mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
Merge branch 'master' of ssh://git.samba.org/data/git/samba
This commit is contained in:
Andrew Tridgell
commit
67b83d2489
@ -771,14 +771,11 @@ static int nwrap_gr_copy_r(const struct group *src, struct group *dst,
|
||||
}
|
||||
|
||||
/* user functions */
|
||||
_PUBLIC_ struct passwd *nwrap_getpwnam(const char *name)
|
||||
|
||||
static struct passwd *nwrap_files_getpwnam(const char *name)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwnam(name);
|
||||
}
|
||||
|
||||
nwrap_cache_reload(nwrap_pw_global.cache);
|
||||
|
||||
for (i=0; i<nwrap_pw_global.num; i++) {
|
||||
@ -798,15 +795,20 @@ _PUBLIC_ struct passwd *nwrap_getpwnam(const char *name)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
_PUBLIC_ struct passwd *nwrap_getpwnam(const char *name)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwnam(name);
|
||||
}
|
||||
|
||||
return nwrap_files_getpwnam(name);
|
||||
}
|
||||
|
||||
static int nwrap_files_getpwnam_r(const char *name, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
struct passwd *pw;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
pw = nwrap_getpwnam(name);
|
||||
if (!pw) {
|
||||
if (errno == 0) {
|
||||
@ -818,14 +820,20 @@ _PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
|
||||
return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
_PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid)
|
||||
_PUBLIC_ int nwrap_getpwnam_r(const char *name, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
return nwrap_files_getpwnam_r(name, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
static struct passwd *nwrap_files_getpwuid(uid_t uid)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwuid(uid);
|
||||
}
|
||||
|
||||
nwrap_cache_reload(nwrap_pw_global.cache);
|
||||
|
||||
for (i=0; i<nwrap_pw_global.num; i++) {
|
||||
@ -845,15 +853,20 @@ _PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
_PUBLIC_ struct passwd *nwrap_getpwuid(uid_t uid)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwuid(uid);
|
||||
}
|
||||
|
||||
return nwrap_files_getpwuid(uid);
|
||||
}
|
||||
|
||||
static int nwrap_files_getpwuid_r(uid_t uid, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
struct passwd *pw;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
pw = nwrap_getpwuid(uid);
|
||||
if (!pw) {
|
||||
if (errno == 0) {
|
||||
@ -865,24 +878,35 @@ _PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
|
||||
return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getpwuid_r(uid_t uid, struct passwd *pwdst,
|
||||
char *buf, size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
return nwrap_files_getpwuid_r(uid, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
/* user enum functions */
|
||||
static void nwrap_files_setpwent(void)
|
||||
{
|
||||
nwrap_pw_global.idx = 0;
|
||||
}
|
||||
|
||||
_PUBLIC_ void nwrap_setpwent(void)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
real_setpwent();
|
||||
}
|
||||
|
||||
nwrap_pw_global.idx = 0;
|
||||
nwrap_files_setpwent();
|
||||
}
|
||||
|
||||
_PUBLIC_ struct passwd *nwrap_getpwent(void)
|
||||
static struct passwd *nwrap_files_getpwent(void)
|
||||
{
|
||||
struct passwd *pw;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwent();
|
||||
}
|
||||
|
||||
if (nwrap_pw_global.idx == 0) {
|
||||
nwrap_cache_reload(nwrap_pw_global.cache);
|
||||
}
|
||||
@ -900,13 +924,37 @@ _PUBLIC_ struct passwd *nwrap_getpwent(void)
|
||||
return pw;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
|
||||
size_t buflen, struct passwd **pwdstp)
|
||||
_PUBLIC_ struct passwd *nwrap_getpwent(void)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getpwent();
|
||||
}
|
||||
|
||||
return nwrap_files_getpwent();
|
||||
}
|
||||
|
||||
static int nwrap_files_getpwent_r(struct passwd *pwdst, char *buf,
|
||||
size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
struct passwd *pw;
|
||||
|
||||
pw = nwrap_getpwent();
|
||||
if (!pw) {
|
||||
if (errno == 0) {
|
||||
return ENOENT;
|
||||
}
|
||||
return errno;
|
||||
}
|
||||
|
||||
return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
|
||||
size_t buflen, struct passwd **pwdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
#ifdef SOLARIS_GETPWENT_R
|
||||
struct passwd *pw;
|
||||
pw = real_getpwent_r(pwdst, buf, buflen);
|
||||
if (!pw) {
|
||||
if (errno == 0) {
|
||||
@ -923,15 +971,12 @@ _PUBLIC_ int nwrap_getpwent_r(struct passwd *pwdst, char *buf,
|
||||
#endif
|
||||
