#define GLOBALS_SNUM -1
static pstring servicesf = CONFIGFILE;
+static BOOL demo_mode = False;
+static BOOL have_write_access = False;
+static BOOL have_read_access = False;
+static int iNumNonAutoPrintServices = 0;
/*
* Password Management Globals
*/
-char user[] = "username";
-char old_pswd[] = "old_passwd";
-char new_pswd[] = "new_passwd";
-char new2_pswd[] = "new2_passwd";
-char chg_passwd_flag[] = "chg_passwd_flag";
-char add_user_flag[] = "add_user_flag";
-char disable_user_flag[] = "disable_user_flag";
-char enable_user_flag[] = "enable_user_flag";
+#define SWAT_USER "username"
+#define OLD_PSWD "old_passwd"
+#define NEW_PSWD "new_passwd"
+#define NEW2_PSWD "new2_passwd"
+#define CHG_S_PASSWD_FLAG "chg_s_passwd_flag"
+#define CHG_R_PASSWD_FLAG "chg_r_passwd_flag"
+#define ADD_USER_FLAG "add_user_flag"
+#define DELETE_USER_FLAG "delete_user_flag"
+#define DISABLE_USER_FLAG "disable_user_flag"
+#define ENABLE_USER_FLAG "enable_user_flag"
+#define RHOST "remote_host"
/* we need these because we link to locking*.o */
- void become_root(BOOL save_dir) {}
- void unbecome_root(BOOL restore_dir) {}
-/* We need this because we link to password.o */
-BOOL change_oem_password(struct smb_passwd *smbpw, char *new_passwd, BOOL override) {return False;}
+ void become_root(void) {}
+ void unbecome_root(void) {}
/****************************************************************************
****************************************************************************/
static int enum_index(int value, struct enum_list *enumlist)
{
-int i;
+ int i;
for (i=0;enumlist[i].name;i++)
if (value == enumlist[i].value) break;
return(i);
static char *fix_backslash(char *str)
{
-static char newstring[1024];
-char *p = newstring;
+ static char newstring[1024];
+ char *p = newstring;
while (*str) {
if (*str == '\\') {*p++ = '\\';*p++ = '\\';}
static char *make_parm_name(char *label)
{
-static char parmname[1024];
-char *p = parmname;
+ static char parmname[1024];
+ char *p = parmname;
while (*label) {
if (*label == ' ') *p++ = '_';
****************************************************************************/
static int include_html(char *fname)
{
- FILE *f = fopen(fname,"r");
+ FILE *f = sys_fopen(fname,"r");
char buf[1024];
int ret;
{
int i;
void *ptr = parm->ptr;
+ char* str;
if (parm->class == P_LOCAL && snum >= 0) {
ptr = lp_local_ptr(snum, ptr);
}
- printf("<tr><td><A HREF=\"/swat/help/smb.conf.5.html#%s\">?</A> %s</td><td>",
- stripspace(parm->label), parm->label);
+ str = stripspace(parm->label);
+ strupper (str);
+ printf("<tr><td><A HREF=\"/swat/help/smb.conf.5.html#%s\" target=\"docs\">Help</A> %s</td><td>",
+ str, parm->label);
switch (parm->type) {
case P_CHAR:
make_parm_name(parm->label),(char)(parm->def.cvalue));
break;
+ case P_LIST:
+ printf("<input type=text size=40 name=\"parm_%s\" value=\"",
+ make_parm_name(parm->label));
+ if (ptr) {
+ char** list = ptr;
+ for (;*list;list++) {
+ printf("%s%s", *list, ((*(list+1))?" ":""));
+ }
+ }
+ printf("\">");
+ printf("<input type=button value=\"Set Default\" onClick=\"swatform.parm_%s.value=\'",
+ make_parm_name(parm->label));
+ if (parm->def.lvalue) {
+ char **list = parm->def.lvalue;
+ for (; *list; list++) {
+ printf("%s%s", *list, ((*(list+1))?" ":""));
+ }
+ }
+ printf("\'\">");
+ break;
+
case P_STRING:
case P_USTRING:
printf("<input type=text size=40 name=\"parm_%s\" value=\"%s\">",
break;
case P_OCTAL:
- printf("<input type=text size=8 name=\"parm_%s\" value=0%o>", make_parm_name(parm->label), *(int *)ptr);
- printf("<input type=button value=\"Set Default\" onClick=\"swatform.parm_%s.value=\'0%o\'\">",
- make_parm_name(parm->label),(int)(parm->def.ivalue));
+ printf("<input type=text size=8 name=\"parm_%s\" value=%s>", make_parm_name(parm->label), octal_string(*(int *)ptr));
+ printf("<input type=button value=\"Set Default\" onClick=\"swatform.parm_%s.value=\'%s\'\">",
