-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Am Fr 17 Jan 2014 18:31:07 CET schrieb Howard Chu:
Alexander Kläser wrote:
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
Dear all,
I am new to OpenLDAP. In order to process transactions in a separate piece of software, I am parsing the output of a slightly modified version of the auditlog overlay module. As I need to know the entryUUID of a modified LDAP object, I tried to query it and write it along with the other information into the auditlog file.
My current patch seems to navigate slapd into a deadlock situation. I do not understand the reason for that and would be very happy if someone may help to point me into the correct direction for implementing this.
Simple: after you fetch the entry, you also must release it.
Your patch is also broken in that you've inserted your code into the generic code path, so it will execute for Add operations as well. Obviously for an Add operation, there will not be an entry in the DB to fetch, all of the entry data is part of the Operation.
Dear Howard, thank you very much for your reply! True, that sounds logical to, me as well. I tried to modify my patch in the suggested way, however, after an add operation (that is being written into the auditlog file correctly with the entryUUID), slapd aborts with a SIGABRT. Do you have another hint for that behaviour?
Here is my latest patch:
- --- ./servers/slapd/overlays/auditlog.c.orig 2014-01-09 12:26:22.060000000 -0500 +++ ./servers/slapd/overlays/auditlog.c 2014-01-20 10:09:57.164000000 - -0500 @@ -24,6 +24,7 @@ #ifdef SLAPD_OVER_AUDITLOG
#include <stdio.h> +#include <time.h>
#include <ac/string.h> #include <ac/ctype.h> @@ -74,8 +75,13 @@ Modifications *m; struct berval *b, *who = NULL, peername; char *what, *whatm, *suffix; - - time_t stamp; + struct timeval stamp; int i; + int rc; + Entry *e = NULL; + Attribute *a_entryUUID; + char *entryUUID = "NULL"; + BackendInfo *bi = op->o_bd->bd_info;
if ( rs->sr_err != LDAP_SUCCESS ) return SLAP_CB_CONTINUE;
@@ -119,16 +125,42 @@ if ( !who ) who = &op->o_dn;
+ /* get the entryUUID */ + if (op->o_tag == LDAP_MOD_ADD) { + /* for the ADD operation -> all attribute data is already part of the operation */ + a_entryUUID = attr_find( op->ora_e->e_attrs, slap_schema.si_ad_entryUUID ); + if (a_entryUUID != NULL) { + entryUUID = a_entryUUID->a_vals[0].bv_val; + } + } else { + /* for other operations -> fetch the entry */ + //rc = overlay_entry_get_ov( op, &op->o_req_ndn, NULL, NULL, 0, &e, on ); + op->o_bd->bd_info = (BackendInfo *)on->on_info; + rc = be_entry_get_rw( op, &op->o_req_ndn, NULL, NULL, 0, &e ); + op->o_bd->bd_info = bi; + if ( rc == LDAP_SUCCESS ) { + a_entryUUID = attr_find( e->e_attrs, slap_schema.si_ad_entryUUID ); + if (a_entryUUID != NULL) { + entryUUID = a_entryUUID->a_vals[0].bv_val; + } + } + } + peername = op->o_conn->c_peer_name; ldap_pvt_thread_mutex_lock(&ad->ad_mutex); if((f = fopen(ad->ad_logfile, "a")) == NULL) { ldap_pvt_thread_mutex_unlock(&ad->ad_mutex); + if (e != NULL) { + be_entry_release_r( op, e ); + } return SLAP_CB_CONTINUE; }
- - stamp = slap_get_time(); - - fprintf(f, "# %s %ld %s%s%s %s conn=%ld\n", - - what, (long)stamp, suffix, who ? " " : "", who ? who->bv_val : "", + gettimeofday(&stamp, NULL); + fprintf(f, "# %s %ld.%06ld %s %s%s%s %s conn=%ld\n", + what, stamp.tv_sec, stamp.tv_usec, + entryUUID, + suffix, who ? " " : "", who ? who->bv_val : "", peername.bv_val ? peername.bv_val: "", op->o_conn->c_connid);
if ( !BER_BVISEMPTY( &op->o_conn->c_dn ) && @@ -176,10 +208,13 @@ break; }
- - fprintf(f, "# end %s %ld\n\n", what, (long)stamp); + fprintf(f, "# end %s %ld.%06ld\n\n", what, stamp.tv_sec, stamp.tv_usec);
fclose(f); ldap_pvt_thread_mutex_unlock(&ad->ad_mutex); + if (e != NULL) { + be_entry_release_r( op, e ); + } return SLAP_CB_CONTINUE; }
best regards and many thanks in advance Alex
- -- - -- Dr. Alexander Kläser Open Source Software Engineer
Univention GmbH be open. Mary-Somerville-Str.1 28359 Bremen Tel. : +49 421 22232-59 Fax : +49 421 22232-99
klaeser@univention.de http://www.univention.de
Geschäftsführer: Peter H. Ganten HRB 20755 Amtsgericht Bremen Steuer-Nr.: 71-597-02876