}
|
||||
|
||||
pw = nwrap_getpwent();
|
||||
if (!pw) {
|
||||
if (errno == 0) {
|
||||
return ENOENT;
|
||||
}
|
||||
return errno;
|
||||
}
|
||||
return nwrap_files_getpwent_r(pwdst, buf, buflen, pwdstp);
|
||||
}
|
||||
|
||||
return nwrap_pw_copy_r(pw, pwdst, buf, buflen, pwdstp);
|
||||
static void nwrap_files_endpwent(void)
|
||||
{
|
||||
nwrap_pw_global.idx = 0;
|
||||
}
|
||||
|
||||
_PUBLIC_ void nwrap_endpwent(void)
|
||||
@ -940,29 +985,30 @@ _PUBLIC_ void nwrap_endpwent(void)
|
||||
real_endpwent();
|
||||
}
|
||||
|
||||
nwrap_pw_global.idx = 0;
|
||||
nwrap_files_endpwent();
|
||||
}
|
||||
|
||||
/* misc functions */
|
||||
static int nwrap_files_initgroups(const char *user, gid_t group)
|
||||
{
|
||||
/* TODO: maybe we should also fake this... */
|
||||
return EPERM;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_initgroups(const char *user, gid_t group)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_initgroups(user, group);
|
||||
}
|
||||
|
||||
/* TODO: maybe we should also fake this... */
|
||||
return EPERM;
|
||||
return nwrap_files_initgroups(user, group);
|
||||
}
|
||||
|
||||
/* group functions */
|
||||
_PUBLIC_ struct group *nwrap_getgrnam(const char *name)
|
||||
static struct group *nwrap_files_getgrnam(const char *name)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrnam(name);
|
||||
}
|
||||
|
||||
nwrap_cache_reload(nwrap_gr_global.cache);
|
||||
|
||||
for (i=0; i<nwrap_gr_global.num; i++) {
|
||||
@ -982,15 +1028,20 @@ _PUBLIC_ struct group *nwrap_getgrnam(const char *name)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
_PUBLIC_ struct group *nwrap_getgrnam(const char *name)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrnam(name);
|
||||
}
|
||||
|
||||
return nwrap_files_getgrnam(name);
|
||||
}
|
||||
|
||||
static int nwrap_files_getgrnam_r(const char *name, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
{
|
||||
struct group *gr;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrnam_r(name, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
gr = nwrap_getgrnam(name);
|
||||
if (!gr) {
|
||||
if (errno == 0) {
|
||||
@ -1002,14 +1053,20 @@ _PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *grdst,
|
||||
return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
_PUBLIC_ struct group *nwrap_getgrgid(gid_t gid)
|
||||
_PUBLIC_ int nwrap_getgrnam_r(const char *name, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrnam_r(name, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
return nwrap_files_getgrnam_r(name, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
static struct group *nwrap_files_getgrgid(gid_t gid)
|
||||
{
|
||||
int i;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrgid(gid);
|
||||
}
|
||||
|
||||
nwrap_cache_reload(nwrap_gr_global.cache);
|
||||
|
||||
for (i=0; i<nwrap_gr_global.num; i++) {
|
||||
@ -1029,15 +1086,20 @@ _PUBLIC_ struct group *nwrap_getgrgid(gid_t gid)
|
||||
return NULL;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
_PUBLIC_ struct group *nwrap_getgrgid(gid_t gid)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrgid(gid);
|
||||
}
|
||||
|
||||
return nwrap_files_getgrgid(gid);
|
||||
}
|
||||
|
||||
static int nwrap_files_getgrgid_r(gid_t gid, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
{
|
||||
struct group *gr;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrgid_r(gid, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
gr = nwrap_getgrgid(gid);
|
||||
if (!gr) {
|
||||
if (errno == 0) {
|
||||
@ -1051,24 +1113,35 @@ _PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
|
||||
return ENOENT;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getgrgid_r(gid_t gid, struct group *grdst,
|
||||
char *buf, size_t buflen, struct group **grdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrgid_r(gid, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
return nwrap_files_getgrgid_r(gid, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
/* group enum functions */
|
||||
static void nwrap_files_setgrent(void)
|
||||
{
|
||||
nwrap_gr_global.idx = 0;
|
||||
}
|
||||
|
||||
_PUBLIC_ void nwrap_setgrent(void)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
real_setgrent();
|
||||
}
|
||||
|
||||
nwrap_gr_global.idx = 0;
|
||||
nwrap_files_setgrent();
|
||||
}
|
||||
|
||||
_PUBLIC_ struct group *nwrap_getgrent(void)
|
||||
static struct group *nwrap_files_getgrent(void)
|
||||
{
|
||||
struct group *gr;
|
||||
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrent();