+ make_parm_name(parm->label),
+ octal_string((int)(parm->def.ivalue)));
break;
case P_ENUM:
printf("<select name=\"parm_%s\">",make_parm_name(parm->label));
- for (i=0;parm->enum_list[i].name;i++)
- printf("<option %s>%s",(*(int *)ptr)==parm->enum_list[i].value?"selected":"",parm->enum_list[i].name);
+ for (i=0;parm->enum_list[i].name;i++) {
+ if (i == 0 || parm->enum_list[i].value != parm->enum_list[i-1].value) {
+ printf("<option %s>%s",(*(int *)ptr)==parm->enum_list[i].value?"selected":"",parm->enum_list[i].name);
+ }
+ }
printf("</select>");
printf("<input type=button value=\"Set Default\" onClick=\"swatform.parm_%s.selectedIndex=\'%d\'\">",
make_parm_name(parm->label),enum_index((int)(parm->def.ivalue),parm->enum_list));
continue;
}
if (parm->flags & FLAG_HIDE) continue;
+ if (snum >= 0) {
+ if (printers & !(parm->flags & FLAG_PRINT)) continue;
+ if (!printers & !(parm->flags & FLAG_SHARE)) continue;
+ }
if (!advanced) {
- if (!printers && !(parm->flags & FLAG_BASIC)) {
+ if (!(parm->flags & FLAG_BASIC)) {
void *ptr = parm->ptr;
+ if (parm->class == P_LOCAL && snum >= 0) {
+ ptr = lp_local_ptr(snum, ptr);
+ }
+
switch (parm->type) {
case P_CHAR:
if (*(char *)ptr == (char)(parm->def.cvalue)) continue;
break;
+ case P_LIST:
+ if (!lp_list_compare(*(char ***)ptr,(char **)(parm->def.lvalue))) continue;
+ break;
+
case P_STRING:
case P_USTRING:
if (!strcmp(*(char **)ptr,(char *)(parm->def.svalue))) continue;
}
}
+/****************************************************************************
+ load the smb.conf file into loadparm.
+****************************************************************************/
+static BOOL load_config(BOOL save_def)
+{
+ lp_resetnumservices();
+ return lp_load(servicesf,False,save_def,False);
+}
+
/****************************************************************************
write a config file
****************************************************************************/
-static void write_config(FILE *f, BOOL show_defaults)
+static void write_config(FILE *f, BOOL show_defaults, char *(*dos_to_ext)(char *, BOOL))
{
fprintf(f, "# Samba config file created using SWAT\n");
fprintf(f, "# from %s (%s)\n", cgi_remote_host(), cgi_remote_addr());
- fprintf(f, "# Date: %s\n\n", timestring());
+ fprintf(f, "# Date: %s\n\n", timestring(False));
- lp_dump(f, show_defaults);
+ lp_dump(f, show_defaults, iNumNonAutoPrintServices, dos_to_ext);
}
/****************************************************************************
save and reoad the smb.conf config file
****************************************************************************/
-static int save_reload(void)
+static int save_reload(int snum)
{
FILE *f;
+ struct stat st;
- f = fopen(servicesf,"w");
+ f = sys_fopen(servicesf,"w");
if (!f) {
printf("failed to open %s for writing\n", servicesf);
return 0;
}
- write_config(f, False);
+ /* just in case they have used the buggy xinetd to create the file */
+ if (fstat(fileno(f), &st) == 0 &&
+ (st.st_mode & S_IWOTH)) {
+ fchmod(fileno(f), S_IWUSR | S_IRUSR | S_IRGRP | S_IROTH);
+ }
+
+ write_config(f, False, _dos_to_unix);
+ if (snum)
+ lp_dump_one(f, False, snum, _dos_to_unix);
fclose(f);
lp_killunused(NULL);
- if (!lp_load(servicesf,False,False,False)) {
+ if (!load_config(False)) {
printf("Can't reload %s\n", servicesf);
return 0;
}
+ iNumNonAutoPrintServices = lp_numservices();
+ load_printers();
return 1;
}
int i;
char *s;
+ /* lp_do_parameter() will do unix_to_dos(v). */
+ if(parm->flags & FLAG_DOS_STRING)
+ dos_to_unix(v, True);
+
if (snum < 0 && parm->class == P_LOCAL) {
/* this handles the case where we are changing a local
variable globally. We need to change the parameter in
}
}
-/****************************************************************************
- load the smb.conf file into loadparm.
