2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2003 Andrew Bartlett (abartlet@samba.org)
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 3 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program. If not, see <http://www.gnu.org/licenses/>.
21 #include "system/filesys.h"
22 #include "utils/net.h"
25 #include "dbwrap/dbwrap.h"
26 #include "dbwrap/dbwrap_open.h"
27 #include "../libcli/security/security.h"
28 #include "net_idmap_check.h"
30 #include "idmap_autorid_tdb.h"
32 #define ALLOC_CHECK(mem) do { \
34 d_fprintf(stderr, _("Out of memory!\n")); \
39 enum idmap_dump_backend {
44 struct net_idmap_ctx {
45 enum idmap_dump_backend backend;
48 static int net_idmap_dump_one_autorid_entry(struct db_record *rec,
54 key = dbwrap_record_get_key(rec);
55 value = dbwrap_record_get_value(rec);
57 if (strncmp((char *)key.dptr, "CONFIG", 6) == 0) {
58 char *config = talloc_array(talloc_tos(), char, value.dsize+1);
59 memcpy(config, value.dptr, value.dsize);
60 config[value.dsize] = '\0';
61 printf("CONFIG: %s\n", config);
66 if (strncmp((char *)key.dptr, "NEXT RANGE", 10) == 0) {
67 printf("RANGE HWM: %"PRIu32"\n", IVAL(value.dptr, 0));
71 if (strncmp((char *)key.dptr, "NEXT ALLOC UID", 14) == 0) {
72 printf("UID HWM: %"PRIu32"\n", IVAL(value.dptr, 0));
76 if (strncmp((char *)key.dptr, "NEXT ALLOC GID", 14) == 0) {
77 printf("GID HWM: %"PRIu32"\n", IVAL(value.dptr, 0));
81 if (strncmp((char *)key.dptr, "UID", 3) == 0 ||
82 strncmp((char *)key.dptr, "GID", 3) == 0)
84 /* mapped entry from allocation pool */
85 printf("%s %s\n", value.dptr, key.dptr);
89 if ((strncmp((char *)key.dptr, "S-1-5-", 6) == 0 ||
90 strncmp((char *)key.dptr, "ALLOC", 5) == 0) &&
91 value.dsize == sizeof(uint32_t))
93 /* this is a domain range assignment */
94 uint32_t range = IVAL(value.dptr, 0);
95 printf("RANGE %"PRIu32": %s\n", range, key.dptr);
102 /***********************************************************
103 Helper function for net_idmap_dump. Dump one entry.
104 **********************************************************/
105 static int net_idmap_dump_one_tdb_entry(struct db_record *rec,
111 key = dbwrap_record_get_key(rec);
112 value = dbwrap_record_get_value(rec);
114 if (strcmp((char *)key.dptr, "USER HWM") == 0) {
115 printf(_("USER HWM %d\n"), IVAL(value.dptr,0));
119 if (strcmp((char *)key.dptr, "GROUP HWM") == 0) {
120 printf(_("GROUP HWM %d\n"), IVAL(value.dptr,0));
124 if (strncmp((char *)key.dptr, "S-", 2) != 0) {
128 printf("%s %s\n", value.dptr, key.dptr);
132 static const char* net_idmap_dbfile(struct net_context *c,
133 struct net_idmap_ctx *ctx)
135 const char* dbfile = NULL;
136 const char *backend = NULL;
138 backend = lp_idmap_default_backend();
140 d_printf(_("Internal error: 'idmap config * : backend' is not set!\n"));
144 if (c->opt_db != NULL) {
145 dbfile = talloc_strdup(talloc_tos(), c->opt_db);
146 if (dbfile == NULL) {
147 d_fprintf(stderr, _("Out of memory!\n"));
149 } else if (strequal(backend, "tdb")) {
150 dbfile = state_path("winbindd_idmap.tdb");
151 if (dbfile == NULL) {
152 d_fprintf(stderr, _("Out of memory!\n"));
155 } else if (strequal(backend, "tdb2")) {
156 dbfile = talloc_asprintf(talloc_tos(), "%s/idmap2.tdb",
158 if (dbfile == NULL) {
159 d_fprintf(stderr, _("Out of memory!\n"));
162 } else if (strequal(backend, "autorid")) {
163 dbfile = state_path("autorid.tdb");
164 if (dbfile == NULL) {