|
||||
}
|
||||
|
||||
if (nwrap_gr_global.idx == 0) {
|
||||
nwrap_cache_reload(nwrap_gr_global.cache);
|
||||
}
|
||||
@ -1086,13 +1159,37 @@ _PUBLIC_ struct group *nwrap_getgrent(void)
|
||||
return gr;
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf,
|
||||
size_t buflen, struct group **grdstp)
|
||||
_PUBLIC_ struct group *nwrap_getgrent(void)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
return real_getgrent();
|
||||
}
|
||||
|
||||
return nwrap_files_getgrent();
|
||||
}
|
||||
|
||||
static int nwrap_files_getgrent_r(struct group *grdst, char *buf,
|
||||
size_t buflen, struct group **grdstp)
|
||||
{
|
||||
struct group *gr;
|
||||
|
||||
gr = nwrap_getgrent();
|
||||
if (!gr) {
|
||||
if (errno == 0) {
|
||||
return ENOENT;
|
||||
}
|
||||
return errno;
|
||||
}
|
||||
|
||||
return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
_PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf,
|
||||
size_t buflen, struct group **grdstp)
|
||||
{
|
||||
if (!nwrap_enabled()) {
|
||||
#ifdef SOLARIS_GETGRENT_R
|
||||
struct group *gr;
|
||||
gr = real_getgrent_r(grdst, buf, buflen);
|
||||
if (!gr) {
|
||||
if (errno == 0) {
|
||||
@ -1109,15 +1206,12 @@ _PUBLIC_ int nwrap_getgrent_r(struct group *grdst, char *buf,
|
||||
#endif
|
||||
}
|
||||
|
||||
gr = nwrap_getgrent();
|
||||
if (!gr) {
|
||||
if (errno == 0) {
|
||||
return ENOENT;
|
||||
}
|
||||
return errno;
|
||||
}
|
||||
return nwrap_files_getgrent_r(grdst, buf, buflen, grdstp);
|
||||
}
|
||||
|
||||
return nwrap_gr_copy_r(gr, grdst, buf, buflen, grdstp);
|
||||
static void nwrap_files_endgrent(void)
|
||||
{
|
||||
nwrap_gr_global.idx = 0;
|
||||
}
|
||||
|
||||
_PUBLIC_ void nwrap_endgrent(void)
|
||||
@ -1126,5 +1220,5 @@ _PUBLIC_ void nwrap_endgrent(void)
|
||||
real_endgrent();
|
||||
}
|
||||
|
||||
nwrap_gr_global.idx = 0;
|
||||
nwrap_files_endgrent();
|
||||
}
|
||||
|
||||
@ -7,26 +7,35 @@ use Getopt::Long;
|
||||
use Cwd qw(abs_path);
|
||||
|
||||
my $opt_help = 0;
|
||||
my $opt_path = undef;
|
||||
my $opt_passwd_path = undef;
|
||||
my $opt_group_path = undef;
|
||||
my $opt_action = undef;
|
||||
my $opt_type = undef;
|
||||
my $opt_name = undef;
|
||||
my $opt_member = undef;
|
||||
|
||||
my $passwdfn = undef;
|
||||
my $groupfn = undef;
|
||||
my $memberfn = undef;
|
||||
my $actionfn = undef;
|
||||
|
||||
sub passwd_add($$);
|
||||
sub passwd_delete($$);
|
||||
sub group_add($$);
|
||||
sub group_delete($$);
|
||||
sub passwd_add($$$$);
|
||||
sub passwd_delete($$$$);
|
||||
sub group_add($$$$);
|
||||
sub group_delete($$$$);
|
||||
sub member_add($$$$);
|
||||
sub member_delete($$$$);
|
||||
|
||||
sub check_path($$);
|
||||
|
||||
my $result = GetOptions(
|
||||
'help|h|?' => \$opt_help,
|
||||
'path=s' => \$opt_path,
|
||||
'passwd_path=s' => \$opt_passwd_path,
|
||||
'group_path=s' => \$opt_group_path,
|
||||
'action=s' => \$opt_action,
|
||||
'type=s' => \$opt_type,
|
||||
'name=s' => \$opt_name
|
||||
'name=s' => \$opt_name,
|
||||
'member=s' => \$opt_member
|
||||
);
|
||||
|
||||
sub usage($;$)
|
||||
@ -39,14 +48,16 @@ sub usage($;$)
|
||||
|
||||
--help|-h|-? Show this help.
|
||||
|
||||
--path <path> Path of the 'passwd' or 'group' file.
|
||||
--passwd_path <path> Path of the 'passwd' file.
|
||||
--group_path <path> Path of the 'group' file.
|
||||
|
||||
--type <type> Only 'passwd' and 'group' are supported yet,
|
||||
maybe 'member' will be added in future.
|
||||
--type <type> 'passwd', 'group' and 'member' are supported.
|
||||
|
||||
--action <action> 'add' or 'delete'.
|
||||
|
||||
--name <name> The name of the object.
|
||||
|
||||
--member <member> The name of the member.
|
||||
";
|
||||
exit($ret);
|
||||
}
|
||||
@ -55,38 +66,39 @@ usage(1) if (not $result);
|
||||
|
||||
usage(0) if ($opt_help);
|
||||
|
||||
if (not defined($opt_path)) {
|
||||
usage(1, "missing: --path <path>");
|
||||
}
|
||||
if ($opt_path eq "" or $opt_path eq "/") {
|
||||
usage(1, "invalid: --path <path>: '$opt_path'");
|
||||
}
|
||||
my $opt_fullpath = abs_path($opt_path);
|
||||
if (not defined($opt_fullpath)) {
|
||||
usage(1, "invalid: --path <path>: '$opt_path'");
|
||||
}
|
||||
|
||||
|
||||
if (not defined($opt_action)) {
|
||||
usage(1, "missing: --action [add|delete]");
|
||||
}
|
||||
if ($opt_action eq "add") {
|
||||
$passwdfn = \&passwd_add;
|
||||
$groupfn = \&group_add;
|
||||
$memberfn = \&member_add;
|
||||
} elsif ($opt_action eq "delete") {
|
||||
