git.samba.org / samba.git / blobdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | inline | side by side
r17669: Remove RID algorithm support from unmapped users and groups
[samba.git] / source3 / utils / net_groupmap.c
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index a96ac526bfcd571b46a1517f9a2e8329abaf10bb..4708efa908d9a5914298bc6b70fbc50cb484700a 100644 (file)
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -192,7 +192,16 @@ static int net_groupmap_add(int argc, const char **argv)
        uint32 rid = 0; 
        gid_t gid;
        int i;
+       GROUP_MAP map;
        
+       const char *name_type;
+
+       ZERO_STRUCT(map);
+
+       /* Default is domain group. */
+       map.sid_name_use = SID_NAME_DOM_GRP;
+       name_type = "domain group";
+
        /* get the options */
        for ( i=0; i<argc; i++ ) {
                if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) {
@@ -236,15 +245,21 @@ static int net_groupmap_add(int argc, const char **argv)
                                case 'b':
                                case 'B':
                                        sid_type = SID_NAME_WKN_GRP;
+                                       name_type = "wellknown group";
                                        break;
                                case 'd':
                                case 'D':
                                        sid_type = SID_NAME_DOM_GRP;
+                                       name_type = "domain group";
                                        break;
                                case 'l':
                                case 'L':
                                        sid_type = SID_NAME_ALIAS;
+                                       name_type = "alias (local) group";
                                        break;
+                               default:
+                                       d_fprintf(stderr, "unknown group type %s\n", type);
+                                       return -1;
                        }
                }
                else {
@@ -264,7 +279,6 @@ static int net_groupmap_add(int argc, const char **argv)
        }
 
        {
-               GROUP_MAP map;
                if (pdb_getgrgid(&map, gid)) {
                        d_printf("Unix group %s already mapped to SID %s\n",
                                 unixgrp, sid_string_static(&map.sid));
@@ -275,7 +289,7 @@ static int net_groupmap_add(int argc, const char **argv)
        if ( (rid == 0) && (string_sid[0] == '\0') ) {
                d_printf("No rid or sid specified, choosing a RID\n");
                if (pdb_rid_algorithm()) {
-                       rid = pdb_gid_to_group_rid(gid);
+                       rid = algorithmic_pdb_gid_to_group_rid(gid);
                } else {
                        if (!pdb_new_rid(&rid)) {
                                d_printf("Could not get new RID\n");
@@ -317,7 +331,8 @@ static int net_groupmap_add(int argc, const char **argv)
                return -1;
        }
 
-       d_printf("Successfully added group %s to the mapping db\n", ntgroup);
+       d_printf("Successfully added group %s to the mapping db as a %s\n",
+                ntgroup, name_type);
        return 0;
 }
 
@@ -413,15 +428,18 @@ static int net_groupmap_modify(int argc, const char **argv)
         * Allow changing of group type only between domain and local
         * We disallow changing Builtin groups !!! (SID problem)
         */ 
-       if (sid_type != SID_NAME_UNKNOWN) { 
-               if (map.sid_name_use == SID_NAME_WKN_GRP) {
-                       d_fprintf(stderr, "You can only change between domain and local groups.\n");
-                       return -1;
-               }
-               
-               map.sid_name_use=sid_type;
+       if (sid_type == SID_NAME_UNKNOWN) {
+               d_fprintf(stderr, "Can't map to an unknown group type.\n");
+               return -1;
+        }
+
+       if (map.sid_name_use == SID_NAME_WKN_GRP) {
+               d_fprintf(stderr, "You can only change between domain and local groups.\n");
+               return -1;
        }
 
+       map.sid_name_use=sid_type;
+
        /* Change comment if new one */
        if ( ntcomment[0] )
                fstrcpy( map.comment, ntcomment );
@@ -555,7 +573,14 @@ static int net_groupmap_set(int argc, const char **argv)
                map.gid = grp->gr_gid;
 
                if (opt_rid == 0) {
-                       opt_rid = pdb_gid_to_group_rid(map.gid);
+                       if ( pdb_rid_algorithm() )
+                               opt_rid = algorithmic_pdb_gid_to_group_rid(map.gid);
+                       else {
+                               if ( !pdb_new_rid((uint32*)&opt_rid) ) {
+                                       d_fprintf( stderr, "Could not allocate new RID\n");
+                                       return -1;
+                               }
+                       }
                }
 
                sid_copy(&map.sid, get_global_sam_sid());
Samba Shared Repository