-****************************************************************************/
-static void load_config(void)
-{
- if (!lp_load(servicesf,False,True,False)) {
- printf("<b>Can't load %s - using defaults</b><p>\n",
- servicesf);
- }
-}
-
/****************************************************************************
spit out the html for a link with an image
****************************************************************************/
static void image_link(char *name,char *hlink, char *src)
{
- printf("<A HREF=\"%s/%s\"><img src=\"/swat/%s\" alt=\"%s\"></A>\n",
+ printf("<A HREF=\"%s/%s\"><img border=\"0\" src=\"/swat/%s\" alt=\"%s\"></A>\n",
cgi_baseurl(), hlink, src, name);
}
****************************************************************************/
static void show_main_buttons(void)
{
- image_link("Home", "", "images/home.gif");
+ char *p;
+
+ if ((p = cgi_user_name()) && strcmp(p, "root")) {
+ printf("Logged in as <b>%s</b><p>\n", p);
+ }
- /* Root gets full functionality */
- if (am_root() == True) {
+ image_link("Home", "", "images/home.gif");
+ if (have_write_access) {
image_link("Globals", "globals", "images/globals.gif");
image_link("Shares", "shares", "images/shares.gif");
image_link("Printers", "printers", "images/printers.gif");
+ }
+ if (have_read_access) {
image_link("Status", "status", "images/status.gif");
image_link("View Config", "viewconfig","images/viewconfig.gif");
}
-
- /* Everyone gets this functionality */
image_link("Password Management", "passwd", "images/passwd.gif");
printf("<HR>\n");
}
printf("<p><pre>");
- write_config(stdout, full_view);
+ write_config(stdout, full_view, _dos_to_dos);
printf("</pre>");
printf("</form>\n");
}
if (cgi_variable("Commit")) {
commit_parameters(GLOBALS_SNUM);
- save_reload();
+ save_reload(0);
}
printf("<FORM name=\"swatform\" method=post>\n");
- printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
+ if (have_write_access) {
+ printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
+ }
+
printf("<input type=reset name=\"Reset Values\" value=\"Reset Values\">\n");
if (advanced == 0) {
printf("<input type=submit name=\"Advanced\" value=\"Advanced View\">\n");
}
/****************************************************************************
- display a shares editing page
+ display a shares editing page. share is in unix codepage, and must be in
+ dos codepage. FIXME !!! JRA.
****************************************************************************/
static void shares_page(void)
{
if (cgi_variable("Commit") && snum >= 0) {
commit_parameters(snum);
- save_reload();
+ save_reload(0);
}
if (cgi_variable("Delete") && snum >= 0) {
lp_remove_service(snum);
- save_reload();
+ save_reload(0);
share = NULL;
snum = -1;
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- lp_copy_service(GLOBALS_SNUM, share);
- save_reload();
+ /* add_a_service() which is called by lp_copy_service()
+ will do unix_to_dos() conversion, so we need dos_to_unix() before the lp_copy_service(). */
+ pstring unix_share;
+ pstrcpy(unix_share, dos_to_unix(share, False));
+ load_config(False);
+ lp_copy_service(GLOBALS_SNUM, unix_share);
+ iNumNonAutoPrintServices = lp_numservices();
+ save_reload(0);
snum = lp_servicenumber(share);
}
printf("<FORM name=\"swatform\" method=post>\n");
printf("<table>\n");
- printf("<tr><td><input type=submit name=selectshare value=\"Choose Share\"></td>\n");
+ printf("<tr>\n");
+ printf("<td><input type=submit name=selectshare value=\"Choose Share\"></td>\n");
printf("<td><select name=share>\n");
if (snum < 0)
printf("<option value=\" \"> \n");
s, s);
}
}
- printf("</select></td></tr><p>");
-
- printf("<tr><td><input type=submit name=createshare value=\"Create Share\"></td>\n");
- printf("<td><input type=text size=30 name=newshare></td></tr>\n");
+ printf("</select></td>\n");
+ if (have_write_access) {
+ printf("<td><input type=submit name=\"Delete\" value=\"Delete Share\"></td>\n");
+ }
+ printf("</tr>\n");
+ printf("</table>");
+ printf("<table>");
+ if (have_write_access) {
+ printf("<tr>\n");
+ printf("<td><input type=submit name=createshare value=\"Create Share\"></td>\n");
+ printf("<td><input type=text size=30 name=newshare></td></tr>\n");
+ }
printf("</table>");
if (snum >= 0) {
- printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
- printf("<input type=submit name=\"Delete\" value=\"Delete Share\">\n");
+ if (have_write_access) {
+ printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
+ }
+
+ printf("<input type=reset name=\"Reset Values\" value=\"Reset Values\">\n");
if (advanced == 0) {
printf("<input type=submit name=\"Advanced\" value=\"Advanced View\">\n");
} else {
printf("</FORM>\n");
}
-/****************************************************************************
-****************************************************************************/
-static void sig_pipe ( int signo)
-{
- printf("<p> SIGPIPE caught\n");
-}
-
-/****************************************************************************
- create 2 pipes and use them to feed the smbpasswd program
-****************************************************************************/
-static BOOL talk_to_smbpasswd(char *old, char *new)
+/*************************************************************
+change a password either locally or remotely
+*************************************************************/
+static BOOL change_password(const char *remote_machine, char *user_name,
+ char *old_passwd, char *new_passwd,
+ int local_flags)
{
- int i, n, fd1[2], fd2[2];
- pid_t pid;
- BOOL rslt;
- char line[MAX_STRINGLEN + 2]; /* one for newline, one for null */
+ BOOL ret = False;
+ pstring err_str;
+ pstring msg_str;
- if (signal(SIGPIPE, sig_pipe) == SIG_ERR) {
- printf("<p> signal error");
+ if (demo_mode) {
+ printf("password change in demo mode rejected\n<p>");
+ return False;
}
-
- if ((pipe(fd1) < 0) || (pipe(fd2) < 0)) {
- printf("<p> pipe error");
+
+ if (remote_machine != NULL) {
+ ret = remote_password_change(remote_machine, user_name, old_passwd,
+ new_passwd, err_str, sizeof(err_str));
+ if(*err_str)
+ printf("%s\n<p>", err_str);
+ return ret;
}
- if ((pid = fork()) < 0) {
- printf("<p> fork error");
+ if(!initialize_password_db(True)) {
+ printf("Can't setup password database vectors.\n<p>");
+ return False;
}
-
- /*
- * Create this relationship with the pipes between the parent and
- * the child as detailed below.