$passwdfn = \&passwd_delete;
|
||||
$groupfn = \&group_delete;
|
||||
$memberfn = \&member_delete;
|
||||
} else {
|
||||
usage(1, "invalid: --action [add|delete]: '$opt_action'");
|
||||
}
|
||||
|
||||
if (not defined($opt_type)) {
|
||||
usage(1, "missing: --type [passwd|group]");
|
||||
usage(1, "missing: --type [passwd|group|member]");
|
||||
}
|
||||
if ($opt_type eq "member" and not defined($opt_member)) {
|
||||
usage(1, "missing: --member <member>");
|
||||
}
|
||||
my $opt_fullpath_passwd;
|
||||
my $opt_fullpath_group;
|
||||
if ($opt_type eq "passwd") {
|
||||
$actionfn = $passwdfn;
|
||||
$opt_fullpath_passwd = check_path($opt_passwd_path, $opt_type);
|
||||
} elsif ($opt_type eq "group") {
|
||||
$actionfn = $groupfn;
|
||||
$opt_fullpath_group = check_path($opt_group_path, $opt_type);
|
||||
} elsif ($opt_type eq "member") {
|
||||
$actionfn = $memberfn;
|
||||
$opt_fullpath_passwd = check_path($opt_passwd_path, "passwd");
|
||||
$opt_fullpath_group = check_path($opt_group_path, "group");
|
||||
} else {
|
||||
usage(1, "invalid: --type [passwd|group]: '$opt_type'")
|
||||
}
|
||||
@ -98,7 +110,24 @@ if ($opt_name eq "") {
|
||||
usage(1, "invalid: --name <name>");
|
||||
}
|
||||
|
||||
exit $actionfn->($opt_fullpath, $opt_name);
|
||||
exit $actionfn->($opt_fullpath_passwd, $opt_member, $opt_fullpath_group, $opt_name);
|
||||
|
||||
sub check_path($$)
|
||||
{
|
||||
my ($path,$type) = @_;
|
||||
|
||||
if (not defined($path)) {
|
||||
usage(1, "missing: --$type\_path <path>");
|
||||
}
|
||||
if ($path eq "" or $path eq "/") {
|
||||
usage(1, "invalid: --$type\_path <path>: '$path'");
|
||||
}
|
||||
my $fullpath = abs_path($path);
|
||||
if (not defined($fullpath)) {
|
||||
usage(1, "invalid: --$type\_path <path>: '$path'");
|
||||
}
|
||||
return $fullpath;
|
||||
}
|
||||
|
||||
sub passwd_add_entry($$);
|
||||
|
||||
@ -260,6 +289,62 @@ sub group_remove_entry($$)
|
||||
delete $group->{gid}{${$eref}[2]};
|
||||
}
|
||||
|
||||
sub group_add_member($$$)
|
||||
{
|
||||
my ($group, $eref, $username) = @_;
|
||||
|
||||
my @members;
|
||||
my $str = @$eref[3] || undef;
|
||||
if ($str) {
|
||||
@members = split(",", $str);
|
||||
}
|
||||
|
||||
foreach my $member (@members) {
|
||||
if ($member and $member eq $username) {
|
||||
die("account[$username] is already member of '@$eref[0]'");
|
||||
}
|
||||
}
|
||||
|
||||
push(@members, $username);
|
||||
|
||||
my $gwent = @$eref[0].":x:".@$eref[2].":".join(",", @members);
|
||||
|
||||
group_remove_entry($group, $eref);
|
||||
|
||||
group_add_entry($group, $gwent);
|
||||
}
|
||||
|
||||
sub group_delete_member($$$)
|
||||
{
|
||||
my ($group, $eref, $username) = @_;
|
||||
|
||||
my @members = undef;
|
||||
my $str = @$eref[3] || undef;
|
||||
if ($str) {
|
||||
@members = split(",", $str);
|
||||
}
|
||||
my @new_members;
|
||||
my $removed = 0;
|
||||
|
||||
foreach my $member (@members) {
|
||||
if ($member and $member ne $username) {
|
||||
push(@new_members, $member);
|
||||
} else {
|
||||
$removed = 1;
|
||||
}
|
||||
}
|
||||
|
||||
if ($removed != 1) {
|
||||
die("account[$username] is not member of '@$eref[0]'");
|
||||
}
|
||||
|
||||
my $gwent = @$eref[0].":x:".@$eref[2].":".join(",", @new_members);
|
||||
|
||||
group_remove_entry($group, $eref);
|
||||
|
||||
group_add_entry($group, $gwent);
|
||||
}
|
||||
|
||||
sub passwd_save($)
|
||||
{
|
||||
my ($passwd) = @_;
|
||||
@ -303,9 +388,9 @@ sub group_save($)
|
||||
rename($tmppath, $path) or die("Unable to rename $tmppath => $path");
|
||||
}
|
||||
|
||||
sub passwd_add($$)
|
||||
sub passwd_add($$$$)
|
||||
{
|
||||
my ($path, $name) = @_;
|
||||
my ($path, $dummy, $dummy2, $name) = @_;
|
||||
|
||||
#print "passwd_add: '$name' in '$path'\n";
|
||||
|
||||
@ -326,9 +411,9 @@ sub passwd_add($$)
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub passwd_delete($$)
|
||||
sub passwd_delete($$$$)
|
||||
{
|
||||
my ($path, $name) = @_;
|
||||
my ($path, $dummy, $dummy2, $name) = @_;
|
||||
|
||||
#print "passwd_delete: '$name' in '$path'\n";
|
||||
|
||||
@ -344,9 +429,9 @@ sub passwd_delete($$)
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub group_add($$)
|
||||
sub group_add($$$$)
|
||||
{
|
||||
my ($path, $name) = @_;
|
||||
my ($dummy, $dummy2, $path, $name) = @_;
|
||||
|
||||
#print "group_add: '$name' in '$path'\n";
|
||||
|
||||
@ -357,7 +442,7 @@ sub group_add($$)
|
||||
|
||||
my $gid = group_get_free_gid($group);
|
||||
|
||||
my $gwent = $name.":x:".$gid.":".""; #no members yet
