/*
- * Unix SMB/Netbios implementation.
- * Version 1.9.
+ * Unix SMB/CIFS implementation.
* RPC Pipe client / server routines
* Copyright (C) Andrew Tridgell 1992-2000,
* Copyright (C) Jean François Micouleau 1998-2001.
#include "includes.h"
extern pstring global_myname;
-extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
/*
static void usage(void)
{
if (getuid() == 0) {
- printf("groupedit options\n");
+ printf("smbgroupedit options\n");
} else {
printf("You need to be root to use this tool!\n");
}
printf(" -n group NT group name\n");
printf(" -p privilege only local\n");
printf(" -v list groups\n");
+ printf(" -l long list (include details)\n");
+ printf(" -s short list (default)\n");
printf(" -c SID change group\n");
printf(" -u unix group\n");
printf(" -x group delete this group\n");
**********************************************************/
int addgroup(char *group, enum SID_NAME_USE sid_type, char *ntgroup, char *ntcomment, char *privilege)
{
- uint32 se_priv;
+ PRIVILEGE_SET se_priv;
gid_t gid;
DOM_SID sid;
fstring string_sid;
fstring name, comment;
-/* convert_priv_from_text(&se_priv, privilege);*/
-
- se_priv=0x0;
-
gid=nametogid(group);
if (gid==-1)
return -1;
else
fstrcpy(comment, ntcomment);
- if(!add_initial_entry(gid, string_sid, sid_type, name, comment, se_priv))
+ init_privilege(&se_priv);
+ if (privilege!=NULL)
+ convert_priv_from_text(&se_priv, privilege);
+
+ if(!add_initial_entry(gid, string_sid, sid_type, name, comment, se_priv, PR_ACCESS_FROM_NETWORK)) {
+ free_privilege(&se_priv);
return -1;
+ }
+ free_privilege(&se_priv);
return 0;
}
DOM_SID sid;
GROUP_MAP map;
gid_t gid;
- uint32 se_priv;
string_to_sid(&sid, sid_string);
/* Get the current mapping from the database */
- if(!get_group_map_from_sid(sid, &map)) {
+ if(!get_group_map_from_sid(sid, &map, MAPPING_WITH_PRIV)) {
printf("This SID does not exist in the database\n");
return -1;
}
fstrcpy(map.comment, groupdesc);
/* Change the privilege if new one */
- if (privilege!=NULL) {
- convert_priv_from_text(&se_priv, privilege);
- map.privilege=se_priv;
- }
+ if (privilege!=NULL)
+ convert_priv_from_text(&map.priv_set, privilege);
if (!add_mapping_entry(&map, TDB_REPLACE)) {
printf("Count not update group database\n");
+ free_privilege(&map.priv_set);
return -1;
}
-
+
+ free_privilege(&map.priv_set);
return 0;
}
/*********************************************************
List the groups.
**********************************************************/
-int listgroup(enum SID_NAME_USE sid_type)
+int listgroup(enum SID_NAME_USE sid_type, BOOL long_list)
{
int entries,i;
GROUP_MAP *map=NULL;
fstring group_type;
fstring priv_text;
- printf("Unix\tSID\ttype\tnt name\tnt comment\tprivilege\n");
+ if (!long_list)
+ printf("NT group (SID) -> Unix group\n");
- if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED))
+ if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV))
return -1;
for (i=0; i<entries; i++) {
decode_sid_name_use(group_type, (map[i]).sid_name_use);
sid_to_string(string_sid, &map[i].sid);
- convert_priv_to_text(map[i].privilege, priv_text);
-
- printf("%s\t%s\t%s\n\t%s\t%s\t%s\n\n", gidtoname(map[i].gid), map[i].nt_name, string_sid,
- group_type, map[i].comment, priv_text);
+ convert_priv_to_text(&(map[i].priv_set), priv_text);
+ free_privilege(&(map[i].priv_set));
+
+ if (!long_list)
+ printf("%s (%s) -> %s\n", map[i].nt_name, string_sid, gidtoname(map[i].gid));
+ else {
+ printf("%s\n", map[i].nt_name);
+ printf("\tSID : %s\n", string_sid);
+ printf("\tUnix group: %s\n", gidtoname(map[i].gid));
+ printf("\tGroup type: %s\n", group_type);
+ printf("\tComment : %s\n", map[i].comment);
+ printf("\tPrivilege : %s\n\n", priv_text);
+ }
}
return 0;
int main (int argc, char **argv)
{
int ch;
- static pstring servicesf = CONFIGFILE;
BOOL add_group = False;
BOOL view_group = False;
BOOL change_group = False;
BOOL nt_group = False;
BOOL priv = False;
BOOL group_type = False;
-
+ BOOL long_list = False;
+
char *group = NULL;
char *sid = NULL;
char *ntgroup = NULL;
enum SID_NAME_USE sid_type;
- TimeInit();
-
setup_logging("groupedit", True);
if (argc < 2) {
return 0;
}
- if(!initialize_password_db(True)) {
- fprintf(stderr, "Can't setup password database vectors.\n");
+ if (!lp_load(dyn_CONFIGFILE,True,False,False)) {
+ fprintf(stderr, "Can't load %s - run testparm to debug it\n",
+ dyn_CONFIGFILE);
exit(1);
}
- if (!lp_load(servicesf,True,False,False)) {
- fprintf(stderr, "Can't load %s - run testparm to debug it\n",
- servicesf);
+ if(!initialize_password_db(True)) {
+ fprintf(stderr, "Can't setup password database vectors.\n");
exit(1);
}
- while ((ch = getopt(argc, argv, "a:c:d:n:p:t:u:vx:")) != EOF) {
+ if(pdb_generate_sam_sid()==False) {
+ printf("Can not read machine SID\n");
+ return 0;
+ }
+
+ while ((ch = getopt(argc, argv, "a:c:d:ln:p:st:u:vx:")) != EOF) {
switch(ch) {
case 'a':
add_group = True;
case 'd':
group_desc=optarg;
break;
+ case 'l':
+ long_list = True;
+ break;
case 'n':
nt_group = True;
ntgroup=optarg;
priv = True;
privilege=optarg;
break;
+ case 's':
+ long_list = False;
+ break;
case 't':
group_type = True;
groupt=optarg;
break;
}
}
-
- if (init_group_mapping()==False) {
- printf("Could not open tdb mapping file.\n");
- return 0;
- }
-
- if(pdb_generate_sam_sid()==False) {
- printf("Can not read machine SID\n");
- return 0;
- }
-
- default_group_mapping();
if (add_group)
return addgroup(group, sid_type, ntgroup, group_desc, privilege);
if (view_group)
- return listgroup(sid_type);
+ return listgroup(sid_type, long_list);
if (delete_group)
return deletegroup(group);
return 0;
}
-
-