- *
- * parent -> fd1[1] -- fd1[0] -> child
- * parent <- fd2[0] -- fd2[1] <- child
- *
- * fd1[0] is turned into child's stdin
- * fd2[1] is turned into child's stdout
- * fd2[1] is also turned into child's stderr
- *
- */
- else if (pid > 0) { /* parent */
-
- int to_child = fd1[1];
- int from_child = fd2[0];
- int wstat;
-
- close(fd1[0]); /* parent doesn't need input side of pipe fd1 */
- close(fd2[1]); /* parent doesn't need output side of pipe fd2 */
-
- /*
- * smbpasswd doesn't require any input to disable or enable a user
- */
- if (!cgi_variable(disable_user_flag) && !cgi_variable(enable_user_flag)) {
- /*
- * smbpasswd requires a regular old user to send their old password
- */
- if (am_root() == False) {
- n = (strlen(old) <= (MAX_STRINGLEN)) ? strlen(old) : (MAX_STRINGLEN);
- strncpy( line, old, n);
- line[n] = '\n'; n++; /* add carriage return */
- line[n] = 0; /* add null terminator, for debug */
- if (write( to_child, line, n) != n) {
- printf("<p> error on write to child");
- }
- }
-
- /*
- * smbpasswd requires that the new password be sent to it twice
- */
- for( i=0; i<2; i++) {
- n = (strlen(new) <= (MAX_STRINGLEN)) ? strlen(new) : (MAX_STRINGLEN);
- strncpy( line, new, n);
- line[n] = '\n'; n++; /* add carriage return */
- line[n] = 0; /* add null terminator, for debug */
- if (write( to_child, line, n) != n) {
- printf("<p> error on write to child");
- break;
- }
- }
- }
-
- /*
- * Wait for smbpasswd to finish
- */
- if (sys_waitpid(pid, &wstat, 0) < 0) {
- printf("<p> problem waiting");
- }
-
- /*
- * Read the answer from the add program
- */
- memset( line, '\0', sizeof(line));
- if ((n = read( from_child, line, MAX_STRINGLEN)) < 0) {
- printf("<p> error on read from child");
- }
-
- /*
- * Write the response from smbpasswd to user, if all is well
- * line[] should be just a null terminated line. We could
- * check for the null line and not print anything, but we
- * really should be checking the exit code if we want to be
- * sure.
- */
- line[n] = 0; /* null terminate */
- printf("<p> %s\n",line);
- close(to_child);
- close(from_child);
-
- if (line[0] == '\0') {
- rslt = True; /* All ok */
- } else {
- rslt = False; /* Something didn't work */
- }
-
- } else { /* child */
-
- int from_parent = fd1[0];
- int to_parent = fd2[1];
-
- close(fd1[1]); /* child doesn't need output side of pipe fd1 */
- close(fd2[0]); /* child doesn't need input side of pipe fd2 */
-
- /*
- * Turn the from_parent pipe into the childs stdin
- */
- if (from_parent != STDIN_FILENO) {
- if (dup2( from_parent, STDIN_FILENO) != STDIN_FILENO) {
- printf("<p> dup2 error of stdin");
- }
- close( from_parent);
- }
+ ret = local_password_change(user_name, local_flags, new_passwd, err_str, sizeof(err_str),
+ msg_str, sizeof(msg_str));
- /*
- * Turn the to_parent pipe into the childs stdout
- */
- if (to_parent != STDOUT_FILENO) {
- if (dup2( to_parent, STDOUT_FILENO) != STDOUT_FILENO) {
- printf("<p> dup2 error of stdout");
- }
- close( to_parent);
- }
- /*
- * Make the childs stderr the to_parent pipe also
- */
- if (dup2( STDOUT_FILENO, STDERR_FILENO) != STDERR_FILENO) {
- printf("<p> dup2 error of stdout");
- }
+ if(*msg_str)
+ printf("%s\n<p>", msg_str);
+ if(*err_str)
+ printf("%s\n<p>", err_str);
-
- /* Root can do more */
- if (am_root() == True) {
- if (cgi_variable(add_user_flag)) {
- /*
- * Add a user
- */
- if (execl(SMB_PASSWD_PROGRAM, "smbpasswd", "-s", "-a", cgi_variable(user), (char *) 0) < 0) {
- printf("<p> execl error of smbpasswd");
- }
- } else if (cgi_variable(disable_user_flag)) {
- /*
- * Disable a user
- */
- if (execl(SMB_PASSWD_PROGRAM, "smbpasswd", "-s", "-d", cgi_variable(user), (char *) 0) < 0) {
- printf("<p> execl error of smbpasswd");
- }
- } else if (cgi_variable(enable_user_flag)) {
- /*
- * Enable a user
- */
- if (execl(SMB_PASSWD_PROGRAM, "smbpasswd", "-s", "-e", cgi_variable(user), (char *) 0) < 0) {
- printf("<p> execl error of smbpasswd");
- }
- } else {
- /*
- * Change a users password
- */
- if (execl(SMB_PASSWD_PROGRAM, "smbpasswd", "-s", cgi_variable(user), (char *) 0) < 0) {
- printf("<p> execl error of smbpasswd");
- }
- }
- } else {
- /*
- * Ordinary users can change any users passwd if they know the old passwd