|
||||
my $gwent = $name.":x:".$gid.":"."";
|
||||
|
||||
group_add_entry($group, $gwent);
|
||||
|
||||
@ -368,9 +453,9 @@ sub group_add($$)
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub group_delete($$)
|
||||
sub group_delete($$$$)
|
||||
{
|
||||
my ($path, $name) = @_;
|
||||
my ($dummy, $dummy2, $path, $name) = @_;
|
||||
|
||||
#print "group_delete: '$name' in '$path'\n";
|
||||
|
||||
@ -385,3 +470,49 @@ sub group_delete($$)
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub member_add($$$$)
|
||||
{
|
||||
my ($passwd_path, $username, $group_path, $groupname) = @_;
|
||||
|
||||
#print "member_add: adding '$username' in '$passwd_path' to '$groupname' in '$group_path'\n";
|
||||
|
||||
my $group = group_load($group_path);
|
||||
|
||||
my $g = group_lookup_name($group, $groupname);
|
||||
die("group[$groupname] does not exists in '$group_path'") unless defined($g);
|
||||
|
||||
my $passwd = passwd_load($passwd_path);
|
||||
|
||||
my $u = passwd_lookup_name($passwd, $username);
|
||||
die("account[$username] does not exists in '$passwd_path'") unless defined($u);
|
||||
|
||||
group_add_member($group, $g, $username);
|
||||
|
||||
group_save($group);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
sub member_delete($$$$)
|
||||
{
|
||||
my ($passwd_path, $username, $group_path, $groupname) = @_;
|
||||
|
||||
#print "member_delete: removing '$username' in '$passwd_path' from '$groupname' in '$group_path'\n";
|
||||
|
||||
my $group = group_load($group_path);
|
||||
|
||||
my $g = group_lookup_name($group, $groupname);
|
||||
die("group[$groupname] does not exists in '$group_path'") unless defined($g);
|
||||
|
||||
my $passwd = passwd_load($passwd_path);
|
||||
|
||||
my $u = passwd_lookup_name($passwd, $username);
|
||||
die("account[$username] does not exists in '$passwd_path'") unless defined($u);
|
||||
|
||||
group_delete_member($group, $g, $username);
|
||||
|
||||
group_save($group);
|
||||
|
||||
return 0;
|
||||
}
|
||||
|
||||
@ -458,11 +458,13 @@ sub provision($$$$$$)
|
||||
|
||||
time server = yes
|
||||
|
||||
add user script = $nss_wrapper_pl --path $nss_wrapper_passwd --type passwd --action add --name %u
|
||||
add group script = $nss_wrapper_pl --path $nss_wrapper_group --type group --action add --name %g
|
||||
add machine script = $nss_wrapper_pl --path $nss_wrapper_passwd --type passwd --action add --name %u
|
||||
delete user script = $nss_wrapper_pl --path $nss_wrapper_passwd --type passwd --action delete --name %u
|
||||
delete group script = $nss_wrapper_pl --path $nss_wrapper_group --type group --action delete --name %g
|
||||
add user script = $nss_wrapper_pl --passwd_path $nss_wrapper_passwd --type passwd --action add --name %u
|
||||
add group script = $nss_wrapper_pl --group_path $nss_wrapper_group --type group --action add --name %g
|
||||
add machine script = $nss_wrapper_pl --passwd_path $nss_wrapper_passwd --type passwd --action add --name %u
|
||||
add user to group script = $nss_wrapper_pl --passwd_path $nss_wrapper_passwd --type member --action add --member %u --name %g --group_path $nss_wrapper_group
|
||||
delete user script = $nss_wrapper_pl --passwd_path $nss_wrapper_passwd --type passwd --action delete --name %u
|
||||
delete group script = $nss_wrapper_pl --group_path $nss_wrapper_group --type group --action delete --name %g
|
||||
delete user from group script = $nss_wrapper_pl --passwd_path $nss_wrapper_passwd --type member --action delete --member %u --name %g --group_path $nss_wrapper_group
|
||||
|
||||
kernel oplocks = no
|
||||
kernel change notify = no
|
||||
|
||||
@ -5,17 +5,17 @@
|
||||
Copyright (C) Luke Kenneth Casson Leighton 1998 - 2000
|
||||
Copyright (C) Andrew Bartlett 2002
|
||||
Copyright (C) Simo Sorce 2003
|
||||
|
||||
|
||||
This program is free software; you can redistribute it and/or modify
|
||||
it under the terms of the GNU General Public License as published by
|
||||
the Free Software Foundation; either version 3 of the License, or
|
||||
(at your option) any later version.
|
||||
|
||||
|
||||
This program is distributed in the hope that it will be useful,
|
||||
but WITHOUT ANY WARRANTY; without even the implied warranty of
|
||||
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
|
||||
GNU General Public License for more details.
|
||||
|
||||
|
||||
You should have received a copy of the GNU General Public License
|
||||
along with this program. If not, see <http://www.gnu.org/licenses/>.
