1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

got rid of more group mapping code

This commit is contained in:
Andrew Tridgell 0001-01-01 00:00:00 +00:00
parent 9b02b486ef
commit 2955ce55ee
4 changed files with 5 additions and 310 deletions

View File

@ -58,29 +58,9 @@ typedef struct pdb_context
NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username);
NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map,
DOM_SID sid, BOOL with_priv);
NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map,
gid_t gid, BOOL with_priv);
NTSTATUS (*pdb_getgrnam)(struct pdb_context *context, GROUP_MAP *map,
char *name, BOOL with_priv);
NTSTATUS (*pdb_add_group_mapping_entry)(struct pdb_context *context,
GROUP_MAP *map);
NTSTATUS (*pdb_update_group_mapping_entry)(struct pdb_context *context,
GROUP_MAP *map);
NTSTATUS (*pdb_delete_group_mapping_entry)(struct pdb_context *context,
DOM_SID sid);
NTSTATUS (*pdb_enum_group_mapping)(struct pdb_context *context,
enum SID_NAME_USE sid_name_use,
GROUP_MAP **rmap, int *num_entries,
BOOL unix_only, BOOL with_priv);
void (*free_fn)(struct pdb_context **);
TALLOC_CTX *mem_ctx;
@ -112,29 +92,9 @@ typedef struct pdb_methods
NTSTATUS (*delete_sam_account)(struct pdb_methods *, SAM_ACCOUNT *username);
NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map,
DOM_SID sid, BOOL with_priv);
NTSTATUS (*getgrgid)(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid, BOOL with_priv);
NTSTATUS (*getgrnam)(struct pdb_methods *methods, GROUP_MAP *map,
char *name, BOOL with_priv);
NTSTATUS (*add_group_mapping_entry)(struct pdb_methods *methods,
GROUP_MAP *map);
NTSTATUS (*update_group_mapping_entry)(struct pdb_methods *methods,
GROUP_MAP *map);
NTSTATUS (*delete_group_mapping_entry)(struct pdb_methods *methods,
DOM_SID sid);
NTSTATUS (*enum_group_mapping)(struct pdb_methods *methods,
enum SID_NAME_USE sid_name_use,
GROUP_MAP **rmap, int *num_entries,
BOOL unix_only, BOOL with_priv);
void *private_data; /* Private data of some kind */
void (*free_private_data)(void **);