165 d_fprintf(stderr, _("Out of memory!\n"));
167 ctx->backend = AUTORID;
169 char *_backend = talloc_strdup(talloc_tos(), backend);
170 char* args = strchr(_backend, ':');
175 d_printf(_("Sorry, 'idmap backend = %s' is currently not supported\n"),
178 talloc_free(_backend);
184 static bool net_idmap_opendb_autorid(TALLOC_CTX *mem_ctx,
185 struct net_context *c,
187 struct db_context **db)
191 struct net_idmap_ctx ctx = { .backend = AUTORID };
197 dbfile = net_idmap_dbfile(c, &ctx);
198 if (dbfile == NULL) {
202 if (ctx.backend != AUTORID) {
203 d_fprintf(stderr, _("Unsupported backend\n"));
208 *db = db_open(mem_ctx, dbfile, 0, TDB_DEFAULT, O_RDONLY, 0,
209 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
212 _("Could not open autorid db (%s): %s\n"),
213 dbfile, strerror(errno));
218 status = idmap_autorid_db_init(dbfile, mem_ctx, db);
219 if (!NT_STATUS_IS_OK(status)) {
221 _("Error calling idmap_autorid_db_init: %s\n"),
234 /***********************************************************
235 Dump the current idmap
236 **********************************************************/
237 static int net_idmap_dump(struct net_context *c, int argc, const char **argv)
239 struct db_context *db;
244 struct net_idmap_ctx ctx = { .backend = TDB };
246 if ( argc > 1 || c->display_usage) {
249 _("net idmap dump [[--db=]<inputfile>]\n"
250 " Dump current ID mapping.\n"
251 " inputfile\tTDB file to read mappings from.\n"));
252 return c->display_usage?0:-1;
255 mem_ctx = talloc_stackframe();
257 dbfile = (argc > 0) ? argv[0] : net_idmap_dbfile(c, &ctx);
258 if (dbfile == NULL) {
261 d_fprintf(stderr, _("dumping id mapping from %s\n"), dbfile);
263 db = db_open(mem_ctx, dbfile, 0, TDB_DEFAULT, O_RDONLY, 0,
264 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
266 d_fprintf(stderr, _("Could not open idmap db (%s): %s\n"),
267 dbfile, strerror(errno));
271 if (ctx.backend == AUTORID) {
272 status = dbwrap_traverse_read(db,
273 net_idmap_dump_one_autorid_entry,
276 status = dbwrap_traverse_read(db,
277 net_idmap_dump_one_tdb_entry,
280 if (!NT_STATUS_IS_OK(status)) {
281 d_fprintf(stderr, _("error traversing the database\n"));
289 talloc_free(mem_ctx);
293 /***********************************************************
294 Write entries from stdin to current local idmap
295 **********************************************************/
297 static int net_idmap_store_id_mapping(struct db_context *db,
300 const char *sid_string)
307 idstr = talloc_asprintf(talloc_tos(), "UID %lu", idval);
310 idstr = talloc_asprintf(talloc_tos(), "GID %lu", idval);
313 d_fprintf(stderr, "Invalid id mapping type: %d\n", type);
317 status = dbwrap_store_bystring(db, idstr,
318 string_term_tdb_data(sid_string),
320 if (!NT_STATUS_IS_OK(status)) {
321 d_fprintf(stderr, "Error storing ID -> SID: "
322 "%s\n", nt_errstr(status));
326 status = dbwrap_store_bystring(db, sid_string,
327 string_term_tdb_data(idstr),
329 if (!NT_STATUS_IS_OK(status)) {
330 d_fprintf(stderr, "Error storing SID -> ID: "
331 "%s\n", nt_errstr(status));
339 static int net_idmap_restore(struct net_context *c, int argc, const char **argv)
343 struct db_context *db;
344 const char *dbfile = NULL;
346 struct net_idmap_ctx ctx = { .backend = TDB };
348 if (c->display_usage) {
351 _("net idmap restore [--db=<TDB>] [<inputfile>]\n"
352 " Restore ID mappings from file\n"
353 " TDB\tFile to store ID mappings to."
