/*****************************************************/
#include "includes.h"
+#include "popt_common.h"
#include "utils/net.h"
-
-extern bool AllowDebugChange;
+#include "secrets.h"
+#include "lib/netapi/netapi.h"
+#include "../libcli/security/security.h"
+#include "passdb.h"
+#include "messages.h"
#ifdef WITH_FAKE_KASERVER
#include "utils/net_afs.h"
/* end of internationalization section */
/***********************************************************************/
-uint32 get_sec_channel_type(const char *param)
+enum netr_SchannelType get_sec_channel_type(const char *param)
{
if (!(param && *param)) {
return get_default_sec_channel();
const char **argv)
{
char *trust_pw;
- uint32 sec_channel_type = SEC_CHAN_WKSTA;
+ enum netr_SchannelType sec_channel_type = SEC_CHAN_WKSTA;
if(c->opt_force) {
if (c->opt_stdin) {
return 0;
}
+/**
+ * @brief Set the authorised user for winbindd access in secrets.tdb
+ */
+static int net_setauthuser(struct net_context *c, int argc, const char **argv)
+{
+ const char *password = NULL;
+
+ if (!secrets_init()) {
+ d_fprintf(stderr, _("Failed to open secrets.tdb.\n"));
+ return 1;
+ }
+
+ /* Delete the settings. */
+ if (argc >= 1) {
+ if (strncmp(argv[0], "delete", 6) != 0) {
+ d_fprintf(stderr,_("Usage:\n"));
+ d_fprintf(stderr,
+ _(" net setauthuser -U user[%%password] \n"
+ " Set the auth user account to user"
+ "password. Prompt for password if not "
+ "specified.\n"));
+ d_fprintf(stderr,
+ _(" net setauthuser delete\n"
+ " Delete the auth user setting.\n"));
+ return 1;
+ }
+ secrets_delete(SECRETS_AUTH_USER);
+ secrets_delete(SECRETS_AUTH_DOMAIN);
+ secrets_delete(SECRETS_AUTH_PASSWORD);
+ return 0;
+ }
+
+ if (!c->opt_user_specified) {
+ d_fprintf(stderr, _("Usage:\n"));
+ d_fprintf(stderr,
+ _(" net setauthuser -U user[%%password]\n"
+ " Set the auth user account to user"
+ "password. Prompt for password if not "
+ "specified.\n"));
+ d_fprintf(stderr,
+ _(" net setauthuser delete\n"
+ " Delete the auth user setting.\n"));
+ return 1;
+ }
+
+ password = net_prompt_pass(c, _("the auth user"));
+ if (password == NULL) {
+ d_fprintf(stderr,_("Failed to get the auth users password.\n"));
+ return 1;
+ }
+
+ if (!secrets_store(SECRETS_AUTH_USER, c->opt_user_name,
+ strlen(c->opt_user_name) + 1)) {
+ d_fprintf(stderr, _("error storing auth user name\n"));
+ return 1;
+ }
+
+ if (!secrets_store(SECRETS_AUTH_DOMAIN, c->opt_workgroup,
+ strlen(c->opt_workgroup) + 1)) {
+ d_fprintf(stderr, _("error storing auth user domain\n"));
+ return 1;
+ }
+
+ if (!secrets_store(SECRETS_AUTH_PASSWORD, password,
+ strlen(password) + 1)) {
+ d_fprintf(stderr, _("error storing auth user password\n"));
+ return 1;
+ }
+
+ return 0;
+}
+
+/**
+ * @brief Get the auth user settings
+ */
+static int net_getauthuser(struct net_context *c, int argc, const char **argv)
+{
+ char *user, *domain, *password;
+
+ /* Lift data from secrets file */
+
+ secrets_fetch_ipc_userpass(&user, &domain, &password);
+
+ if ((!user || !*user) && (!domain || !*domain ) &&
+ (!password || !*password)){
+
+ SAFE_FREE(user);
+ SAFE_FREE(domain);
+ SAFE_FREE(password);
+ d_printf(_("No authorised user configured\n"));
+ return 0;
+ }
+
+ /* Pretty print authorised user info */
+
+ d_printf("%s%s%s%s%s\n", domain ? domain : "",
+ domain ? lp_winbind_separator(): "", user,
+ password ? "%" : "", password ? password : "");
+
+ SAFE_FREE(user);
+ SAFE_FREE(domain);
+ SAFE_FREE(password);
+
+ return 0;
+}
/*
Retrieve our local SID or the SID for the specified name
*/
static int net_getlocalsid(struct net_context *c, int argc, const char **argv)
{
- DOM_SID sid;
+ struct dom_sid sid;
const char *name;
fstring sid_str;
name = argv[0];
