samba-mirror

mirror of https://github.com/samba-team/samba.git synced 2025-01-20 14:03:59 +03:00

256 lines

6.2 KiB

C

Raw Normal View History

initial work for the new idmpa interface -			`/*`
			`Unix SMB/CIFS implementation.`
consolidate idmap code in one place -			`ID Mapping`
initial work for the new idmpa interface -			`Copyright (C) Tim Potter 2000`
			`Copyright (C) Anthony Liguori <aliguor@us.ibm.com> 2003`
			`Copyright (C) Simo Sorce 2003`

			`This program is free software; you can redistribute it and/or modify`
			`it under the terms of the GNU General Public License as published by`
			`the Free Software Foundation; either version 2 of the License, or`
			`(at your option) any later version.`

			`This program is distributed in the hope that it will be useful,`
			`but WITHOUT ANY WARRANTY; without even the implied warranty of`
			`MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the`
			`GNU General Public License for more details.`

			`You should have received a copy of the GNU General Public License`
			`along with this program; if not, write to the Free Software`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.*/`
initial work for the new idmpa interface -
			`#include "includes.h"`

some more code (not tested yet) -			`#undef DBGC_CLASS`
			`#define DBGC_CLASS DBGC_IDMAP`

Add smb_register_idmap(). Based on a patch from metze -			`struct idmap_function_entry {`
initial work for the new idmpa interface -			`const char *name;`
			`struct idmap_methods *methods;`
Add smb_register_idmap(). Based on a patch from metze -			`struct idmap_function_entry prev,next;`
initial work for the new idmpa interface -			`};`

Add smb_register_idmap(). Based on a patch from metze -			`static struct idmap_function_entry *backends = NULL;`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`static struct idmap_methods *local_map;`
			`static struct idmap_methods *remote_map;`
initial work for the new idmpa interface -
auto-init for utility functions -			`static void lazy_initialize_idmap(void)`
			`{`
			`static BOOL initialized = False;`

Add smb_register_idmap(). Based on a patch from metze -			`if(!initialized) {`
			`idmap_init();`
			`initialized = True;`
			`}`
			`}`
auto-init for utility functions -
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`static struct idmap_methods get_methods(const char name)`
initial work for the new idmpa interface -			`{`
Add smb_register_idmap(). Based on a patch from metze -			`struct idmap_function_entry *entry = backends;`
initial work for the new idmpa interface -
Add smb_register_idmap(). Based on a patch from metze -			`while(entry) {`
			`if (strcmp(entry->name, name) == 0) return entry->methods;`
			`entry = entry->next;`
initial work for the new idmpa interface -			`}`

Add smb_register_idmap(). Based on a patch from metze -			`return NULL;`
			`}`
initial work for the new idmpa interface -
Add smb_register_idmap(). Based on a patch from metze -			`NTSTATUS smb_register_idmap(int version, const char name, struct idmap_methods methods)`
			`{`
As has been pointed out, ordering here doesn't matter so use normal add. Jeremy. -			`struct idmap_function_entry *entry;`
Add smb_register_idmap(). Based on a patch from metze -
			`if ((version != SMB_IDMAP_INTERFACE_VERSION)) {`
			`DEBUG(0, ("Failed to register idmap module.\n"`
			`"The module was compiled against SMB_IDMAP_INTERFACE_VERSION %d,\n"`
			`"current SMB_IDMAP_INTERFACE_VERSION is %d.\n"`
			`"Please recompile against the current version of samba!\n",`
			`version, SMB_IDMAP_INTERFACE_VERSION));`
			`return NT_STATUS_OBJECT_TYPE_MISMATCH;`
			`}`

			`if (!name \|\| !name[0] \|\| !methods) {`
			`DEBUG(0,("smb_register_idmap() called with NULL pointer or empty name!\n"));`
			`return NT_STATUS_INVALID_PARAMETER;`
			`}`
initial work for the new idmpa interface -
Add smb_register_idmap(). Based on a patch from metze -			`if (get_methods(name)) {`
			`DEBUG(0,("idmap module %s already registered!\n", name));`
			`return NT_STATUS_OBJECT_NAME_COLLISION;`
initial work for the new idmpa interface -			`}`

Add smb_register_idmap(). Based on a patch from metze -			`entry = smb_xmalloc(sizeof(struct idmap_function_entry));`
			`entry->name = smb_xstrdup(name);`
			`entry->methods = methods;`

