X-Git-Url: http://git.samba.org/samba.git/?p=nivanova%2Fsamba-autobuild%2F.git;a=blobdiff_plain;f=source3%2Fgroupdb%2Fmapping.c;h=4cfe9957f4dcd98eeffa26c52acd0c47c773d378;hp=e14ad7d5092f15908149188d7e12d850e46e3e02;hb=cba7f8b8273e661d3c43652900d93e5a8eab4e5f;hpb=153cfb9c83534b09f15cc16205d7adb19b394928 diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index e14ad7d5092..4cfe9957f4d 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -28,29 +28,15 @@ static const struct mapping_backend *backend; /* initialise a group mapping backend */ -static BOOL init_group_mapping(void) +static bool init_group_mapping(void) { - const char *backend_string; - if (backend != NULL) { /* already initialised */ return True; } - - /* default to using the ldb backend. This parameter should - disappear in future versions of Samba3, but for now it - provides a safety net in case any major problems are - discovered with ldb after the release */ - backend_string = lp_parm_const_string(-1, "groupdb", "backend", "ldb"); - - if (strcmp(backend_string, "ldb") == 0) { - backend = groupdb_ldb_init(); - } else if (strcmp(backend_string, "tdb") == 0) { - backend = groupdb_tdb_init(); - } else { - DEBUG(0,("Unknown groupdb backend '%s'\n", backend_string)); - smb_panic("Unknown groupdb backend"); - } + + backend = groupdb_tdb_init(); + return backend != NULL; } @@ -65,13 +51,13 @@ NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum lsa_SidType sid_name DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_UNSUCCESSFUL; } - + map.gid=gid; if (!string_to_sid(&map.sid, sid)) { DEBUG(0, ("string_to_sid failed: %s", sid)); return NT_STATUS_UNSUCCESSFUL; } - + map.sid_name_use=sid_name_use; fstrcpy(map.nt_name, nt_name); fstrcpy(map.comment, comment); @@ -79,8 +65,8 @@ NTSTATUS add_initial_entry(gid_t gid, const char *sid, enum lsa_SidType sid_name return pdb_add_group_mapping_entry(&map); } -static NTSTATUS alias_memberships(const DOM_SID *members, size_t num_members, - DOM_SID **sids, size_t *num) +static NTSTATUS alias_memberships(const struct dom_sid *members, size_t num_members, + struct dom_sid **sids, size_t *num) { size_t i; @@ -96,8 +82,8 @@ static NTSTATUS alias_memberships(const DOM_SID *members, size_t num_members, } struct aliasmem_closure { - const DOM_SID *alias; - DOM_SID **sids; + const struct dom_sid *alias; + struct dom_sid **sids; size_t *num; }; @@ -115,11 +101,11 @@ struct aliasmem_closure { /* get a domain group from it's SID */ -BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) +bool get_domain_group_from_sid(struct dom_sid sid, GROUP_MAP *map) { struct group *grp; - BOOL ret; - + bool ret; + if(!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); return(False); @@ -128,27 +114,26 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) DEBUG(10, ("get_domain_group_from_sid\n")); /* if the group is NOT in the database, it CAN NOT be a domain group */ - + become_root(); ret = pdb_getgrsid(map, sid); unbecome_root(); - + /* special case check for rid 513 */ - + if ( !ret ) { uint32 rid; - + sid_peek_rid( &sid, &rid ); - - if ( rid == DOMAIN_GROUP_RID_USERS ) { + + if ( rid == DOMAIN_RID_USERS ) { fstrcpy( map->nt_name, "None" ); fstrcpy( map->comment, "Ordinary Users" ); sid_copy( &map->sid, &sid ); map->sid_name_use = SID_NAME_DOM_GRP; - + map->gid = (gid_t)-1; return True; } - return False; } @@ -160,13 +145,13 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) } DEBUG(10, ("get_domain_group_from_sid: SID is a domain group\n")); - + if (map->gid==-1) { return False; } DEBUG(10, ("get_domain_group_from_sid: SID is mapped to gid:%lu\n",(unsigned long)map->gid)); - + grp = getgrgid(map->gid); if ( !grp ) { DEBUG(10, ("get_domain_group_from_sid: gid DOESN'T exist in UNIX security\n")); @@ -184,17 +169,28 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map) int smb_create_group(const char *unix_group, gid_t *new_gid) { - pstring add_script; + char *add_script = NULL; int ret = -1; int fd = 0; - + *new_gid = 0; /* defer to scripts */ - + if ( *lp_addgroup_script() ) { - pstrcpy(add_script, lp_addgroup_script()); - pstring_sub(add_script, "%g", unix_group); + TALLOC_CTX *ctx = talloc_tos(); + + add_script = talloc_strdup(ctx, + lp_addgroup_script()); + if (!add_script) { + return -1; + } + add_script = talloc_string_sub(ctx, + add_script, "%g", unix_group); + if (!add_script) { + return -1; + } + ret = smbrun(add_script, &fd); DEBUG(ret ? 