View File

@ -163,8 +163,6 @@ NTSTATUS pdb_init_sam(SAM_ACCOUNT **user)
NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd)
{
GROUP_MAP map;
const char *guest_account = lp_guestaccount();
if (!(guest_account && *guest_account)) {
DEBUG(1, ("NULL guest account!?!?\n"));
@ -214,18 +212,9 @@ NTSTATUS pdb_fill_sam_pw(SAM_ACCOUNT *sam_account, const struct passwd *pwd)
return NT_STATUS_INVALID_PARAMETER;
}
/* call the mapping code here */
if(pdb_getgrgid(&map, pwd->pw_gid, MAPPING_WITHOUT_PRIV)) {
if (!pdb_set_group_sid(sam_account,&map.sid, PDB_SET)){
DEBUG(0,("Can't set Group SID!\n"));
return NT_STATUS_INVALID_PARAMETER;
}
}
else {
if (!pdb_set_group_sid_from_rid(sam_account,pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) {
DEBUG(0,("Can't set Group SID\n"));
return NT_STATUS_INVALID_PARAMETER;
}
if (!pdb_set_group_sid_from_rid(sam_account,pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) {
DEBUG(0,("Can't set Group SID\n"));
return NT_STATUS_INVALID_PARAMETER;
}
}
@ -611,7 +600,6 @@ BOOL local_lookup_sid(DOM_SID *sid, char *name, enum SID_NAME_USE *psid_name_use
{
uint32 rid;
SAM_ACCOUNT *sam_account = NULL;
GROUP_MAP map;
TALLOC_CTX *mem_ctx;
mem_ctx = talloc_init("local_lookup_sid");
@ -620,8 +608,6 @@ BOOL local_lookup_sid(DOM_SID *sid, char *name, enum SID_NAME_USE *psid_name_use
return False;
}
if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid)){
DEBUG(0,("local_sid_to_gid: sid_peek_check_rid return False! SID: %s\n",
sid_string_talloc(mem_ctx, &map.sid)));
return False;
}
talloc_destroy(mem_ctx);
@ -667,18 +653,6 @@ BOOL local_lookup_sid(DOM_SID *sid, char *name, enum SID_NAME_USE *psid_name_use
pdb_free_sam(&sam_account);
if (pdb_getgrsid(&map, *sid, MAPPING_WITHOUT_PRIV)) {
if (map.gid!=(gid_t)-1) {
DEBUG(5,("local_lookup_sid: mapped group %s to gid %u\n", map.nt_name, (unsigned int)map.gid));
} else {
DEBUG(5,("local_lookup_sid: mapped group %s to no unix gid. Returning name.\n", map.nt_name));
}
fstrcpy(name, map.nt_name);
*psid_name_use = map.sid_name_use;
return True;
}
if (pdb_rid_is_user(rid)) {
uid_t uid;
@ -726,7 +700,6 @@ BOOL local_lookup_name(const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psi
fstring user;
SAM_ACCOUNT *sam_account = NULL;
struct group *grp;
GROUP_MAP map;
*psid_name_use = SID_NAME_UNKNOWN;
@ -774,12 +747,7 @@ BOOL local_lookup_name(const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psi
* Maybe it was a group ?
*/
/* check if it's a mapped group */
if (pdb_getgrnam(&map, user, MAPPING_WITHOUT_PRIV)) {
/* yes it's a mapped group */
sid_copy(&local_sid, &map.sid);
*psid_name_use = map.sid_name_use;
} else {
{
/* it's not a mapped group */
grp = getgrnam(user);
if(!grp)
@ -797,10 +765,6 @@ BOOL local_lookup_name(const char *c_user, DOM_SID *psid, enum SID_NAME_USE *psi
* JFM, 30/11/2001
*/
if (pdb_getgrgid(&map, grp->gr_gid, MAPPING_WITHOUT_PRIV)){
return False;
}
sid_append_rid( &local_sid, pdb_gid_to_group_rid(grp->gr_gid));
*psid_name_use = SID_NAME_ALIAS;
}