|
||||
*/
|
||||
@ -118,7 +118,7 @@ struct samu {
|
||||
time_t pass_last_set_time; /* password last set time */
|
||||
time_t pass_can_change_time; /* password can change time */
|
||||
time_t pass_must_change_time; /* password must change time */
|
||||
|
||||
|
||||
const char *username; /* UNIX username string */
|
||||
const char *domain; /* Windows Domain name */
|
||||
const char *nt_username; /* Windows username string */
|
||||
@ -131,22 +131,22 @@ struct samu {
|
||||
const char *workstations; /* login from workstations string */
|
||||
const char *comment;
|
||||
const char *munged_dial; /* munged path name and dial-back tel number */
|
||||
|
||||
|
||||
DOM_SID user_sid;
|
||||
DOM_SID *group_sid;
|
||||
|
||||
|
||||
DATA_BLOB lm_pw; /* .data is Null if no password */
|
||||
DATA_BLOB nt_pw; /* .data is Null if no password */
|
||||
DATA_BLOB nt_pw_his; /* nt hashed password history .data is Null if not available */
|
||||
char* plaintext_pw; /* is Null if not available */
|
||||
|
||||
|
||||
uint32 acct_ctrl; /* account info (ACB_xxxx bit-mask) */
|
||||
uint32 fields_present; /* 0x00ff ffff */
|
||||
|
||||
|
||||
uint16 logon_divs; /* 168 - number of hours in a week */
|
||||
uint32 hours_len; /* normally 21 bytes */
|
||||
uint8 hours[MAX_HOURS_LEN];
|
||||
|
||||
|
||||
/* Was unknown_5. */
|
||||
uint16 bad_password_count;
|
||||
uint16 logon_count;
|
||||
@ -158,7 +158,7 @@ struct samu {
|
||||
const struct pdb_methods *backend_private_methods;
|
||||
void *backend_private_data;
|
||||
void (*backend_private_data_free_fn)(void **);
|
||||
|
||||
|
||||
/* maintain a copy of the user's struct passwd */
|
||||
|
||||
struct passwd *unix_pw;
|
||||
@ -221,7 +221,7 @@ struct pdb_methods
|
||||
const char *name; /* What name got this module */
|
||||
|
||||
NTSTATUS (*getsampwnam)(struct pdb_methods *, struct samu *sam_acct, const char *username);
|
||||
|
||||
|
||||
NTSTATUS (*getsampwsid)(struct pdb_methods *, struct samu *sam_acct, const DOM_SID *sid);
|
||||
|
||||
NTSTATUS (*create_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
|
||||
@ -230,15 +230,15 @@ struct pdb_methods
|
||||
|
||||
NTSTATUS (*delete_user)(struct pdb_methods *, TALLOC_CTX *tmp_ctx,
|
||||
struct samu *sam_acct);
|
||||
|
||||
|
||||
NTSTATUS (*add_sam_account)(struct pdb_methods *, struct samu *sampass);
|
||||
|
||||
|
||||
NTSTATUS (*update_sam_account)(struct pdb_methods *, struct samu *sampass);
|
||||
|
||||
|
||||
NTSTATUS (*delete_sam_account)(struct pdb_methods *, struct samu *username);
|
||||
|
||||
|
||||
NTSTATUS (*rename_sam_account)(struct pdb_methods *, struct samu *oldname, const char *newname);
|
||||
|
||||
|
||||
NTSTATUS (*update_login_attempts)(struct pdb_methods *methods, struct samu *sam_acct, bool success);
|
||||
|
||||
NTSTATUS (*getgrsid)(struct pdb_methods *methods, GROUP_MAP *map, DOM_SID sid);
|
||||
@ -378,7 +378,7 @@ struct pdb_methods
|
||||
struct trustdom_info ***domains);
|
||||
|
||||
void *private_data; /* Private data of some kind */
|
||||
|
||||
|
||||
void (*free_private_data)(void **);
|
||||
};
|
||||
|
||||
|
||||
@ -1298,7 +1298,7 @@ int sid_compare(const DOM_SID *sid1, const DOM_SID *sid2);
|
||||
int sid_compare_domain(const DOM_SID *sid1, const DOM_SID *sid2);
|
||||
bool sid_equal(const DOM_SID *sid1, const DOM_SID *sid2);
|
||||
bool non_mappable_sid(DOM_SID *sid);
|
||||
char *sid_binstring(const DOM_SID *sid);
|
||||
char *sid_binstring(TALLOC_CTX *mem_ctx, const DOM_SID *sid);
|
||||
char *sid_binstring_hex(const DOM_SID *sid);
|
||||
DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, const DOM_SID *src);
|
||||
NTSTATUS add_sid_to_array(TALLOC_CTX *mem_ctx, const DOM_SID *sid,
|
||||
@ -1502,7 +1502,7 @@ void strupper_m(char *s);
|
||||
size_t strlen_m(const char *s);
|
||||
size_t strlen_m_term(const char *s);
|
||||
size_t strlen_m_term_null(const char *s);
|
||||
char *binary_string_rfc2254(char *buf, int len);
|
||||
char *binary_string_rfc2254(TALLOC_CTX *mem_ctx, const uint8_t *buf, int len);
|
||||
char *binary_string(char *buf, int len);
|
||||
int fstr_sprintf(fstring s, const char *fmt, ...);
|
||||
bool str_list_sub_basic( char **list, const char *smb_name,
|
||||
@ -1595,7 +1595,7 @@ int islower_ascii(int c);
|
||||
|
||||
void smb_uuid_pack(const struct GUID uu, UUID_FLAT *ptr);
|
||||
void smb_uuid_unpack(const UUID_FLAT in, struct GUID *uu);
|
||||