- */
- if (execl(SMB_PASSWD_PROGRAM, "smbpasswd", "-s", (char *) 0) < 0) {
- printf("<p> execl error of smbpasswd");
- }
- }
- }
- return(rslt);
-}
-
-/****************************************************************************
- become the specified uid - permanently !
-****************************************************************************/
-
-BOOL become_user_permanently(uid_t uid, gid_t gid)
-{
-
- if (geteuid() != 0) {
- return(True);
- }
-
- /* now completely lose our privilages. This is a fairly paranoid
- way of doing it, but it does work on all systems that I know of */
-
-#ifdef HAVE_SETRESUID
- /*
- * Firstly ensure all our uids are set to root.
- */
- setresgid(0,0,0);
- setresuid(0,0,0);
-
- /*
- * Now ensure we change all our gids.
- */
- setresgid(gid,gid,gid);
-
- /*
- * Now ensure all the uids are the user.
- */
- setresuid(uid,uid,uid);
-#else
- /*
- * Firstly ensure all our uids are set to root.
- */
- setuid(0);
- seteuid(0);
-
- /*
- * Now ensure we change all our gids.
- */
- setgid(gid);
- setegid(gid);
-
- /*
- * Now ensure all the uids are the user.
- */
- setuid(uid);
- seteuid(uid);
-#endif
-
- if (getuid() != uid || geteuid() != uid ||
- getgid() != gid || getegid() != gid) {
- /* We failed to lose our privilages. */
- return False;
- }
-
- return(True);
+ return ret;
}
/****************************************************************************
****************************************************************************/
static void chg_passwd(void)
{
- struct passwd *pass = NULL;
+ char *host;
BOOL rslt;
+ int local_flags = 0;
/* Make sure users name has been specified */
- if (strlen(cgi_variable(user)) == 0) {
+ if (strlen(cgi_variable(SWAT_USER)) == 0) {
printf("<p> Must specify \"User Name\" \n");
return;
}
/*
- * smbpasswd doesn't require anything but the users name to disable or enable the user,
+ * smbpasswd doesn't require anything but the users name to delete, disable or enable the user,
* so if that's what we're doing, skip the rest of the checks
*/
- if (!cgi_variable(disable_user_flag) && !cgi_variable(enable_user_flag)) {
+ if (!cgi_variable(DISABLE_USER_FLAG) && !cgi_variable(ENABLE_USER_FLAG) && !cgi_variable(DELETE_USER_FLAG)) {
- /* If current user is not root, make sure old password has been specified */
- if ((am_root() == False) && (strlen( cgi_variable(old_pswd)) <= 0)) {
+ /*
+ * If current user is not root, make sure old password has been specified
+ * If REMOTE change, even root must provide old password
+ */
+ if (((!am_root()) && (strlen( cgi_variable(OLD_PSWD)) <= 0)) ||
+ ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(OLD_PSWD)) <= 0))) {
printf("<p> Must specify \"Old Password\" \n");
return;
}
+ /* If changing a users password on a remote hosts we have to know what host */
+ if ((cgi_variable(CHG_R_PASSWD_FLAG)) && (strlen( cgi_variable(RHOST)) <= 0)) {
+ printf("<p> Must specify \"Remote Machine\" \n");
+ return;
+ }
+
/* Make sure new passwords have been specified */
- if ((strlen( cgi_variable(new_pswd )) <= 0) ||
- (strlen( cgi_variable(new2_pswd)) <= 0)) {
+ if ((strlen( cgi_variable(NEW_PSWD)) <= 0) ||
+ (strlen( cgi_variable(NEW2_PSWD)) <= 0)) {
printf("<p> Must specify \"New, and Re-typed Passwords\" \n");
return;
}
/* Make sure new passwords was typed correctly twice */
- if (strcmp(cgi_variable(new_pswd), cgi_variable(new2_pswd)) != 0) {
+ if (strcmp(cgi_variable(NEW_PSWD), cgi_variable(NEW2_PSWD)) != 0) {
printf("<p> Re-typed password didn't match new password\n");
return;
}
}
-#ifdef SWAT_DEBUG
- if (pass) printf("<p> User uid %d gid %d \n", pass->pw_uid, pass->pw_gid);
- printf("<p> Processes uid %d, euid %d, gid %d, egid %d \n",getuid(),geteuid(),getgid(),getegid());
- printf("<p> User Name %s \n", cgi_variable(user));
- printf("<p> Old passwd %s \n", cgi_variable(old_pswd) ? cgi_variable(old_pswd):"");
- printf("<p> New passwd %s \n", cgi_variable(new_pswd));
- printf("<p> Re-typed New passwd %s \n", cgi_variable(new2_pswd));
- printf("<p> flags '%s', '%s', '%s' \n",
- (cgi_variable( chg_passwd_flag) ? cgi_variable( chg_passwd_flag) : ""),
- (cgi_variable( add_user_flag) ? cgi_variable( add_user_flag) : ""),
