static_decl_idmap;
+static void idmap_init(void)
+{
+ static bool initialized;
+
+ if (initialized) {
+ return;
+ }
+
+ DEBUG(10, ("idmap_init(): calling static_init_idmap\n"));
+
+ static_init_idmap;
+
+ initialized = true;
+}
+
/**
* Pointer to the backend methods. Modules register themselves here via
* smb_register_idmap.
char *modulename;
char *params;
- DEBUG(10, ("idmap_init_default_domain: calling static_init_idmap\n"));
-
- static_init_idmap;
+ idmap_init();
if (!parse_idmap_module(talloc_tos(), lp_idmap_backend(), &modulename,
¶ms)) {
static struct idmap_domain *idmap_init_passdb_domain(TALLOC_CTX *mem_ctx)
{
+ idmap_init();
+
if (passdb_idmap_domain != NULL) {
return passdb_idmap_domain;
}
char *modulename, *params;
NTSTATUS ret = NT_STATUS_NO_MEMORY;;
+ idmap_init();
+
if (idmap_alloc_ctx != NULL) {
*ctx = idmap_alloc_ctx;
return NT_STATUS_OK;
idmap allocator interface functions
**************************************************************************/
-NTSTATUS idmap_allocate_uid(struct unixid *id)
+static NTSTATUS idmap_allocate_unixid(struct unixid *id)
{
- struct idmap_alloc_context *ctx;
+ struct idmap_domain *dom;
NTSTATUS ret;
- if (!NT_STATUS_IS_OK(ret = idmap_alloc_init(&ctx))) {
- return ret;
- }
-
- id->type = ID_TYPE_UID;
- return ctx->methods->allocate_id(id);
-}
+ dom = idmap_find_domain(NULL);
-NTSTATUS idmap_allocate_gid(struct unixid *id)
-{
- struct idmap_alloc_context *ctx;
- NTSTATUS ret;
+ if (dom == NULL) {
+ return NT_STATUS_UNSUCCESSFUL;
+ }
- if (!NT_STATUS_IS_OK(ret = idmap_alloc_init(&ctx))) {
- return ret;
+ if (dom->methods->allocate_id == NULL) {
+ return NT_STATUS_NOT_IMPLEMENTED;
}
- id->type = ID_TYPE_GID;
- return ctx->methods->allocate_id(id);
-}
+ ret = dom->methods->allocate_id(dom, id);
-NTSTATUS idmap_set_uid_hwm(struct unixid *id)
-{
- struct idmap_alloc_context *ctx;
- NTSTATUS ret;
+ return ret;
+}
- if (!NT_STATUS_IS_OK(ret = idmap_alloc_init(&ctx))) {
- return ret;
- }
+NTSTATUS idmap_allocate_uid(struct unixid *id)
+{
id->type = ID_TYPE_UID;
- return ctx->methods->set_id_hwm(id);
+ return idmap_allocate_unixid(id);
}
-NTSTATUS idmap_set_gid_hwm(struct unixid *id)
+NTSTATUS idmap_allocate_gid(struct unixid *id)
{
- struct idmap_alloc_context *ctx;
- NTSTATUS ret;
-
- if (!NT_STATUS_IS_OK(ret = idmap_alloc_init(&ctx))) {
- return ret;
- }
-
id->type = ID_TYPE_GID;
- return ctx->methods->set_id_hwm(id);
-}
-
-NTSTATUS idmap_new_mapping(const struct dom_sid *psid, enum id_type type,
- struct unixid *pxid)
-{
- struct dom_sid sid;
- struct idmap_domain *dom;
- struct id_map map;
- NTSTATUS status;
-
- dom = idmap_find_domain(NULL);
- if (dom == NULL) {
- DEBUG(3, ("no default domain, no place to write\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- if (dom->methods->set_mapping == NULL) {
- DEBUG(3, ("default domain not writable\n"));
- return NT_STATUS_MEDIA_WRITE_PROTECTED;
- }
-
- sid_copy(&sid, psid);
- map.sid = &sid;
- map.xid.type = type;
-
- switch (type) {
- case ID_TYPE_UID:
- status = idmap_allocate_uid(&map.xid);
- break;
- case ID_TYPE_GID:
- status = idmap_allocate_gid(&map.xid);
- break;
- default:
- status = NT_STATUS_INVALID_PARAMETER;
- break;
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(3, ("Could not allocate id: %s\n", nt_errstr(status)));
- return status;
- }
-
- map.status = ID_MAPPED;
-
- DEBUG(10, ("Setting mapping: %s <-> %s %lu\n",
- sid_string_dbg(map.sid),
- (map.xid.type == ID_TYPE_UID) ? "UID" : "GID",
- (unsigned long)map.xid.id));
-
- status = dom->methods->set_mapping(dom, &map);
-
- if (NT_STATUS_EQUAL(status, NT_STATUS_OBJECT_NAME_COLLISION)) {
- struct id_map *ids[2];
- DEBUG(5, ("Mapping for %s exists - retrying to map sid\n",
- sid_string_dbg(map.sid)));
- ids[0] = ↦
- ids[1] = NULL;
- status = dom->methods->sids_to_unixids(dom, ids);
- }
-
- if (!NT_STATUS_IS_OK(status)) {
- DEBUG(3, ("Could not store the new mapping: %s\n",
- nt_errstr(status)));
- return status;
- }
-
- *pxid = map.xid;
-
- return NT_STATUS_OK;
+ return idmap_allocate_unixid(id);
}
NTSTATUS idmap_backends_unixid_to_sid(const char *domname, struct id_map *id)
dom = idmap_init_passdb_domain(NULL);
if ((dom != NULL)
- && NT_STATUS_IS_OK(dom->methods->unixids_to_sids(dom, maps))) {
+ && NT_STATUS_IS_OK(dom->methods->unixids_to_sids(dom, maps))
+ && id->status == ID_MAPPED) {
return NT_STATUS_OK;
}
struct idmap_domain *dom;
struct id_map *maps[2];
- DEBUG(10, ("idmap_backend_sid_to_unixid: domain = '%s', sid = [%s]\n",
+ DEBUG(10, ("idmap_backends_sid_to_unixid: domain = '%s', sid = [%s]\n",
domain?domain:"NULL", sid_string_dbg(id->sid)));
maps[0] = id;
return dom->methods->sids_to_unixids(dom, maps);
}
-
-NTSTATUS idmap_set_mapping(const struct id_map *map)
-{
- struct idmap_domain *dom;
-
- dom = idmap_find_domain(NULL);
- if (dom == NULL) {
- DEBUG(3, ("no default domain, no place to write\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- if (dom->methods->set_mapping == NULL) {
- DEBUG(3, ("default domain not writable\n"));
- return NT_STATUS_MEDIA_WRITE_PROTECTED;
- }
-
- return dom->methods->set_mapping(dom, map);
-}
-
-NTSTATUS idmap_remove_mapping(const struct id_map *map)
-{
- struct idmap_domain *dom;
-
- dom = idmap_find_domain(NULL);
- if (dom == NULL) {
- DEBUG(3, ("no default domain, no place to write\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
- if (dom->methods->remove_mapping == NULL) {
- DEBUG(3, ("default domain not writable\n"));
- return NT_STATUS_MEDIA_WRITE_PROTECTED;
- }
-
- return dom->methods->remove_mapping(dom, map);
-}
git.samba.org / amitay / samba.git / blobdiff