char *guid_binstring(const struct GUID *guid);
|
||||
char *guid_binstring(TALLOC_CTX *mem_ctx, const struct GUID *guid);
|
||||
|
||||
/* The following definitions come from lib/version.c */
|
||||
|
||||
|
||||
@ -214,6 +214,8 @@ char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry,
|
||||
char * smbldap_talloc_smallest_attribute(LDAP *ldap_struct, LDAPMessage *entry,
|
||||
const char *attribute,
|
||||
TALLOC_CTX *mem_ctx);
|
||||
bool smbldap_pull_sid(LDAP *ld, LDAPMessage *msg, const char *attrib,
|
||||
struct dom_sid *sid);
|
||||
void talloc_autofree_ldapmsg(TALLOC_CTX *mem_ctx, LDAPMessage *result);
|
||||
void talloc_autofree_ldapmod(TALLOC_CTX *mem_ctx, LDAPMod **mod);
|
||||
char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
|
||||
|
||||
@ -389,6 +389,26 @@ ATTRIB_MAP_ENTRY sidmap_attr_list[] = {
|
||||
return result;
|
||||
}
|
||||
|
||||
bool smbldap_pull_sid(LDAP *ld, LDAPMessage *msg, const char *attrib,
|
||||
struct dom_sid *sid)
|
||||
{
|
||||
struct berval **values;
|
||||
bool ret = False;
|
||||
|
||||
values = ldap_get_values_len(ld, msg, attrib);
|
||||
|
||||
if (!values) {
|
||||
return false;
|
||||
}
|
||||
|
||||
if (values[0] != NULL) {
|
||||
ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
|
||||
}
|
||||
|
||||
ldap_value_free_len(values);
|
||||
return ret;
|
||||
}
|
||||
|
||||
static int ldapmsg_destructor(LDAPMessage **result) {
|
||||
ldap_msgfree(*result);
|
||||
return 0;
|
||||
|
||||
@ -520,16 +520,18 @@ bool non_mappable_sid(DOM_SID *sid)
|
||||
Caller must free.
|
||||
*****************************************************************/
|
||||
|
||||
char *sid_binstring(const DOM_SID *sid)
|
||||
char *sid_binstring(TALLOC_CTX *mem_ctx, const DOM_SID *sid)
|
||||
{
|
||||
char *buf, *s;
|
||||
uint8_t *buf;
|
||||
char *s;
|
||||
int len = ndr_size_dom_sid(sid, NULL, 0);
|
||||
buf = (char *)SMB_MALLOC(len);
|
||||
if (!buf)
|
||||
buf = talloc_array(mem_ctx, uint8_t, len);
|
||||
if (!buf) {
|
||||
return NULL;
|
||||
sid_linearize(buf, len, sid);
|
||||
s = binary_string_rfc2254(buf, len);
|
||||
free(buf);
|
||||
}
|
||||
sid_linearize((char *)buf, len, sid);
|
||||
s = binary_string_rfc2254(mem_ctx, buf, len);
|
||||
TALLOC_FREE(buf);
|
||||
return s;
|
||||
}
|
||||
|
||||
|
||||
@ -1529,14 +1529,15 @@ size_t strlen_m_term_null(const char *s)
|
||||
Caller must free.
|
||||
**/
|
||||
|
||||
char *binary_string_rfc2254(char *buf, int len)
|
||||
char *binary_string_rfc2254(TALLOC_CTX *mem_ctx, const uint8_t *buf, int len)
|
||||
{
|
||||
char *s;
|
||||
int i, j;
|
||||
const char *hex = "0123456789ABCDEF";
|
||||
s = (char *)SMB_MALLOC(len * 3 + 1);
|
||||
if (!s)
|
||||
s = talloc_array(mem_ctx, char, len * 3 + 1);
|
||||
if (s == NULL) {
|
||||
return NULL;
|
||||
}
|
||||
for (j=i=0;i<len;i++) {
|
||||
s[j] = '\\';
|
||||
s[j+1] = hex[((unsigned char)buf[i]) >> 4];
|
||||
|
||||
@ -43,11 +43,11 @@ void smb_uuid_unpack(const UUID_FLAT in, struct GUID *uu)
|
||||
Caller must free.
|
||||
*****************************************************************/
|
||||
|
||||
char *guid_binstring(const struct GUID *guid)
|
||||
char *guid_binstring(TALLOC_CTX *mem_ctx, const struct GUID *guid)
|
||||
{
|
||||
UUID_FLAT guid_flat;
|
||||
|
||||
smb_uuid_pack(*guid, &guid_flat);
|
||||
|
||||
return binary_string_rfc2254((char *)guid_flat.info, UUID_FLAT_SIZE);
|
||||
return binary_string_rfc2254(mem_ctx, guid_flat.info, UUID_FLAT_SIZE);
|
||||
}
|
||||
|
||||
@ -2619,19 +2619,7 @@ int ads_count_replies(ADS_STRUCT *ads, void *res)
|
||||
bool ads_pull_sid(ADS_STRUCT *ads, LDAPMessage *msg, const char *field,
|
||||
DOM_SID *sid)
|
||||
{
|
||||
struct berval **values;
|
||||
bool ret = False;
|
||||
|
||||
values = ldap_get_values_len(ads->ldap.ld, msg, field);
|
||||
|
||||
if (!values)
|
||||
return False;
|
||||
|
||||
if (values[0])
|
||||
ret = sid_parse(values[0]->bv_val, values[0]->bv_len, sid);
|
||||
|
||||
ldap_value_free_len(values);
|
||||
return ret;
|
||||
return smbldap_pull_sid(ads->ldap.ld, msg, field, sid);
|
||||
}
|
||||
|
||||
/**
|
||||
|
||||
@ -122,7 +122,7 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads,
|
||||
goto done;
|
||||
}
|
||||
|
||||
guid_bin = guid_binstring(schema_guid);
|
||||
guid_bin = guid_binstring(mem_ctx, schema_guid);
|
||||
if (!guid_bin) {
|
||||
goto done;
|
||||
}
|
||||
@ -145,7 +145,7 @@ const char *ads_get_attrname_by_guid(ADS_STRUCT *ads,
|
