2006-12-12 17:52:13 +03:00
/*
Unix SMB / CIFS implementation .
idmap PASSDB backend
Copyright ( C ) Simo Sorce 2006
This program is free software ; you can redistribute it and / or modify
it under the terms of the GNU General Public License as published by
2007-07-09 23:25:36 +04:00
the Free Software Foundation ; either version 3 of the License , or
2006-12-12 17:52:13 +03:00
( at your option ) any later version .
This program is distributed in the hope that it will be useful ,
but WITHOUT ANY WARRANTY ; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE . See the
GNU General Public License for more details .
You should have received a copy of the GNU General Public License
2007-07-10 04:52:41 +04:00
along with this program . If not , see < http : //www.gnu.org/licenses/>.
2006-12-12 17:52:13 +03:00
*/
# include "includes.h"
# include "winbindd.h"
# undef DBGC_CLASS
# define DBGC_CLASS DBGC_IDMAP
/*****************************
Initialise idmap database .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * */
2007-04-19 01:10:37 +04:00
static NTSTATUS idmap_nss_int_init ( struct idmap_domain * dom )
2006-12-12 17:52:13 +03:00
{
2007-04-19 01:10:37 +04:00
dom - > initialized = True ;
2006-12-12 17:52:13 +03:00
return NT_STATUS_OK ;
}
/**********************************
lookup a set of unix ids .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static NTSTATUS idmap_nss_unixids_to_sids ( struct idmap_domain * dom , struct id_map * * ids )
{
TALLOC_CTX * ctx ;
int i ;
2007-06-09 23:29:35 +04:00
if ( ! dom - > initialized ) {
return NT_STATUS_UNSUCCESSFUL ;
}
2006-12-12 17:52:13 +03:00
ctx = talloc_new ( dom ) ;
if ( ! ctx ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
return NT_STATUS_NO_MEMORY ;
}
for ( i = 0 ; ids [ i ] ; i + + ) {
struct passwd * pw ;
struct group * gr ;
const char * name ;
enum lsa_SidType type ;
2007-10-19 04:40:25 +04:00
bool ret ;
2006-12-12 17:52:13 +03:00
switch ( ids [ i ] - > xid . type ) {
case ID_TYPE_UID :
pw = getpwuid ( ( uid_t ) ids [ i ] - > xid . id ) ;
2006-12-20 20:56:26 +03:00
2006-12-12 17:52:13 +03:00
if ( ! pw ) {
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_UNMAPPED ;
2006-12-12 17:52:13 +03:00
continue ;
}
name = pw - > pw_name ;
break ;
case ID_TYPE_GID :
gr = getgrgid ( ( gid_t ) ids [ i ] - > xid . id ) ;
2006-12-20 20:56:26 +03:00
2006-12-12 17:52:13 +03:00
if ( ! gr ) {
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_UNMAPPED ;
2006-12-12 17:52:13 +03:00
continue ;
}
name = gr - > gr_name ;
break ;
default : /* ?? */
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_UNKNOWN ;
2006-12-12 17:52:13 +03:00
continue ;
}
2006-12-20 20:56:26 +03:00
/* by default calls to winbindd are disabled
the following call will not recurse so this is safe */
winbind_on ( ) ;
2006-12-12 17:52:13 +03:00
/* Lookup name from PDC using lsa_lookup_names() */
2006-12-20 20:56:26 +03:00
ret = winbind_lookup_name ( dom - > name , name , ids [ i ] - > sid , & type ) ;
winbind_off ( ) ;
if ( ! ret ) {
2007-01-14 20:58:24 +03:00
/* TODO: how do we know if the name is really not mapped,
* or something just failed ? */
ids [ i ] - > status = ID_UNMAPPED ;
2006-12-12 17:52:13 +03:00
continue ;
}
switch ( type ) {
case SID_NAME_USER :
if ( ids [ i ] - > xid . type = = ID_TYPE_UID ) {
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_MAPPED ;
2006-12-12 17:52:13 +03:00
}
break ;
case SID_NAME_DOM_GRP :
case SID_NAME_ALIAS :
case SID_NAME_WKN_GRP :
if ( ids [ i ] - > xid . type = = ID_TYPE_GID ) {
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_MAPPED ;
2006-12-12 17:52:13 +03:00
}
break ;
default :
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_UNKNOWN ;
2006-12-12 17:52:13 +03:00
break ;
}
}
talloc_free ( ctx ) ;
return NT_STATUS_OK ;
}
/**********************************
lookup a set of sids .