354 " inputfile\tFile to load ID mappings from. If not "
355 "given, load data from stdin.\n"));
359 mem_ctx = talloc_stackframe();
361 dbfile = net_idmap_dbfile(c, &ctx);
363 if (dbfile == NULL) {
368 if (ctx.backend != TDB) {
369 d_fprintf(stderr, _("Sorry, restoring of non-TDB databases is "
370 "currently not supported\n"));
375 d_fprintf(stderr, _("restoring id mapping to %s\n"), dbfile);
378 input = fopen(argv[0], "r");
380 d_fprintf(stderr, _("Could not open input file (%s): %s\n"),
381 argv[0], strerror(errno));
389 db = db_open(mem_ctx, dbfile, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644,
390 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
392 d_fprintf(stderr, _("Could not open idmap db (%s): %s\n"),
393 dbfile, strerror(errno));
398 if (dbwrap_transaction_start(db) != 0) {
399 d_fprintf(stderr, _("Failed to start transaction.\n"));
404 while (!feof(input)) {
405 char line[128], sid_string[128];
410 if (fgets(line, 127, input) == NULL)
415 if ( (len > 0) && (line[len-1] == '\n') )
418 if (sscanf(line, "GID %lu %128s", &idval, sid_string) == 2)
420 ret = net_idmap_store_id_mapping(db, ID_TYPE_GID,
425 } else if (sscanf(line, "UID %lu %128s", &idval, sid_string) == 2)
427 ret = net_idmap_store_id_mapping(db, ID_TYPE_UID,
432 } else if (sscanf(line, "USER HWM %lu", &idval) == 1) {
433 status = dbwrap_store_int32_bystring(
434 db, "USER HWM", idval);
435 if (!NT_STATUS_IS_OK(status)) {
437 _("Could not store USER HWM: %s\n"),
441 } else if (sscanf(line, "GROUP HWM %lu", &idval) == 1) {
442 status = dbwrap_store_int32_bystring(
443 db, "GROUP HWM", idval);
444 if (!NT_STATUS_IS_OK(status)) {
446 _("Could not store GROUP HWM: %s\n"),
451 d_fprintf(stderr, _("ignoring invalid line [%s]\n"),
458 if(dbwrap_transaction_commit(db) != 0) {
459 d_fprintf(stderr, _("Failed to commit transaction.\n"));
463 if (dbwrap_transaction_cancel(db) != 0) {
464 d_fprintf(stderr, _("Failed to cancel transaction.\n"));
469 if ((input != NULL) && (input != stdin)) {
473 talloc_free(mem_ctx);
478 NTSTATUS dbwrap_delete_mapping(struct db_context *db, TDB_DATA key1, bool force)
480 TALLOC_CTX *mem_ctx = talloc_stackframe();
481 bool is_valid_mapping;
482 NTSTATUS status = NT_STATUS_OK;
488 status = dbwrap_fetch(db, mem_ctx, key1, &val1);
489 if (!NT_STATUS_IS_OK(status)) {
490 DEBUG(1, ("failed to fetch: %.*s\n", (int)key1.dsize, key1.dptr));
494 if (val1.dptr == NULL) {
495 DEBUG(1, ("invalid mapping: %.*s -> empty value\n",
496 (int)key1.dsize, key1.dptr));
497 status = NT_STATUS_FILE_INVALID;
501 DEBUG(2, ("mapping: %.*s -> %.*s\n",
502 (int)key1.dsize, key1.dptr, (int)val1.dsize, val1.dptr));
504 status = dbwrap_fetch(db, mem_ctx, val1, &val2);
505 if (!NT_STATUS_IS_OK(status)) {
506 DEBUG(1, ("failed to fetch: %.*s\n", (int)val1.dsize, val1.dptr));
510 is_valid_mapping = tdb_data_equal(key1, val2);
512 if (!is_valid_mapping) {
513 DEBUG(1, ("invalid mapping: %.*s -> %.*s -> %.*s\n",
514 (int)key1.dsize, key1.dptr,
515 (int)val1.dsize, val1.dptr,
516 (int)val2.dsize, val2.dptr));
518 status = NT_STATUS_FILE_INVALID;
523 status = dbwrap_delete(db, key1);
524 if (!NT_STATUS_IS_OK(status)) {
525 DEBUG(1, ("failed to delete: %.*s\n", (int)key1.dsize, key1.dptr));