0 : 3,("smb_create_group: Running the command `%s' gave %d\n",add_script,ret)); if (ret == 0) { @@ -210,7 +206,7 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) if (read(fd, output, sizeof(output)) > 0) { *new_gid = (gid_t)strtoul(output, NULL, 10); } - + close(fd); } @@ -222,8 +218,8 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) if (grp != NULL) *new_gid = grp->gr_gid; } - - return ret; + + return ret; } /**************************************************************************** @@ -232,14 +228,24 @@ int smb_create_group(const char *unix_group, gid_t *new_gid) int smb_delete_group(const char *unix_group) { - pstring del_script; - int ret; + char *del_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_delgroup_script() ) { - pstrcpy(del_script, lp_delgroup_script()); - pstring_sub(del_script, "%g", unix_group); + TALLOC_CTX *ctx = talloc_tos(); + + del_script = talloc_strdup(ctx, + lp_delgroup_script()); + if (!del_script) { + return -1; + } + del_script = talloc_string_sub(ctx, + del_script, "%g", unix_group); + if (!del_script) { + return -1; + } ret = smbrun(del_script,NULL); DEBUG(ret ? 0 : 3,("smb_delete_group: Running the command `%s' gave %d\n",del_script,ret)); if (ret == 0) { @@ -247,24 +253,39 @@ int smb_delete_group(const char *unix_group) } return ret; } - + return -1; } /**************************************************************************** Set a user's primary UNIX group. ****************************************************************************/ + int smb_set_primary_group(const char *unix_group, const char* unix_user) { - pstring add_script; - int ret; + char *add_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_setprimarygroup_script() ) { - pstrcpy(add_script, lp_setprimarygroup_script()); - all_string_sub(add_script, "%g", unix_group, sizeof(add_script)); - all_string_sub(add_script, "%u", unix_user, sizeof(add_script)); + TALLOC_CTX *ctx = talloc_tos(); + + add_script = talloc_strdup(ctx, + lp_setprimarygroup_script()); + if (!add_script) { + return -1; + } + add_script = talloc_all_string_sub(ctx, + add_script, "%g", unix_group); + if (!add_script) { + return -1; + } + add_script = talloc_string_sub(ctx, + add_script, "%u", unix_user); + if (!add_script) { + return -1; + } ret = smbrun(add_script,NULL); flush_pwnam_cache(); DEBUG(ret ? 0 : 3,("smb_set_primary_group: " @@ -284,15 +305,29 @@ int smb_set_primary_group(const char *unix_group, const char* unix_user) int smb_add_user_group(const char *unix_group, const char *unix_user) { - pstring add_script; - int ret; + char *add_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_addusertogroup_script() ) { - pstrcpy(add_script, lp_addusertogroup_script()); - pstring_sub(add_script, "%g", unix_group); - pstring_sub(add_script, "%u", unix_user); + TALLOC_CTX *ctx = talloc_tos(); + + add_script = talloc_strdup(ctx, + lp_addusertogroup_script()); + if (!add_script) { + return -1; + } + add_script = talloc_string_sub(ctx, + add_script, "%g", unix_group); + if (!add_script) { + return -1; + } + add_script = talloc_string_sub(ctx, + add_script, "%u", unix_user); + if (!add_script) { + return -1; + } ret = smbrun(add_script,NULL); DEBUG(ret ? 