}
else {
- name = global_myname();
+ name = lp_netbios_name();
}
if(!initialize_password_db(false, NULL)) {
static int net_setlocalsid(struct net_context *c, int argc, const char **argv)
{
- DOM_SID sid;
+ struct dom_sid sid;
if ( (argc != 1)
|| (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
|| (!string_to_sid(&sid, argv[0]))
|| (sid.num_auths != 4)) {
- d_printf(_("usage: net setlocalsid S-1-5-21-x-y-z\n"));
+ d_printf(_("Usage:"));
+ d_printf(" net setlocalsid S-1-5-21-x-y-z\n");
return 1;
}
- if (!secrets_store_domain_sid(global_myname(), &sid)) {
+ if (!secrets_store_domain_sid(lp_netbios_name(), &sid)) {
DEBUG(0,("Can't store domain SID as a pdc/bdc.\n"));
return 1;
}
static int net_setdomainsid(struct net_context *c, int argc, const char **argv)
{
- DOM_SID sid;
+ struct dom_sid sid;
if ( (argc != 1)
|| (strncmp(argv[0], "S-1-5-21-", strlen("S-1-5-21-")) != 0)
|| (!string_to_sid(&sid, argv[0]))
|| (sid.num_auths != 4)) {
- d_printf(_("usage: net setdomainsid S-1-5-21-x-y-z\n"));
+ d_printf(_("Usage:"));
+ d_printf(" net setdomainsid S-1-5-21-x-y-z\n");
return 1;
}
static int net_getdomainsid(struct net_context *c, int argc, const char **argv)
{
- DOM_SID domain_sid;
+ struct dom_sid domain_sid;
fstring sid_str;
if (argc > 0) {
- d_printf(_("usage: net getdomainsid\n"));
+ d_printf(_("Usage:"));
+ d_printf(" net getdomainsid\n");
return 1;
}
/* Generate one, if it doesn't exist */
get_global_sam_sid();
- if (!secrets_fetch_domain_sid(global_myname(), &domain_sid)) {
- d_fprintf(stderr, _("Could not fetch local SID\n"));
- return 1;
+ if (!IS_DC) {
+ if (!secrets_fetch_domain_sid(lp_netbios_name(), &domain_sid)) {
+ d_fprintf(stderr, _("Could not fetch local SID\n"));
+ return 1;
+ }
+ sid_to_fstring(sid_str, &domain_sid);
+ d_printf(_("SID for local machine %s is: %s\n"),
+ lp_netbios_name(), sid_str);
}
- sid_to_fstring(sid_str, &domain_sid);
- d_printf(_("SID for local machine %s is: %s\n"),
- global_myname(), sid_str);
-
if (!secrets_fetch_domain_sid(c->opt_workgroup, &domain_sid)) {
d_fprintf(stderr, _("Could not fetch domain SID\n"));
return 1;
uint32 rid;
if (argc != 0) {
- d_fprintf(stderr, _("usage: net maxrid\n"));
+ d_fprintf(stderr, "%s net maxrid\n", _("Usage:"));
return 1;
}
" Do NOT use this function unless you know what it does.\n"
" Requires the -f flag to work.")
},
+ {
+ "setauthuser",
+ net_setauthuser,
+ NET_TRANSPORT_LOCAL,
+ N_("Set the winbind auth user"),
+ N_(" net -U user[%%password] [-W domain] setauthuser\n"
+ " Set the auth user, password (and optionally domain\n"
+ " Will prompt for password if not given.\n"
+ " net setauthuser delete\n"
+ " Delete the existing auth user settings.")
+ },
+ {
+ "getauthuser",
+ net_getauthuser,
+ NET_TRANSPORT_LOCAL,
+ N_("Get the winbind auth user settings"),
+ N_(" net getauthuser\n"
+ " Get the current winbind auth user settings.")
+ },
{ "time",
net_time,
NET_TRANSPORT_LOCAL,
N_(" Use 'net help lookup' to get more information about 'net "
"lookup' commands.")
},
+ { "g_lock",
+ net_g_lock,
+ NET_TRANSPORT_LOCAL,
+ N_("Manipulate the global lock table"),
+ N_(" Use 'net help g_lock' to get more information about "
+ "'net g_lock' commands.")
+ },
{ "join",
net_join,
NET_TRANSPORT_ADS | NET_TRANSPORT_RPC,
{ "maxrid",
net_maxrid,
NET_TRANSPORT_LOCAL,
- N_("Display the maximul RID currently used"),
+ N_("Display the maximum RID currently used"),
N_(" net maxrid")
},
{ "idmap",
N_(" Use 'net help registry' to get more information about "
"'net registry' commands.")
},
- { "lua",
- net_lua,
- NET_TRANSPORT_LOCAL,
- N_("Open a lua interpreter"),
- N_(" Use 'net help lua' to get more information about 'net "
- "lua' commands.")