As has been pointed out, ordering here doesn't matter so use normal add. Jeremy. -			`DLIST_ADD(backends, entry);`
Add smb_register_idmap(). Based on a patch from metze -			`DEBUG(5, ("Successfully added idmap backend '%s'\n", name));`
			`return NT_STATUS_OK;`
initial work for the new idmpa interface -			`}`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`/* Initialize backend */`
make winbind use idmap as well. change idmap_init call removed ldap backend for winbind idmap, seem it had problems anyway and it have to be reworked to work with idmap without calling winbind code. simo -			`BOOL idmap_init(void)`
initial work for the new idmpa interface -			`{`
make winbind use idmap as well. change idmap_init call removed ldap backend for winbind idmap, seem it had problems anyway and it have to be reworked to work with idmap without calling winbind code. simo -			`const char *remote_backend = lp_idmap_backend();`

Add smb_register_idmap(). Based on a patch from metze -			`if (!backends)`
			`static_init_idmap;`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (!local_map) {`
Add smb_register_idmap(). Based on a patch from metze -			`local_map = get_methods("tdb");`

			`if (!local_map) {`
			`DEBUG(0, ("idmap_init: could not find tdb backend!\n"));`
			`return False;`
			`}`

Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(local_map->init( NULL ))) {`
fixes fix debug, add "idmap" string to the list of classes fix idmap, check init failures, and enhance debugging fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that before) fix smbd/uid.c, use gid_t for gids and uid_t for uids -			`DEBUG(0, ("idmap_init: could not load or create local backend!\n"));`
			`return False;`
			`}`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`}`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (!remote_map && remote_backend && *remote_backend != 0) {`
* break out more common code used between pdb_ldap and idmap_ldap * remove 'winbind uid' and 'winbind gid' parameters (replaced by current idmap parameter) * create the sambaUnixIdPool entries automatically in the 'ldap idmap suffix' * add new 'ldap idmap suffix' and 'ldap group suffix' parametrer * "idmap backend = ldap" now accepts 'ldap:ldap://server/' format (parameters are passed to idmap init() function -			`fstring params = "";`
			`char *pparams;`

			`/* get any mode parameters passed in */`

			`if ( (pparams = strchr( remote_backend, ':' )) != NULL ) {`
Fix for crash bug noticed by Luke Howard \| PADL Software Pty Ltd \| www.padl.com. Jeremy. -			`*pparams = '\0';`
* break out more common code used between pdb_ldap and idmap_ldap * remove 'winbind uid' and 'winbind gid' parameters (replaced by current idmap parameter) * create the sambaUnixIdPool entries automatically in the 'ldap idmap suffix' * add new 'ldap idmap suffix' and 'ldap group suffix' parametrer * "idmap backend = ldap" now accepts 'ldap:ldap://server/' format (parameters are passed to idmap init() function -			`pparams++;`
			`fstrcpy( params, pparams );`
			`}`

fixes fix debug, add "idmap" string to the list of classes fix idmap, check init failures, and enhance debugging fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that before) fix smbd/uid.c, use gid_t for gids and uid_t for uids -			`DEBUG(3, ("idmap_init: using '%s' as remote backend\n", remote_backend));`
initial work for the new idmpa interface -
Add smb_register_idmap(). Based on a patch from metze -			`if((remote_map = get_methods(remote_backend)) \|\|`
			`(NT_STATUS_IS_OK(smb_probe_module("idmap", remote_backend)) &&`
			`(remote_map = get_methods(remote_backend)))) {`
* break out more common code used between pdb_ldap and idmap_ldap * remove 'winbind uid' and 'winbind gid' parameters (replaced by current idmap parameter) * create the sambaUnixIdPool entries automatically in the 'ldap idmap suffix' * add new 'ldap idmap suffix' and 'ldap group suffix' parametrer * "idmap backend = ldap" now accepts 'ldap:ldap://server/' format (parameters are passed to idmap init() function -			`remote_map->init(params);`
Add smb_register_idmap(). Based on a patch from metze -			`} else {`
fixes fix debug, add "idmap" string to the list of classes fix idmap, check init failures, and enhance debugging fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that before) fix smbd/uid.c, use gid_t for gids and uid_t for uids -			`DEBUG(0, ("idmap_init: could not load remote backend '%s'\n", remote_backend));`
initial work for the new idmpa interface -			`return False;`
			`}`
Add smb_register_idmap(). Based on a patch from metze -
initial work for the new idmpa interface -			`}`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -
initial work for the new idmpa interface -			`return True;`
			`}`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`NTSTATUS idmap_set_mapping(const DOM_SID *sid, unid_t id, int id_type)`
initial work for the new idmpa interface -			`{`
			`NTSTATUS ret;`

auto-init for utility functions -			`lazy_initialize_idmap();`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`ret = local_map->set_mapping(sid, id, id_type);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG (0, ("idmap_set_mapping: Error, unable to modify local cache!\n"));`
NTSTATUS strings are much more use than raw numbers... -			`DEBUGADD(0, ("Error: %s", nt_errstr(ret)));`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`return ret;`
			`}`