529 if (!is_valid_mapping) {
533 status = dbwrap_delete(db, val1);
534 if (!NT_STATUS_IS_OK(status)) {
535 DEBUG(1, ("failed to delete: %.*s\n", (int)val1.dsize, val1.dptr));
539 talloc_free(mem_ctx);
544 NTSTATUS delete_mapping_action(struct db_context *db, void* data)
546 return dbwrap_delete_mapping(db, *(TDB_DATA*)data, false);
549 NTSTATUS delete_mapping_action_force(struct db_context *db, void* data)
551 return dbwrap_delete_mapping(db, *(TDB_DATA*)data, true);
554 /***********************************************************
555 Delete a SID mapping from a winbindd_idmap.tdb
556 **********************************************************/
557 static bool delete_args_ok(int argc, const char **argv)
561 if (strncmp(argv[0], "S-", 2) == 0)
563 if (strncmp(argv[0], "GID ", 4) == 0)
565 if (strncmp(argv[0], "UID ", 4) == 0)
570 static int net_idmap_delete_mapping(struct net_context *c, int argc,
574 struct db_context *db;
579 struct net_idmap_ctx ctx = { .backend = TDB };
581 if ( !delete_args_ok(argc,argv) || c->display_usage) {
584 _("net idmap delete mapping [-f] [--db=<TDB>] <ID>\n"
585 " Delete mapping of ID from TDB.\n"
587 " TDB\tidmap database\n"
588 " ID\tSID|GID|UID\n"));
589 return c->display_usage ? 0 : -1;
592 mem_ctx = talloc_stackframe();
594 dbfile = net_idmap_dbfile(c, &ctx);
595 if (dbfile == NULL) {
598 d_fprintf(stderr, _("deleting id mapping from %s\n"), dbfile);
600 db = db_open(mem_ctx, dbfile, 0, TDB_DEFAULT, O_RDWR, 0,
601 DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);
603 d_fprintf(stderr, _("Could not open idmap db (%s): %s\n"),
604 dbfile, strerror(errno));
608 key = string_term_tdb_data(argv[0]);
610 status = dbwrap_trans_do(db, (c->opt_force
611 ? delete_mapping_action_force
612 : delete_mapping_action), &key);
614 if (!NT_STATUS_IS_OK(status)) {
615 d_fprintf(stderr, _("could not delete mapping: %s\n"),
621 talloc_free(mem_ctx);
625 static bool parse_uint32(const char *str, uint32_t *result)
630 val = strtoul(str, &endptr, 10);
635 if (*endptr != '\0') {
638 if ((val == ULONG_MAX) && (errno == ERANGE)) {
641 if ((val & UINT32_MAX) != val) {
645 *result = val; /* Potential crop */
649 static void net_idmap_autorid_delete_range_usage(void)
653 _("net idmap delete range [-f] [--db=<TDB>] <RANGE>|(<SID>[ <INDEX>])\n"
654 " Delete a domain range mapping from the database.\n"
656 " TDB\tidmap database\n"
657 " RANGE\tthe range number to delete\n"
658 " SID\t\tSID of the domain\n"
659 " INDEX\trange index number do delete for the domain\n"));
662 static int net_idmap_autorid_delete_range(struct net_context *c, int argc,
666 struct db_context *db = NULL;
669 uint32_t range_index;
671 TALLOC_CTX *mem_ctx = NULL;
673 bool force = (c->opt_force != 0);
675 if (c->display_usage) {
676 net_idmap_autorid_delete_range_usage();
680 if (argc < 1 || argc > 2) {
681 net_idmap_autorid_delete_range_usage();
685 mem_ctx = talloc_stackframe();
686 if (!net_idmap_opendb_autorid(mem_ctx, c, false, &db)) {
690 ok = parse_uint32(argv[0], &rangenum);
692 d_printf("%s: %"PRIu32"\n", _("Deleting range number"),
695 status = idmap_autorid_delete_range_by_num(db, rangenum,
697 if (!NT_STATUS_IS_OK(status)) {
698 d_fprintf(stderr, "%s: %s\n",
699 _("Failed to delete domain range mapping"),