- },
{ "eventlog",
net_eventlog,
NET_TRANSPORT_LOCAL,
N_(" Use 'net help eventlog' to get more information about "
"'net eventlog' commands.")
},
+ { "printing",
+ net_printing,
+ NET_TRANSPORT_LOCAL,
+ N_("Process tdb printer files"),
+ N_(" Use 'net help printing' to get more information about "
+ "'net printing' commands.")
+ },
+
+ { "serverid",
+ net_serverid,
+ NET_TRANSPORT_LOCAL,
+ N_("Manage the serverid tdb"),
+ N_(" Use 'net help serverid' to get more information about "
+ "'net serverid' commands.")
+ },
#ifdef WITH_FAKE_KASERVER
{ "afs",
{"machine-pass",'P', POPT_ARG_NONE, &c->opt_machine_pass},
{"kerberos", 'k', POPT_ARG_NONE, &c->opt_kerberos},
{"myworkgroup", 'W', POPT_ARG_STRING, &c->opt_workgroup},
+ {"use-ccache", 0, POPT_ARG_NONE, &c->opt_ccache},
{"verbose", 'v', POPT_ARG_NONE, &c->opt_verbose},
{"test", 'T', POPT_ARG_NONE, &c->opt_testmode},
/* Options for 'net groupmap set' */
{"force-full-repl", 0, POPT_ARG_NONE, &c->opt_force_full_repl},
{"single-obj-repl", 0, POPT_ARG_NONE, &c->opt_single_obj_repl},
{"clean-old-entries", 0, POPT_ARG_NONE, &c->opt_clean_old_entries},
-
+ /* Options for 'net idmap'*/
+ {"db", 0, POPT_ARG_STRING, &c->opt_db},
+ {"lock", 0, POPT_ARG_NONE, &c->opt_lock},
+ {"auto", 'a', POPT_ARG_NONE, &c->opt_auto},
+ {"repair", 0, POPT_ARG_NONE, &c->opt_repair},
+ /* Options for 'net registry check'*/
+ {"reg-version", 0, POPT_ARG_INT, &c->opt_reg_version},
+ {"output", 'o', POPT_ARG_STRING, &c->opt_output},
+ {"wipe", 0, POPT_ARG_NONE, &c->opt_wipe},
POPT_COMMON_SAMBA
{ 0, 0, 0, 0}
};
zero_sockaddr(&c->opt_dest_ip);
+ setup_logging(argv[0], DEBUG_STDERR);
+
load_case_tables();
setlocale(LC_ALL, "");
#if defined(HAVE_BINDTEXTDOMAIN)
- bindtextdomain(MODULE_NAME, dyn_LOCALEDIR);
+ bindtextdomain(MODULE_NAME, get_dyn_LOCALEDIR());
#endif
#if defined(HAVE_TEXTDOMAIN)
textdomain(MODULE_NAME);
#endif
/* set default debug level to 0 regardless of what smb.conf sets */
- DEBUGLEVEL_CLASS[DBGC_ALL] = 0;
- dbf = x_stderr;
+ lp_set_cmdline("log level", "0");
c->private_data = net_func;
pc = poptGetContext(NULL, argc, (const char **) argv, long_options,
}
}
- /*
- * Don't load debug level from smb.conf. It should be
- * set by cmdline arg or remain default (0)
- */
- AllowDebugChange = false;
- lp_load(get_dyn_CONFIGFILE(), true, false, false, true);
+ lp_load_global(get_dyn_CONFIGFILE());
+
+#if defined(HAVE_BIND_TEXTDOMAIN_CODESET)
+ /* Bind our gettext results to 'unix charset'
+
+ This ensures that the translations and any embedded strings are in the
+ same charset. It won't be the one from the user's locale (we no
+ longer auto-detect that), but it will be self-consistent.
+ */
+ bind_textdomain_codeset(MODULE_NAME, lp_unix_charset());
+#endif
argv_new = (const char **)poptGetArgs(pc);
}
if (c->opt_requester_name) {
- set_global_myname(c->opt_requester_name);
+ lp_set_cmdline("netbios name", c->opt_requester_name);
}
if (!c->opt_user_name && getenv("LOGNAME")) {
load_interfaces();
/* this makes sure that when we do things like call scripts,
- that it won't assert becouse we are not root */
+ that it won't assert because we are not root */
sec_init();
if (c->opt_machine_pass) {
c->opt_password = getenv("PASSWD");
}
+ /* Failing to init the msg_ctx isn't a fatal error. Only
+ root-level things (joining/leaving domains etc.) will be denied. */
+
+ c->msg_ctx = messaging_init(c, event_context_init(c));
+
rc = net_run_function(c, argc_new-1, argv_new+1, "net", net_func);
DEBUG(2,("return code = %d\n", rc));
git.samba.org / ira / wip.git / blobdiff