			`/* Being able to update the remote cache is seldomly right.`
			`Generally this is a forbidden operation. */`
Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLY and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. -			`if (!(id_type & ID_CACHE_SAVE) && (remote_map != NULL)) {`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`remote_map->set_mapping(sid, id, id_type);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG (0, ("idmap_set_mapping: Error, unable to modify remote cache!\n"));`
NTSTATUS strings are much more use than raw numbers... -			`DEBUGADD(0, ("Error: %s", nt_errstr(ret)));`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`}`
			`}`

			`return ret;`
			`}`

initial work for the new idmpa interface -			`/* Get ID from SID */`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`NTSTATUS idmap_get_id_from_sid(unid_t id, int id_type, const DOM_SID *sid)`
initial work for the new idmpa interface -			`{`
			`NTSTATUS ret;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`int loc_type;`
initial work for the new idmpa interface -
auto-init for utility functions -			`lazy_initialize_idmap();`

more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`loc_type = *id_type;`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (remote_map) { /* We have a central remote idmap */`
Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLY and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. -			`loc_type \|= ID_QUERY_ONLY;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`}`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`ret = local_map->get_id_from_sid(id, &loc_type, sid);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (remote_map) {`
			`ret = remote_map->get_id_from_sid(id, id_type, sid);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG(3, ("idmap_get_id_from_sid: error fetching id!\n"));`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`return ret;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`} else {`
Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLY and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. -			`loc_type \|= ID_CACHE_SAVE;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`idmap_set_mapping(sid, *id, loc_type);`
			`}`
			`}`
			`} else {`
			`*id_type = loc_type & ID_TYPEMASK;`
initial work for the new idmpa interface -			`}`

			`return ret;`
			`}`

			`/* Get SID from ID */`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`NTSTATUS idmap_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)`
initial work for the new idmpa interface -			`{`
			`NTSTATUS ret;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`int loc_type;`
initial work for the new idmpa interface -
auto-init for utility functions -			`lazy_initialize_idmap();`

more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`loc_type = id_type;`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (remote_map) {`
Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLY and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. -			`loc_type = id_type \| ID_QUERY_ONLY;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`}`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`ret = local_map->get_sid_from_id(sid, id, loc_type);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (remote_map) {`
			`ret = remote_map->get_sid_from_id(sid, id, id_type);`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG(3, ("idmap_get_sid_from_id: unable to fetch sid!\n"));`
THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`return ret;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`} else {`
Add include guards around idmap.h, change ID_NOMAP to ID_QUERY_ONLY and ID_CACHE to ID_CACHE_SAVE. Added locking around tdb writes & deletes for multi-process access. Jeremy. -			`loc_type \|= ID_CACHE_SAVE;`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`idmap_set_mapping(sid, id, loc_type);`
			`}`
			`}`
initial work for the new idmpa interface -			`}`

			`return ret;`
			`}`

			`/* Close backend */`
			`NTSTATUS idmap_close(void)`
			`{`
			`NTSTATUS ret;`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`ret = local_map->close();`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG(3, ("idmap_close: failed to close local cache!\n"));`
			`}`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`if (remote_map) {`
			`ret = remote_map->close();`
Found out a good number of NT_STATUS_IS_ERR used the wrong way. As abartlet rememberd me NT_STATUS_IS_ERR != !NT_STATUS_IS_OK This patch will cure the problem. Working on this one I found 16 functions where I think NT_STATUS_IS_ERR() is used correctly, but I'm not 100% sure, coders should check the use of NT_STATUS_IS_ERR() in samba is ok now. Simo. -			`if (!NT_STATUS_IS_OK(ret)) {`
more on idmap two layers structure with - local tdb cache - remote idmap repository compiles -			`DEBUG(3, ("idmap_close: failed to close remote idmap repository!\n"));`
			`}`
initial work for the new idmpa interface -			`}`

			`return ret;`
			`}`

			`/* Dump backend status */`
			`void idmap_status(void)`
			`{`
auto-init for utility functions -			`lazy_initialize_idmap();`

THE Idmap patch :-) includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. -			`local_map->status();`
			`if (remote_map) remote_map->status();`
initial work for the new idmpa interface -			`}`

256 lines 6.2 KiB C Raw Normal View History Unescape Escape

256 lines

6.2 KiB

C

Raw Normal View History