712 ok = parse_uint32(argv[1], &range_index);
715 _("Invalid index specification"), argv[1]);
716 net_idmap_autorid_delete_range_usage();
721 status = idmap_autorid_delete_range_by_sid(db, domsid, range_index,
723 if (!NT_STATUS_IS_OK(status)) {
724 d_fprintf(stderr, "%s: %s\n",
725 _("Failed to delete domain range mapping"),
733 talloc_free(mem_ctx);
737 static void net_idmap_autorid_delete_ranges_usage(void)
741 _("net idmap delete ranges [-f] [--db=<TDB>] <SID>\n"
742 " Delete all domain range mappings for a given domain.\n"
744 " TDB\tidmap database\n"
745 " SID\t\tSID of the domain\n"));
748 static int net_idmap_autorid_delete_ranges(struct net_context *c, int argc,
752 struct db_context *db = NULL;
755 TALLOC_CTX *mem_ctx = NULL;
756 bool force = (c->opt_force != 0);
759 if (c->display_usage) {
760 net_idmap_autorid_delete_ranges_usage();
765 net_idmap_autorid_delete_ranges_usage();
771 mem_ctx = talloc_stackframe();
772 if (!net_idmap_opendb_autorid(mem_ctx, c, false, &db)) {
776 status = idmap_autorid_delete_domain_ranges(db, domsid, force, &count);
777 if (!NT_STATUS_IS_OK(status)) {
778 d_fprintf(stderr, "%s %s: %s\n",
779 _("Failed to delete domain range mappings for "
786 d_printf(_("deleted %d domain mappings\n"), count);
791 talloc_free(mem_ctx);
795 static int net_idmap_delete(struct net_context *c, int argc, const char **argv)
797 struct functable func[] = {
800 net_idmap_delete_mapping,
802 N_("Delete ID mapping"),
803 N_("net idmap delete mapping <ID>\n"
804 " Delete ID mapping")
808 net_idmap_autorid_delete_range,
810 N_("Delete a domain range mapping"),
811 N_("net idmap delete range <RANGE>|(<SID>[ <INDEX>])\n"
812 " Delete a domain range mapping")
816 net_idmap_autorid_delete_ranges,
818 N_("Delete all domain range mappings for a given "
820 N_("net idmap delete ranges <SID>\n"
821 " Delete a domain range mapping")
823 {NULL, NULL, 0, NULL, NULL}
826 return net_run_function(c, argc, argv, "net idmap delete", func);
830 static int net_idmap_set_mapping(struct net_context *c,
831 int argc, const char **argv)
833 d_printf("%s\n", _("Not implemented yet"));
837 static void net_idmap_autorid_set_range_usage(void)
841 _("net idmap set range"
842 " <range> <SID> [<index>] [--db=<inputfile>]\n"
843 " Store a domain-range mapping for a given domain.\n"
844 " range\tRange number to be set for the domain\n"
845 " SID\t\tSID of the domain\n"
846 " index\trange-index number to be set for the domain\n"
847 " inputfile\tTDB file to add mapping to.\n"));
850 static int net_idmap_autorid_set_range(struct net_context *c,
851 int argc, const char **argv)
855 struct db_context *db = NULL;
858 uint32_t range_index = 0;
862 if (c->display_usage) {
863 net_idmap_autorid_set_range_usage();
867 if (argc < 2 || argc > 3) {
868 net_idmap_autorid_set_range_usage();
872 ok = parse_uint32(argv[0], &rangenum);
874 d_printf("%s: %s\n", _("Invalid range specification"),
876 net_idmap_autorid_set_range_usage();
883 ok = parse_uint32(argv[2], &range_index);
886 _("Invalid index specification"), argv[2]);
887 net_idmap_autorid_set_range_usage();
892 mem_ctx = talloc_stackframe();
893 if (!net_idmap_opendb_autorid(mem_ctx, c, false, &db)) {