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static NTSTATUS idmap_nss_sids_to_unixids ( struct idmap_domain * dom , struct id_map * * ids )
{
TALLOC_CTX * ctx ;
int i ;
2007-06-09 23:29:35 +04:00
if ( ! dom - > initialized ) {
return NT_STATUS_UNSUCCESSFUL ;
}
2006-12-12 17:52:13 +03:00
ctx = talloc_new ( dom ) ;
if ( ! ctx ) {
DEBUG ( 0 , ( " Out of memory! \n " ) ) ;
return NT_STATUS_NO_MEMORY ;
}
for ( i = 0 ; ids [ i ] ; i + + ) {
struct group * gr ;
enum lsa_SidType type ;
2006-12-20 20:56:26 +03:00
const char * dom_name = NULL ;
const char * name = NULL ;
2007-10-19 04:40:25 +04:00
bool ret ;
2006-12-12 17:52:13 +03:00
2006-12-20 20:56:26 +03:00
/* by default calls to winbindd are disabled
the following call will not recurse so this is safe */
winbind_on ( ) ;
2006-12-20 22:05:07 +03:00
ret = winbind_lookup_sid ( ctx , ids [ i ] - > sid , & dom_name , & name , & type ) ;
2006-12-20 20:56:26 +03:00
winbind_off ( ) ;
if ( ! ret ) {
2007-01-14 20:58:24 +03:00
/* TODO: how do we know if the name is really not mapped,
* or something just failed ? */
ids [ i ] - > status = ID_UNMAPPED ;
2006-12-12 17:52:13 +03:00
continue ;
}
switch ( type ) {
2007-12-19 17:02:59 +03:00
case SID_NAME_USER : {
struct passwd * pw ;
2006-12-12 17:52:13 +03:00
/* this will find also all lower case name and use username level */
2007-12-19 17:02:59 +03:00
pw = Get_Pwnam_alloc ( talloc_tos ( ) , name ) ;
2006-12-12 17:52:13 +03:00
if ( pw ) {
ids [ i ] - > xid . id = pw - > pw_uid ;
ids [ i ] - > xid . type = ID_TYPE_UID ;
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_MAPPED ;
2006-12-12 17:52:13 +03:00
}
2007-12-19 17:02:59 +03:00
TALLOC_FREE ( pw ) ;
2006-12-12 17:52:13 +03:00
break ;
2007-12-19 17:02:59 +03:00
}
2006-12-12 17:52:13 +03:00
case SID_NAME_DOM_GRP :
case SID_NAME_ALIAS :
case SID_NAME_WKN_GRP :
gr = getgrnam ( name ) ;
if ( gr ) {
ids [ i ] - > xid . id = gr - > gr_gid ;
ids [ i ] - > xid . type = ID_TYPE_GID ;
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_MAPPED ;
2006-12-12 17:52:13 +03:00
}
break ;
default :
2007-01-14 20:58:24 +03:00
ids [ i ] - > status = ID_UNKNOWN ;
2006-12-12 17:52:13 +03:00
break ;
}
}
talloc_free ( ctx ) ;
return NT_STATUS_OK ;
}
/**********************************
Close the idmap tdb instance
* * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * * */
static NTSTATUS idmap_nss_close ( struct idmap_domain * dom )
{
return NT_STATUS_OK ;
}
static struct idmap_methods nss_methods = {
. init = idmap_nss_int_init ,
. unixids_to_sids = idmap_nss_unixids_to_sids ,
. sids_to_unixids = idmap_nss_sids_to_unixids ,
. close_fn = idmap_nss_close
} ;
NTSTATUS idmap_nss_init ( void )
{
return smb_register_idmap ( SMB_IDMAP_INTERFACE_VERSION , " nss " , & nss_methods ) ;
}