- (cgi_variable( disable_user_flag) ? cgi_variable( disable_user_flag) : ""));
- (cgi_variable( enable_user_flag) ? cgi_variable( enable_user_flag) : ""));
-#endif /* SWAT_DEBUG */
-
-
- rslt = talk_to_smbpasswd( cgi_variable(old_pswd), cgi_variable(new_pswd));
- if (am_root() == False) {
+ if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+ host = cgi_variable(RHOST);
+ } else if (am_root()) {
+ host = NULL;
+ } else {
+ host = "127.0.0.1";
+ }
+
+ /*
+ * Set up the local flags.
+ */
+
+ local_flags |= (cgi_variable(ADD_USER_FLAG) ? LOCAL_ADD_USER : 0);
+ local_flags |= (cgi_variable(DELETE_USER_FLAG) ? LOCAL_DELETE_USER : 0);
+ local_flags |= (cgi_variable(ENABLE_USER_FLAG) ? LOCAL_ENABLE_USER : 0);
+ local_flags |= (cgi_variable(DISABLE_USER_FLAG) ? LOCAL_DISABLE_USER : 0);
+
+ rslt = change_password(host,
+ cgi_variable(SWAT_USER),
+ cgi_variable(OLD_PSWD), cgi_variable(NEW_PSWD),
+ local_flags);
+
+ if(local_flags == 0) {
if (rslt == True) {
- printf("<p> The passwd for '%s' has been changed. \n",cgi_variable(user));
+ printf("<p> The passwd for '%s' has been changed. \n", cgi_variable(SWAT_USER));
} else {
- printf("<p> The passwd for '%s' has NOT been changed. \n",cgi_variable(user));
+ printf("<p> The passwd for '%s' has NOT been changed. \n",cgi_variable(SWAT_USER));
}
}
****************************************************************************/
static void passwd_page(void)
{
- char *new_name;
+ char *new_name = cgi_user_name();
- printf("<H2>Password Manager</H2>\n");
+ /*
+ * After the first time through here be nice. If the user
+ * changed the User box text to another users name, remember it.
+ */
+ if (cgi_variable(SWAT_USER)) {
+ new_name = cgi_variable(SWAT_USER);
+ }
+
+ if (!new_name) new_name = "";
+
+ printf("<H2>Server Password Management</H2>\n");
printf("<FORM name=\"swatform\" method=post>\n");
printf("<table>\n");
/*
- * After the first time through here be nice. If the user
- * changed the User box text to another users name, remember it.
+ * Create all the dialog boxes for data collection
*/
- if ( cgi_variable(user) &&
- (strcmp(cgi_variable(user), get_user_name()))) {
- /* User is changing another accounts passwd */
- new_name = cgi_variable(user);
- } else {
- /* User is changing there own passwd */
- new_name = get_user_name();
+ printf("<tr><td> User Name : </td>\n");
+ printf("<td><input type=text size=30 name=%s value=%s></td></tr> \n", SWAT_USER, new_name);
+ if (!am_root()) {
+ printf("<tr><td> Old Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr> \n",OLD_PSWD);
}
+ printf("<tr><td> New Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
+ printf("<tr><td> Re-type New Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
+ printf("</table>\n");
- printf("<p> User Name : <input type=text size=30 name=%s value=%s> \n", user, new_name);
- if (am_root() == False) {
- printf("<p> Old Password: <input type=password size=30 name=%s>\n",old_pswd);
- }
- printf("<p> New Password: <input type=password size=30 name=%s>\n",new_pswd);
- printf("<p> Re-type New Password: <input type=password size=30 name=%s>\n",new2_pswd);
-
- printf("</select></td></tr><p>");
- printf("<tr><td>");
- printf("<input type=submit name=%s value=\"Change Password\">", chg_passwd_flag);
- if (am_root() == True) {
- printf("<input type=submit name=%s value=\"Add New User\">", add_user_flag);
- printf("<input type=submit name=%s value=\"Disable User\">", disable_user_flag);
- printf("<input type=submit name=%s value=\"Enable User\">", enable_user_flag);
+ /*
+ * Create all the control buttons for requesting action
+ */
+ printf("<input type=submit name=%s value=\"Change Password\">\n",
+ CHG_S_PASSWD_FLAG);
+ if (demo_mode || am_root()) {
+ printf("<input type=submit name=%s value=\"Add New User\">\n",
+ ADD_USER_FLAG);
+ printf("<input type=submit name=%s value=\"Delete User\">\n",
+ DELETE_USER_FLAG);
+ printf("<input type=submit name=%s value=\"Disable User\">\n",
+ DISABLE_USER_FLAG);
+ printf("<input type=submit name=%s value=\"Enable User\">\n",
+ ENABLE_USER_FLAG);
}
- printf("</td>\n");
+ printf("<p></FORM>\n");
/*
- * If we don't have user information then there's nothing to do. It's probably
- * the first time through this code.