0 : 3,("smb_add_user_group: Running the command `%s' gave %d\n",add_script,ret)); if (ret == 0) { @@ -300,7 +335,7 @@ int smb_add_user_group(const char *unix_group, const char *unix_user) } return ret; } - + return -1; } @@ -310,15 +345,29 @@ int smb_add_user_group(const char *unix_group, const char *unix_user) int smb_delete_user_group(const char *unix_group, const char *unix_user) { - pstring del_script; - int ret; + char *del_script = NULL; + int ret = -1; /* defer to scripts */ - + if ( *lp_deluserfromgroup_script() ) { - pstrcpy(del_script, lp_deluserfromgroup_script()); - pstring_sub(del_script, "%g", unix_group); - pstring_sub(del_script, "%u", unix_user); + TALLOC_CTX *ctx = talloc_tos(); + + del_script = talloc_strdup(ctx, + lp_deluserfromgroup_script()); + if (!del_script) { + return -1; + } + del_script = talloc_string_sub(ctx, + del_script, "%g", unix_group); + if (!del_script) { + return -1; + } + del_script = talloc_string_sub(ctx, + del_script, "%u", unix_user); + if (!del_script) { + return -1; + } ret = smbrun(del_script,NULL); DEBUG(ret ? 0 : 3,("smb_delete_user_group: Running the command `%s' gave %d\n",del_script,ret)); if (ret == 0) { @@ -326,13 +375,13 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user) } return ret; } - + return -1; } NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, - DOM_SID sid) + struct dom_sid sid) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); @@ -387,7 +436,7 @@ NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods, } NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods, - DOM_SID sid) + struct dom_sid sid) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); @@ -398,9 +447,9 @@ NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods, } NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, - const DOM_SID *sid, enum lsa_SidType sid_name_use, + const struct dom_sid *sid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap, size_t *p_num_entries, - BOOL unix_only) + bool unix_only) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); @@ -413,11 +462,11 @@ NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, const char *name, uint32 *rid) { - DOM_SID sid; + struct dom_sid sid; enum lsa_SidType type; uint32 new_rid; gid_t gid; - BOOL exists; + bool exists; GROUP_MAP map; TALLOC_CTX *mem_ctx; NTSTATUS status; @@ -429,7 +478,7 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, return NT_STATUS_NO_MEMORY; } - exists = lookup_name(mem_ctx, name, LOOKUP_NAME_ISOLATED, + exists = lookup_name(mem_ctx, name, LOOKUP_NAME_LOCAL, NULL, NULL, &sid, &type); TALLOC_FREE(mem_ctx); @@ -447,11 +496,10 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, return NT_STATUS_ACCESS_DENIED; } - DEBUG(10, ("Creating alias %s with gid %d and rid %d\n", - name, gid, new_rid)); + DEBUG(10, ("Creating alias %s with gid %u and rid %u\n", + name, (unsigned int)gid, (unsigned int)new_rid)); - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, new_rid); + sid_compose(&sid, get_global_sam_sid(), new_rid); map.gid = gid; sid_copy(&map.sid, &sid); @@ -473,13 +521,13 @@ NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, } NTSTATUS pdb_default_delete_alias(struct pdb_methods *methods, - const DOM_SID *sid) + const struct dom_sid *sid) { return pdb_delete_group_mapping_entry(*sid); } NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods, - const DOM_SID *sid, + const struct dom_sid *sid, struct acct_info *info) { GROUP_MAP map; @@ -490,7 +538,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods, if ((map.sid_name_use != SID_NAME_ALIAS) && (map.sid_name_use != SID_NAME_WKN_GRP)) { DEBUG(2, ("%s is a %s, expected an alias\n", - sid_string_static(sid), + sid_string_dbg(sid), sid_type_lookup(map.sid_name_use))); return NT_STATUS_NO_SUCH_ALIAS; } @@ -502,7 +550,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods, } NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods, - const DOM_SID *sid, + const struct dom_sid *sid, struct acct_info *info) { GROUP_MAP map; @@ -517,7 +565,7 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods, } NTSTATUS pdb_default_add_aliasmem(struct pdb_methods *methods, - const DOM_SID *alias, const DOM_SID *member) + const struct dom_sid *alias, const struct dom_sid *member) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); @@ -527,7 +575,7 @@ NTSTATUS pdb_default_add_aliasmem(struct