897 status = idmap_autorid_setrange(db, domsid, range_index, rangenum);
898 if (!NT_STATUS_IS_OK(status)) {
899 d_fprintf(stderr, "%s: %s\n",
900 _("Failed to save domain mapping"),
908 TALLOC_FREE(mem_ctx);
912 static bool idmap_store_secret(const char *backend,
914 const char *identity,
921 r = asprintf(&tmp, "IDMAP_%s_%s", backend, domain);
923 if (r < 0) return false;
925 /* make sure the key is case insensitive */
926 if (!strupper_m(tmp)) {
930 ret = secrets_store_generic(tmp, identity, secret);
937 static int net_idmap_secret(struct net_context *c, int argc, const char **argv)
947 if (argc != 2 || c->display_usage) {
950 _("net idmap set secret <DOMAIN> <secret>\n"
951 " Set the secret for the specified domain\n"
952 " DOMAIN\tDomain to set secret for.\n"
953 " secret\tNew secret to set.\n"));
954 return c->display_usage?0:-1;
959 ctx = talloc_new(NULL);
962 domain = talloc_strdup(ctx, argv[0]);
965 opt = talloc_asprintf(ctx, "idmap config %s", domain);
968 backend = talloc_strdup(ctx, lp_parm_const_string(-1, opt, "backend", "tdb"));
969 ALLOC_CHECK(backend);
971 if ((!backend) || (!strequal(backend, "ldap") &&
972 !strequal(backend, "rfc2307"))) {
974 _("The only currently supported backend are LDAP "
980 dn = lp_parm_const_string(-1, opt, "ldap_user_dn", NULL);
983 _("Missing ldap_user_dn option for domain %s\n"),
989 ret = idmap_store_secret("ldap", domain, dn, secret);
992 d_fprintf(stderr, _("Failed to store secret\n"));
997 d_printf(_("Secret stored\n"));
1001 static int net_idmap_autorid_set_config(struct net_context *c,
1002 int argc, const char **argv)
1006 TALLOC_CTX *mem_ctx;
1007 struct db_context *db = NULL;
1009 if (argc != 1 || c->display_usage) {
1012 _("net idmap set config <config>"
1013 " [--db=<inputfile>]\n"
1014 " Update CONFIG entry in autorid.\n"
1015 " config\tConfig string to be stored\n"
1016 " inputfile\tTDB file to update config.\n"));
1017 return c->display_usage ? 0 : -1;
1020 mem_ctx = talloc_stackframe();
1022 if (!net_idmap_opendb_autorid(mem_ctx, c, false, &db)) {
1026 status = idmap_autorid_saveconfigstr(db, argv[0]);
1027 if (!NT_STATUS_IS_OK(status)) {
1028 printf("Error storing the config in the database: %s\n",
1036 TALLOC_FREE(mem_ctx);
1040 static int net_idmap_set(struct net_context *c, int argc, const char **argv)
1042 struct functable func[] = {
1045 net_idmap_set_mapping,
1046 NET_TRANSPORT_LOCAL,
1047 N_("Not implemented yet"),
1048 N_("net idmap set mapping\n"
1049 " Not implemented yet")
1053 net_idmap_autorid_set_range,
1054 NET_TRANSPORT_LOCAL,
1055 N_("Store a domain-range mapping"),
1056 N_("net idmap set range\n"
1057 " Store a domain-range mapping")
1061 net_idmap_autorid_set_config,
1062 NET_TRANSPORT_LOCAL,
1063 N_("Save the global configuration in the autorid database"),
1064 N_("net idmap set config \n"
1065 " Save the global configuration in the autorid database ")
1070 NET_TRANSPORT_LOCAL,
1071 N_("Set secret for specified domain"),
1072 N_("net idmap set secret <DOMAIN> <secret>\n"
1073 " Set secret for specified domain")
1075 {NULL, NULL, 0, NULL, NULL}
1078 return net_run_function(c, argc, argv, "net idmap set", func);
1081 static void net_idmap_autorid_get_range_usage(void)
1085 _("net idmap get range <SID> [<index>] [--db=<inputfile>]\n"