View File

@ -274,135 +274,6 @@ static NTSTATUS context_delete_sam_account(struct pdb_context *context, SAM_ACCO
return sam_acct->methods->delete_sam_account(sam_acct->methods, sam_acct);
}
static NTSTATUS context_getgrsid(struct pdb_context *context,
GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
struct pdb_methods *curmethods;
if ((!context)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
curmethods = context->pdb_methods;
while (curmethods){
ret = curmethods->getgrsid(curmethods, map, sid, with_priv);
if (NT_STATUS_IS_OK(ret)) {
map->methods = curmethods;
return ret;
}
curmethods = curmethods->next;
}
return ret;
}
static NTSTATUS context_getgrgid(struct pdb_context *context,
GROUP_MAP *map, gid_t gid, BOOL with_priv)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
struct pdb_methods *curmethods;
if ((!context)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
curmethods = context->pdb_methods;
while (curmethods){
ret = curmethods->getgrgid(curmethods, map, gid, with_priv);
if (NT_STATUS_IS_OK(ret)) {
map->methods = curmethods;
return ret;
}
curmethods = curmethods->next;
}
return ret;
}
static NTSTATUS context_getgrnam(struct pdb_context *context,
GROUP_MAP *map, char *name, BOOL with_priv)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
struct pdb_methods *curmethods;
if ((!context)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
curmethods = context->pdb_methods;
while (curmethods){
ret = curmethods->getgrnam(curmethods, map, name, with_priv);
if (NT_STATUS_IS_OK(ret)) {
map->methods = curmethods;
return ret;
}
curmethods = curmethods->next;
}
return ret;
}
static NTSTATUS context_add_group_mapping_entry(struct pdb_context *context,
GROUP_MAP *map)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
if ((!context) || (!context->pdb_methods)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
return context->pdb_methods->add_group_mapping_entry(context->pdb_methods,
map);
}
static NTSTATUS context_update_group_mapping_entry(struct pdb_context *context,
GROUP_MAP *map)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
if ((!context) || (!context->pdb_methods)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
return context->
pdb_methods->update_group_mapping_entry(context->pdb_methods, map);
}
static NTSTATUS context_delete_group_mapping_entry(struct pdb_context *context,
DOM_SID sid)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
if ((!context) || (!context->pdb_methods)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
return context->
pdb_methods->delete_group_mapping_entry(context->pdb_methods, sid);
}
static NTSTATUS context_enum_group_mapping(struct pdb_context *context,
enum SID_NAME_USE sid_name_use,
GROUP_MAP **rmap, int *num_entries,
BOOL unix_only, BOOL with_priv)
{
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
if ((!context) || (!context->pdb_methods)) {
DEBUG(0, ("invalid pdb_context specified!\n"));
return ret;
}
return context->pdb_methods->enum_group_mapping(context->pdb_methods,
sid_name_use, rmap,
num_entries, unix_only,
with_priv);
}
/******************************************************************
Free and cleanup a pdb context, any associated data and anything
that the attached modules might have associated.
@ -500,13 +371,6 @@ static NTSTATUS make_pdb_context(struct pdb_context **context)
(*context)->pdb_add_sam_account = context_add_sam_account;
(*context)->pdb_update_sam_account = context_update_sam_account;
(*context)->pdb_delete_sam_account = context_delete_sam_account;
(*context)->pdb_getgrsid = context_getgrsid;
(*context)->pdb_getgrgid = context_getgrgid;
(*context)->pdb_getgrnam = context_getgrnam;
(*context)->pdb_add_group_mapping_entry = context_add_group_mapping_entry;
(*context)->pdb_update_group_mapping_entry = context_update_group_mapping_entry;
(*context)->pdb_delete_group_mapping_entry = context_delete_group_mapping_entry;
(*context)->pdb_enum_group_mapping = context_enum_group_mapping;
(*context)->free_fn = free_pdb_context;
@ -674,93 +538,6 @@ BOOL pdb_delete_sam_account(SAM_ACCOUNT *sam_acct)
return NT_STATUS_IS_OK(pdb_context->pdb_delete_sam_account(pdb_context, sam_acct));
}
BOOL pdb_getgrsid(GROUP_MAP *map, DOM_SID sid, BOOL with_priv)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_getgrsid(pdb_context, map, sid, with_priv));
}
BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid, BOOL with_priv)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_getgrgid(pdb_context, map, gid, with_priv));
}
BOOL pdb_getgrnam(GROUP_MAP *map, char *name, BOOL with_priv)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_getgrnam(pdb_context, map, name, with_priv));
}
BOOL pdb_add_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_add_group_mapping_entry(pdb_context, map));
}
BOOL pdb_update_group_mapping_entry(GROUP_MAP *map)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_update_group_mapping_entry(pdb_context, map));
}
BOOL pdb_delete_group_mapping_entry(DOM_SID sid)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_delete_group_mapping_entry(pdb_context, sid));
}
BOOL pdb_enum_group_mapping(enum SID_NAME_USE sid_name_use, GROUP_MAP **rmap,
int *num_entries, BOOL unix_only, BOOL with_priv)
{
struct pdb_context *pdb_context = pdb_get_static_context(False);
if (!pdb_context) {
return False;
}
return NT_STATUS_IS_OK(pdb_context->
pdb_enum_group_mapping(pdb_context, sid_name_use,
rmap, num_entries, unix_only,
with_priv));
}
/***************************************************************
Initialize the static context (at smbd startup etc).

View File

@ -1019,15 +1019,9 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
}
if (group_rid == 0 && pdb_get_init_flags(sampass,PDB_GID) != PDB_DEFAULT) {
GROUP_MAP map;
gid = pdb_get_gid(sampass);
/* call the mapping code here */
if(pdb_getgrgid(&map, gid, MAPPING_WITHOUT_PRIV)) {
pdb_set_group_sid(sampass, &map.sid, PDB_SET);
}
else {
pdb_set_group_sid_from_rid(sampass, pdb_gid_to_group_rid(gid), PDB_SET);
}
pdb_set_group_sid_from_rid(sampass, pdb_gid_to_group_rid(gid), PDB_SET);
}
if (!get_single_attribute(ldap_state->ldap_struct, entry, "pwdLastSet", temp)) {