pdb_methods *methods, } NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods, - const DOM_SID *alias, const DOM_SID *member) + const struct dom_sid *alias, const struct dom_sid *member) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); @@ -537,25 +585,26 @@ NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods, } NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods, - const DOM_SID *alias, DOM_SID **pp_members, - size_t *p_num_members) + const struct dom_sid *alias, TALLOC_CTX *mem_ctx, + struct dom_sid **pp_members, size_t *p_num_members) { if (!init_group_mapping()) { DEBUG(0,("failed to initialize group mapping\n")); return NT_STATUS_UNSUCCESSFUL; } - return backend->enum_aliasmem(alias, pp_members, p_num_members); + return backend->enum_aliasmem(alias, mem_ctx, pp_members, + p_num_members); } NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods, TALLOC_CTX *mem_ctx, - const DOM_SID *domain_sid, - const DOM_SID *members, + const struct dom_sid *domain_sid, + const struct dom_sid *members, size_t num_members, uint32 **pp_alias_rids, size_t *p_num_alias_rids) { - DOM_SID *alias_sids; + struct dom_sid *alias_sids; size_t i, num_alias_sids; NTSTATUS result; @@ -601,7 +650,7 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods, *********************************************************************/ NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, - DOM_SID sid) + struct dom_sid sid) { return NT_STATUS_UNSUCCESSFUL; } @@ -631,7 +680,7 @@ NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods, } NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods, - DOM_SID sid) + struct dom_sid sid) { return NT_STATUS_UNSUCCESSFUL; } @@ -639,7 +688,7 @@ NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods, NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods, enum lsa_SidType sid_name_use, GROUP_MAP **rmap, size_t *num_entries, - BOOL unix_only) + bool unix_only) { return NT_STATUS_UNSUCCESSFUL; } @@ -647,10 +696,10 @@ NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods, /**************************************************************************** These need to be redirected through pdb_interface.c ****************************************************************************/ -BOOL pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info) +bool pdb_get_dom_grp_info(const struct dom_sid *sid, struct acct_info *info) { GROUP_MAP map; - BOOL res; + bool res; become_root(); res = get_domain_group_from_sid(*sid, &map); @@ -665,7 +714,7 @@ BOOL pdb_get_dom_grp_info(const DOM_SID *sid, struct acct_info *info) return True; } -BOOL pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info) +bool pdb_set_dom_grp_info(const struct dom_sid *sid, const struct acct_info *info) { GROUP_MAP map; @@ -684,7 +733,7 @@ BOOL pdb_set_dom_grp_info(const DOM_SID *sid, const struct acct_info *info) NTSTATUS pdb_create_builtin_alias(uint32 rid) { - DOM_SID sid; + struct dom_sid sid; enum lsa_SidType type; gid_t gid; GROUP_MAP map; @@ -694,22 +743,22 @@ NTSTATUS pdb_create_builtin_alias(uint32 rid) fstring groupname; DEBUG(10, ("Trying to create builtin alias %d\n", rid)); - + if ( !sid_compose( &sid, &global_sid_Builtin, rid ) ) { return NT_STATUS_NO_SUCH_ALIAS; } - + if ( (mem_ctx = talloc_new(NULL)) == NULL ) { return NT_STATUS_NO_MEMORY; } - + if ( !lookup_sid(mem_ctx, &sid, NULL, &name, &type) ) { TALLOC_FREE( mem_ctx ); return NT_STATUS_NO_SUCH_ALIAS; } - + /* validate RID so copy the name and move on */ - + fstrcpy( groupname, name ); TALLOC_FREE( mem_ctx ); @@ -718,12 +767,12 @@ NTSTATUS pdb_create_builtin_alias(uint32 rid) return NT_STATUS_ACCESS_DENIED; } - DEBUG(10,("Creating alias %s with gid %d\n", name, gid)); + DEBUG(10,("Creating alias %s with gid %u\n", groupname, (unsigned int)gid)); map.gid = gid; sid_copy(&map.sid, &sid); map.sid_name_use = SID_NAME_ALIAS; - fstrcpy(map.nt_name, name); + fstrcpy(map.nt_name, groupname); fstrcpy(map.comment, ""); status = pdb_add_group_mapping_entry(&map);