- */
- if (cgi_variable(user)) {
+ * Do some work if change, add, disable or enable was
+ * requested. It could be this is the first time through this
+ * code, so there isn't anything to do. */
+ if ((cgi_variable(CHG_S_PASSWD_FLAG)) || (cgi_variable(ADD_USER_FLAG)) || (cgi_variable(DELETE_USER_FLAG)) ||
+ (cgi_variable(DISABLE_USER_FLAG)) || (cgi_variable(ENABLE_USER_FLAG))) {
chg_passwd();
}
+ printf("<H2>Client/Server Password Management</H2>\n");
+
+ printf("<FORM name=\"swatform\" method=post>\n");
+
+ printf("<table>\n");
+
+ /*
+ * Create all the dialog boxes for data collection
+ */
+ printf("<tr><td> User Name : </td>\n");
+ printf("<td><input type=text size=30 name=%s value=%s></td></tr>\n",SWAT_USER, new_name);
+ printf("<tr><td> Old Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr>\n",OLD_PSWD);
+ printf("<tr><td> New Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW_PSWD);
+ printf("<tr><td> Re-type New Password : </td>\n");
+ printf("<td><input type=password size=30 name=%s></td></tr>\n",NEW2_PSWD);
+ printf("<tr><td> Remote Machine : </td>\n");
+ printf("<td><input type=text size=30 name=%s></td></tr>\n",RHOST);
+
printf("</table>");
- printf("</FORM>\n");
+ /*
+ * Create all the control buttons for requesting action
+ */
+ printf("<input type=submit name=%s value=\"Change Password\">",
+ CHG_R_PASSWD_FLAG);
+
+ printf("<p></FORM>\n");
+
+ /*
+ * Do some work if a request has been made to change the
+ * password somewhere other than the server. It could be this
+ * is the first time through this code, so there isn't
+ * anything to do. */
+ if (cgi_variable(CHG_R_PASSWD_FLAG)) {
+ chg_passwd();
+ }
+
}
/****************************************************************************
printf("<H2>Printer Parameters</H2>\n");
+ printf("<H3>Important Note:</H3>\n");
+ printf("Printer names marked with [*] in the Choose Printer drop-down box ");
+ printf("are autoloaded printers from ");
+ printf("<A HREF=\"/swat/help/smb.conf.5.html#PRINTCAPNAME\" target=\"docs\">Printcap Name</A>.\n");
+ printf("Attempting to delete these printers from SWAT will have no effect.\n");
+
if (cgi_variable("Advanced") && !cgi_variable("Basic"))
advanced = 1;
if (cgi_variable("Commit") && snum >= 0) {
commit_parameters(snum);
- save_reload();
+ if (snum >= iNumNonAutoPrintServices)
+ save_reload(snum);
+ else
+ save_reload(0);
}
if (cgi_variable("Delete") && snum >= 0) {
lp_remove_service(snum);
- save_reload();
+ save_reload(0);
share = NULL;
snum = -1;
}
if (cgi_variable("createshare") && (share=cgi_variable("newshare"))) {
- lp_copy_service(GLOBALS_SNUM, share);
+ /* add_a_service() which is called by lp_copy_service()
+ will do unix_to_dos() conversion, so we need dos_to_unix() before the lp_copy_service(). */
+ pstring unix_share;
+ pstrcpy(unix_share, dos_to_unix(share, False));
+ load_config(False);
+ lp_copy_service(GLOBALS_SNUM, unix_share);
+ iNumNonAutoPrintServices = lp_numservices();
snum = lp_servicenumber(share);
lp_do_parameter(snum, "print ok", "Yes");
- save_reload();
+ save_reload(0);
snum = lp_servicenumber(share);
}
for (i=0;i<lp_numservices();i++) {
s = lp_servicename(i);
if (s && (*s) && strcmp(s,"IPC$") && lp_print_ok(i)) {
+ if (i >= iNumNonAutoPrintServices)
+ printf("<option %s value=\"%s\">[*]%s\n",
+ (share && strcmp(share,s)==0)?"SELECTED":"",
+ s, s);
+ else
printf("<option %s value=\"%s\">%s\n",
(share && strcmp(share,s)==0)?"SELECTED":"",
s, s);
}
}
- printf("</select></td></tr><p>");
+ printf("</select></td>");
+ if (have_write_access) {
+ printf("<td><input type=submit name=\"Delete\" value=\"Delete Printer\"></td>\n");