1086 " Get the range for a given domain and index.\n"
1087 " SID\t\tSID of the domain\n"
1088 " index\trange-index number to be retrieved\n"
1089 " inputfile\tTDB file to add mapping to.\n"));
1093 static int net_idmap_autorid_get_range(struct net_context *c, int argc,
1097 TALLOC_CTX *mem_ctx;
1098 struct db_context *db = NULL;
1101 uint32_t range_index = 0;
1107 if (c->display_usage) {
1108 net_idmap_autorid_get_range_usage();
1112 if (argc < 1 || argc > 2) {
1113 net_idmap_autorid_get_range_usage();
1120 ok = parse_uint32(argv[1], &range_index);
1122 d_printf("%s: %s\n",
1123 _("Invalid index specification"), argv[1]);
1124 net_idmap_autorid_get_range_usage();
1129 mem_ctx = talloc_stackframe();
1130 if (!net_idmap_opendb_autorid(mem_ctx, c, true, &db)) {
1134 status = idmap_autorid_getrange(db, domsid, range_index, &rangenum,
1136 if (!NT_STATUS_IS_OK(status)) {
1137 d_fprintf(stderr, "%s: %s\n",
1138 _("Failed to load domain range"), nt_errstr(status));
1142 if (range_index == 0) {
1143 keystr = talloc_strdup(mem_ctx, domsid);
1145 keystr = talloc_asprintf(mem_ctx, "%s#%"PRIu32, domsid,
1149 printf("RANGE %"PRIu32": %s (low id: %"PRIu32")\n",
1150 rangenum, keystr, low_id);
1155 TALLOC_FREE(mem_ctx);
1159 static NTSTATUS net_idmap_autorid_print_range(struct db_context *db,
1161 uint32_t range_index,
1165 if (range_index == 0) {
1166 printf("RANGE %"PRIu32": %s\n", rangenum, domsid);
1168 printf("RANGE %"PRIu32": %s#%"PRIu32"\n", rangenum, domsid,
1172 return NT_STATUS_OK;
1175 static void net_idmap_autorid_get_ranges_usage(void)
1179 _("net idmap get ranges [<SID>] [--db=<inputfile>]\n"
1180 " Get all ranges for a given domain.\n"
1181 " SID\t\tSID of the domain - list all ranges if omitted\n"
1182 " inputfile\tTDB file to add mapping to.\n"));
1185 static int net_idmap_autorid_get_ranges(struct net_context *c, int argc,
1189 TALLOC_CTX *mem_ctx;
1190 struct db_context *db = NULL;
1194 if (c->display_usage) {
1195 net_idmap_autorid_get_ranges_usage();
1201 } else if (argc == 1) {
1204 net_idmap_autorid_get_ranges_usage();
1208 mem_ctx = talloc_stackframe();
1209 if (!net_idmap_opendb_autorid(mem_ctx, c, true, &db)) {
1213 status = idmap_autorid_iterate_domain_ranges_read(db,
1215 net_idmap_autorid_print_range,
1216 NULL, /* private_data */
1218 if (!NT_STATUS_IS_OK(status)) {
1219 d_fprintf(stderr, "%s: %s\n",
1220 _("Error getting domain ranges"), nt_errstr(status));
1227 talloc_free(mem_ctx);
1231 static int net_idmap_autorid_get_config(struct net_context *c, int argc,
1236 TALLOC_CTX *mem_ctx;
1238 struct db_context *db = NULL;
1240 if (argc > 0 || c->display_usage) {
1243 _("net idmap get config"
1244 " [--db=<inputfile>]\n"
1245 " Get CONFIG entry from autorid database\n"
1246 " inputfile\tTDB file to read config from.\n"));
1247 return c->display_usage ? 0 : -1;
1250 mem_ctx = talloc_stackframe();
1252 if (!net_idmap_opendb_autorid(mem_ctx, c, true, &db)) {
1256 status = idmap_autorid_getconfigstr(db, mem_ctx, &config);
1257 if (!NT_STATUS_IS_OK(status)) {
1258 d_fprintf(stderr, "%s: %s\n",
1259 _("Error: unable to read config entry"),
1264 printf("CONFIG: %s\n", config);
1268 TALLOC_FREE(mem_ctx);
