MyFavMirrors/minio
1
0
Fork 0
mirror of https://github.com/minio/minio.git synced 2025-01-24 13:13:16 -05:00
Code Issues Packages Projects Releases Wiki Activity

ldap-import: Add additional logs (#19691)

Browse Source 
These logs are being added to provide better debugging of LDAP
normalization on IAM import.
This commit is contained in:
Aditya Manthramurthy 2024-05-09 10:52:53 -07:00 committed by GitHub
parent 3549e583a6
commit e00de1c302
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194
2 changed files with 21 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

19
cmd/iam.go
View File

@ -1672,6 +1672,11 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
normKey, origKeys) normKey, origKeys)
} }
if len(origKeys[1:]) > 0 {
// Log that extra DN mappings will not be imported.
iamLogEvent(ctx, "import-ldap-normalize: extraneous DN mappings found for LDAP DN[%s]: %v will not be imported", origKeys[0], origKeys[1:])
}
// Policies mapped to the DN's are the same, so we remove the extra // Policies mapped to the DN's are the same, so we remove the extra
// ones from the map. // ones from the map.
for i := 1; i < len(origKeys); i++ { for i := 1; i < len(origKeys); i++ {
@ -1680,7 +1685,11 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
// Remove the mapping from storage by setting the policy to "". // Remove the mapping from storage by setting the policy to "".
if entityKeysInStorage.Contains(origKeys[i]) { if entityKeysInStorage.Contains(origKeys[i]) {
// Ignore any deletion error. // Ignore any deletion error.
_, _ = sys.PolicyDBSet(ctx, origKeys[i], "", stsUser, isGroup) _, delErr := sys.PolicyDBSet(ctx, origKeys[i], "", stsUser, isGroup)
if delErr != nil {
logErr := fmt.Errorf("failed to delete extraneous LDAP DN mapping for `%s`: %w", origKeys[i], delErr)
iamLogIf(ctx, logErr)
}
} }
} }
} }
@ -1691,10 +1700,16 @@ func (sys *IAMSys) NormalizeLDAPMappingImport(ctx context.Context, isGroup bool,
mappingValue := policyMap[origKeys[0]] mappingValue := policyMap[origKeys[0]]
delete(policyMap, origKeys[0]) delete(policyMap, origKeys[0])
policyMap[normKey] = mappingValue policyMap[normKey] = mappingValue
iamLogEvent(ctx, "import-ldap-normalize: normalized LDAP DN mapping from `%s` to `%s`", origKeys[0], normKey)
// Remove the mapping from storage by setting the policy to "". // Remove the mapping from storage by setting the policy to "".
if entityKeysInStorage.Contains(origKeys[0]) { if entityKeysInStorage.Contains(origKeys[0]) {
// Ignore any deletion error. // Ignore any deletion error.
_, _ = sys.PolicyDBSet(ctx, origKeys[0], "", stsUser, isGroup) _, delErr := sys.PolicyDBSet(ctx, origKeys[0], "", stsUser, isGroup)
if delErr != nil {
logErr := fmt.Errorf("failed to delete extraneous LDAP DN mapping for `%s`: %w", origKeys[0], delErr)
iamLogIf(ctx, logErr)
}
} }
} }
return nil return nil

4
cmd/logging.go
View File

@ -18,6 +18,10 @@ func iamLogIf(ctx context.Context, err error, errKind ...interface{}) {
logger.LogIf(ctx, "iam", err, errKind...) logger.LogIf(ctx, "iam", err, errKind...)
} }
func iamLogEvent(ctx context.Context, msg string, args ...interface{}) {
logger.Event(ctx, "iam", msg, args...)
}
func rebalanceLogIf(ctx context.Context, err error, errKind ...interface{}) { func rebalanceLogIf(ctx context.Context, err error, errKind ...interface{}) {
logger.LogIf(ctx, "rebalance", err, errKind...) logger.LogIf(ctx, "rebalance", err, errKind...)
} }