+ }
+ printf("</tr>");
+ printf("</table>\n");
- printf("<tr><td><input type=submit name=createshare value=\"Create Printer\"></td>\n");
- printf("<td><input type=text size=30 name=newshare></td></tr>\n");
- printf("</table>");
+ if (have_write_access) {
+ printf("<table>\n");
+ printf("<tr><td><input type=submit name=createshare value=\"Create Printer\"></td>\n");
+ printf("<td><input type=text size=30 name=newshare></td></tr>\n");
+ printf("</table>");
+ }
if (snum >= 0) {
- printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
- printf("<input type=submit name=\"Delete\" value=\"Delete Printer\">\n");
+ if (have_write_access) {
+ printf("<input type=submit name=\"Commit\" value=\"Commit Changes\">\n");
+ }
+ printf("<input type=reset name=\"Reset Values\" value=\"Reset Values\">\n");
if (advanced == 0) {
printf("<input type=submit name=\"Advanced\" value=\"Advanced View\">\n");
} else {
extern FILE *dbf;
int opt;
char *page;
- int auth_required = 1;
+
+ fault_setup(NULL);
+ umask(S_IWGRP | S_IWOTH);
+
+#if defined(HAVE_SET_AUTH_PARAMETERS)
+ set_auth_parameters(argc, argv);
+#endif /* HAVE_SET_AUTH_PARAMETERS */
/* just in case it goes wild ... */
alarm(300);
- dbf = fopen("/dev/null", "w");
+ /* we don't want any SIGPIPE messages */
+ BlockSignals(True,SIGPIPE);
+ dbf = sys_fopen("/dev/null", "w");
if (!dbf) dbf = stderr;
+ /* we don't want stderr screwing us up */
+ close(2);
+ open("/dev/null", O_WRONLY);
+
while ((opt = getopt(argc, argv,"s:a")) != EOF) {
switch (opt) {
case 's':
pstrcpy(servicesf,optarg);
break;
case 'a':
- auth_required = 0;
+ demo_mode = True;
break;
}
}
- cgi_setup(SWATDIR, auth_required);
+ setup_logging(argv[0],False);
+ charset_initialise();
+ load_config(True);
+ iNumNonAutoPrintServices = lp_numservices();
+ load_printers();
+
+ cgi_setup(SWATDIR, !demo_mode);
print_header();
- charset_initialise();
+ cgi_load_variables(NULL);
- /* if this binary is setuid then run completely as root */
- setuid(0);
+ if (!file_exist(servicesf, NULL)) {
+ have_read_access = True;
+ have_write_access = True;
+ } else {
+ /* check if the authenticated user has write access - if not then
+ don't show write options */
+ have_write_access = (access(servicesf,W_OK) == 0);
- load_config();
+ /* if the user doesn't have read access to smb.conf then
+ don't let them view it */
+ have_read_access = (access(servicesf,R_OK) == 0);
+ }
- cgi_load_variables(NULL);
show_main_buttons();
page = cgi_pathinfo();
/* Root gets full functionality */
- if (am_root() == True) {
- if (strcmp(page, "globals")==0) {
- globals_page();
- } else if (strcmp(page,"shares")==0) {
- shares_page();
- } else if (strcmp(page,"printers")==0) {
- printers_page();
- } else if (strcmp(page,"status")==0) {
- status_page();
- } else if (strcmp(page,"viewconfig")==0) {
- viewconfig_page();
- } else if (strcmp(page,"passwd")==0) {
- passwd_page();
- } else {
- welcome_page();
- }
+ if (have_read_access && strcmp(page, "globals")==0) {
+ globals_page();
+ } else if (have_read_access && strcmp(page,"shares")==0) {
+ shares_page();
+ } else if (have_read_access && strcmp(page,"printers")==0) {
+ printers_page();
+ } else if (have_read_access && strcmp(page,"status")==0) {
+ status_page();
+ } else if (have_read_access && strcmp(page,"viewconfig")==0) {
+ viewconfig_page();
+ } else if (strcmp(page,"passwd")==0) {
+ passwd_page();
} else {
- /* Everyone gets this functionality */
- if (strcmp(page,"passwd")==0) {
- passwd_page();
- } else {
- welcome_page();
- }
+ welcome_page();
}
-
+
print_footer();
return 0;
}
git.samba.org / ira / wip.git / blobdiff