1273 static int net_idmap_get(struct net_context *c, int argc, const char **argv)
1275 struct functable func[] = {
1278 net_idmap_autorid_get_range,
1279 NET_TRANSPORT_LOCAL,
1280 N_("Get the range for a domain and range-index"),
1281 N_("net idmap get range\n"
1282 " Get the range for a domain and range-index")
1286 net_idmap_autorid_get_ranges,
1287 NET_TRANSPORT_LOCAL,
1288 N_("Get all ranges for a domain"),
1289 N_("net idmap get ranges <SID>\n"
1290 " Get all ranges for a domain")
1294 net_idmap_autorid_get_config,
1295 NET_TRANSPORT_LOCAL,
1296 N_("Get the global configuration from the autorid database"),
1297 N_("net idmap get config \n"
1298 " Get the global configuration from the autorid database ")
1300 {NULL, NULL, 0, NULL, NULL}
1303 return net_run_function(c, argc, argv, "net idmap get", func);
1306 static int net_idmap_check(struct net_context *c, int argc, const char **argv)
1309 struct check_options opts;
1310 struct net_idmap_ctx ctx = { .backend = TDB };
1312 if ( argc > 1 || c->display_usage) {
1315 _("net idmap check [-v] [-r] [-a] [-T] [-f] [-l] [[--db=]<TDB>]\n"
1316 " Check an idmap database.\n"
1317 " --verbose,-v\tverbose\n"
1318 " --repair,-r\trepair\n"
1319 " --auto,-a\tnoninteractive mode\n"
1320 " --test,-T\tdry run\n"
1321 " --fore,-f\tforce\n"
1322 " --lock,-l\tlock db while doing the check\n"
1323 " TDB\tidmap database\n"));
1324 return c->display_usage ? 0 : -1;
1327 dbfile = (argc > 0) ? argv[0] : net_idmap_dbfile(c, &ctx);
1328 if (dbfile == NULL) {
1332 if (ctx.backend != TDB) {
1333 d_fprintf(stderr, _("Sorry, checking of non-TDB databases is "
1334 "currently not supported\n"));
1338 d_fprintf(stderr, _("check database: %s\n"), dbfile);
1340 opts = (struct check_options) {
1341 .lock = c->opt_lock || c->opt_long_list_entries,
1342 .test = c->opt_testmode,
1343 .automatic = c->opt_auto,
1344 .verbose = c->opt_verbose,
1345 .force = c->opt_force,
1346 .repair = c->opt_repair || c->opt_reboot,
1349 return net_idmap_check_db(dbfile, &opts);
1352 /***********************************************************
1353 Look at the current idmap
1354 **********************************************************/
1355 int net_idmap(struct net_context *c, int argc, const char **argv)
1357 struct functable func[] = {
1361 NET_TRANSPORT_LOCAL,
1362 N_("Dump the current ID mapping database"),
1363 N_("net idmap dump\n"
1364 " Dump the current ID mappings")
1369 NET_TRANSPORT_LOCAL,
1370 N_("Restore entries from a file or stdin"),
1371 N_("net idmap restore\n"
1372 " Restore entries from stdin")
1377 NET_TRANSPORT_LOCAL,
1378 N_("Read data from the ID mapping database"),
1379 N_("net idmap get\n"
1380 " Read data from the ID mapping database")
1385 NET_TRANSPORT_LOCAL,
1386 N_("Write data to the ID mapping database"),
1387 N_("net idmap set\n"
1388 " Write data to the ID mapping database")
1393 NET_TRANSPORT_LOCAL,
1394 N_("Delete entries from the ID mapping database"),
1395 N_("net idmap delete\n"
1396 " Delete entries from the ID mapping database")
1401 NET_TRANSPORT_LOCAL,
1402 N_("Check id mappings"),
1403 N_("net idmap check\n"
1404 " Check id mappings")
1406 {NULL, NULL, 0, NULL, NULL}
1409 return net_run_function(c, argc, argv, "net idmap", func);
git.samba.org / samba.git / blob