if (StrnCaseCmp( input, "S-", 2)) {
/* Perhaps its the NT group name? */
- if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) {
+ if (!pdb_getgrnam(&map, input)) {
printf("NT Group %s doesn't exist in mapping DB\n", input);
return False;
} else {
{
fstring string_sid;
fstring group_type;
- fstring priv_text;
decode_sid_name_use(group_type, map.sid_name_use);
sid_to_string(string_sid, &map.sid);
- convert_priv_to_text(&(map.priv_set), priv_text);
if (!long_list)
d_printf("%s (%s) -> %s\n", map.nt_name, string_sid, gidtoname(map.gid));
d_printf("\tUnix group: %s\n", gidtoname(map.gid));
d_printf("\tGroup type: %s\n", group_type);
d_printf("\tComment : %s\n", map.comment);
- d_printf("\tPrivilege : %s\n\n", priv_text);
}
}
/*********************************************************
List the groups.
**********************************************************/
-int net_groupmap_list(int argc, const char **argv)
+static int net_groupmap_list(int argc, const char **argv)
{
int entries;
BOOL long_list = False;
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) {
+ if(!pdb_getgrsid(&map, sid)) {
d_printf("Failure to local group SID in the database\n");
return -1;
}
print_map_entry( map, long_list );
- free_privilege(&(map.priv_set));
}
else {
GROUP_MAP *map=NULL;
/* enumerate all group mappings */
- if ( !pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV) )
+ if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))
return -1;
for (i=0; i<entries; i++) {
print_map_entry( map[i], long_list );
- free_privilege(&(map[i].priv_set));
}
+
+ SAFE_FREE(map);
}
return 0;
Add a new group mapping entry
**********************************************************/
-int net_groupmap_add(int argc, const char **argv)
+static int net_groupmap_add(int argc, const char **argv)
{
- PRIVILEGE_SET se_priv;
DOM_SID sid;
fstring ntgroup = "";
fstring unixgrp = "";
fstrcpy( ntgroup, unixgrp );
- init_privilege(&se_priv);
-#if 0
- if (privilege!=NULL)
- convert_priv_from_text(&se_priv, privilege);
-#endif
-
- if (!add_initial_entry(gid, string_sid, sid_type, ntgroup,
- ntcomment, se_priv, PR_ACCESS_FROM_NETWORK) ) {
+ if (!add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment)) {
d_printf("adding entry for group %s failed!\n", ntgroup);
return -1;
}
- free_privilege(&se_priv);
-
d_printf("Successully added group %s to the mapping db\n", ntgroup);
return 0;
}
-int net_groupmap_modify(int argc, const char **argv)
+static int net_groupmap_modify(int argc, const char **argv)
{
DOM_SID sid;
GROUP_MAP map;
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) {
+ if(!pdb_getgrsid(&map, sid)) {
d_printf("Failure to local group SID in the database\n");
return -1;
}
* Allow changing of group type only between domain and local
* We disallow changing Builtin groups !!! (SID problem)
*/
- if ( sid_type != SID_NAME_UNKNOWN )
- {
- if ( map.sid_name_use == SID_NAME_WKN_GRP ) {
+ if (sid_type != SID_NAME_UNKNOWN) {
+ if (map.sid_name_use == SID_NAME_WKN_GRP) {
d_printf("You can only change between domain and local groups.\n");
return -1;
}
map.gid = gid;
}
-#if 0
- /* Change the privilege if new one */
- if (privilege!=NULL)
- convert_priv_from_text(&map.priv_set, privilege);
-#endif
-
if ( !pdb_update_group_mapping_entry(&map) ) {
d_printf("Could not update group database\n");
- free_privilege(&map.priv_set);
return -1;
}
- free_privilege(&map.priv_set);
-
d_printf("Updated mapping entry for %s\n", ntgroup);
return 0;
}
-int net_groupmap_delete(int argc, const char **argv)
+static int net_groupmap_delete(int argc, const char **argv)
{
DOM_SID sid;
fstring ntgroup = "";
return 0;
}
+int net_help_groupmap(int argc, const char **argv)
+{
+ d_printf("net groupmap add"\
+ "\n Create a new group mapping\n");
+ d_printf("net groupmap modify"\
+ "\n Update a group mapping\n");
+ d_printf("net groupmap delete"\
+ "\n Remove a group mapping\n");
+ d_printf("net groupmap list"\
+ "\n List current group map\n");
+
+ return -1;
+}
+
+
+/***********************************************************
+ migrated functionality from smbgroupedit
+ **********************************************************/
+int net_groupmap(int argc, const char **argv)
+{
+ struct functable func[] = {
+ {"add", net_groupmap_add},
+ {"modify", net_groupmap_modify},
+ {"delete", net_groupmap_delete},
+ {"list", net_groupmap_list},
+ {"help", net_help_groupmap},
+ {NULL, NULL}
+ };
+
+ /* we shouldn't have silly checks like this */
+ if (getuid() != 0) {
+ d_printf("You must be root to edit group mappings.\nExiting...\n");
+ return -1;
+ }
+
+ return net_run_function(argc, argv, func, net_help_groupmap);
+ if ( 0 == argc )
+ return net_help_groupmap( argc, argv );
+
+ return net_help_groupmap( argc, argv );
+}
+
git.samba.org / kai / samba-autobuild / .git / blobdiff