif(TALLOC_CTX *mem_ctx,
if (strcasecmp(only_section, sections[i])) {
DEBUG(SSSDBG_TRACE_FUNC, "Skipping section %s\n", sections[i]);
continue;
- } else {
- /* Mark the requested section as handled so that we don't
- * try to re-add it later
- */
- section_handled = true;
}
}
@@ -554,39 +541,6 @@ int sss_confdb_create_ldif(TALLOC_CTX *mem_ctx,
talloc_free(dn);
}
-
- if (only_section != NULL && section_handled == false) {
- /* If only a single section was supposed to be
- * handled, but it wasn't found in the INI file,
- * create an LDIF that would remove the section
- */
- ret = parse_section(tmp_ctx, only_section, &sec_dn, NULL);
- if (ret != EOK) {
- goto error;
- }
-
- dn = talloc_asprintf(tmp_ctx,
- "dn: %s,cn=config\n"
- "changetype: delete\n\n",
- sec_dn);
- if (dn == NULL) {
- ret = ENOMEM;
- goto error;
- }
- dn_size = strlen(dn);
-
- tmp_ldif = talloc_realloc(mem_ctx, ldif, char,
- ldif_len+dn_size+1);
- if (!tmp_ldif) {
- ret = ENOMEM;
- goto error;
- }
-
- ldif = tmp_ldif;
- memcpy(ldif+ldif_len, dn, dn_size);
- ldif_len += dn_size;
- }
-
if (ldif == NULL) {
ret = ERR_INI_EMPTY_CONFIG;
goto error;