||||
result = ads_pull_string(ads, mem_ctx, res, "lDAPDisplayName");
|
||||
|
||||
done:
|
||||
SAFE_FREE(guid_bin);
|
||||
TALLOC_FREE(guid_bin);
|
||||
ads_msgfree(ads, res);
|
||||
return result;
|
||||
|
||||
|
||||
@ -187,7 +187,7 @@ static void nmbd_proxy_logon(struct nmbd_proxy_logon_context *ctx,
|
||||
(ndr_pull_flags_fn_t)ndr_pull_nbt_netlogon_packet);
|
||||
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
|
||||
NTSTATUS status = ndr_map_error2ntstatus(ndr_err);
|
||||
DEBUG(0,("failed parse nbt_letlogon_packet: %s\n",
|
||||
DEBUG(0,("failed parse nbt_netlogon_packet: %s\n",
|
||||
nt_errstr(status)));
|
||||
TALLOC_FREE(state);
|
||||
return;
|
||||
|
||||
@ -1711,7 +1711,7 @@ static NTSTATUS pdb_default_lookup_names(struct pdb_methods *methods,
|
||||
|
||||
static int pdb_search_destructor(struct pdb_search *search)
|
||||
{
|
||||
if (!search->search_ended) {
|
||||
if ((!search->search_ended) && (search->search_end != NULL)) {
|
||||
search->search_end(search);
|
||||
}
|
||||
return 0;
|
||||
@ -1733,6 +1733,7 @@ struct pdb_search *pdb_search_init(TALLOC_CTX *mem_ctx,
|
||||
result->num_entries = 0;
|
||||
result->cache_size = 0;
|
||||
result->search_ended = False;
|
||||
result->search_end = NULL;
|
||||
|
||||
/* Segfault appropriately if not initialized */
|
||||
result->next_entry = NULL;
|
||||
@ -2021,7 +2022,8 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
|
||||
{
|
||||
/* allocate memory for the structure as its own talloc CTX */
|
||||
|
||||
if ( !(*methods = TALLOC_ZERO_P(talloc_autofree_context(), struct pdb_methods) ) ) {
|
||||
*methods = talloc_zero(talloc_autofree_context(), struct pdb_methods);
|
||||
if (*methods == NULL) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
|
||||
@ -216,11 +216,13 @@ cat >$SERVERCONFFILE<<EOF
|
||||
lanman auth = yes
|
||||
time server = yes
|
||||
|
||||
add user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
|
||||
add group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_GROUP --type group --action add --name %g
|
||||
add machine script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
|
||||
delete user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_PASSWD --type passwd --action delete --name %u
|
||||
delete group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --path $NSS_WRAPPER_GROUP --type group --action delete --name %g
|
||||
add user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
|
||||
add group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type group --action add --name %g
|
||||
add user to group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type member --action add --name %g --member %u --passwd_path $NSS_WRAPPER_PASSWD
|
||||
add machine script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action add --name %u
|
||||
delete user script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --passwd_path $NSS_WRAPPER_PASSWD --type passwd --action delete --name %u
|
||||
delete group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type group --action delete --name %g
|
||||
delete user from group script = $PERL $SRCDIR/../lib/nss_wrapper/nss_wrapper.pl --group_path $NSS_WRAPPER_GROUP --type member --action delete --name %g --member %u --passwd_path $NSS_WRAPPER_PASSWD
|
||||
|
||||
kernel oplocks = no
|
||||
kernel change notify = no
|
||||
|
||||
@ -570,10 +570,10 @@ again:
|
||||
|
||||
ids[idx]->status = ID_UNKNOWN;
|
||||
|
||||
sidstr = sid_binstring(ids[idx]->sid);
|
||||
sidstr = sid_binstring(talloc_tos(), ids[idx]->sid);
|
||||
filter = talloc_asprintf_append_buffer(filter, "(objectSid=%s)", sidstr);
|
||||
|
||||
free(sidstr);
|
||||
TALLOC_FREE(sidstr);
|
||||
CHECK_ALLOC_DONE(filter);
|
||||
}
|
||||
filter = talloc_asprintf_append_buffer(filter, "))");
|
||||
@ -894,9 +894,9 @@ static NTSTATUS nss_ad_get_info( struct nss_domain_entry *e,
|
||||
attrs[2] = ctx->ad_schema->posix_gecos_attr;
|
||||
attrs[3] = ctx->ad_schema->posix_gidnumber_attr;
|
||||
|
||||
sidstr = sid_binstring(sid);
|
||||
sidstr = sid_binstring(mem_ctx, sid);
|
||||
filter = talloc_asprintf(mem_ctx, "(objectSid=%s)", sidstr);
|
||||
SAFE_FREE(sidstr);
|
||||
TALLOC_FREE(sidstr);
|
||||
|
||||
if (!filter) {
|
||||
nt_status = NT_STATUS_NO_MEMORY;
|
||||
|
||||
@ -524,14 +524,14 @@ static NTSTATUS query_user(struct winbindd_domain *domain,
|
||||
goto done;
|
||||
}
|
||||
|
||||
sidstr = sid_binstring(sid);
|
||||
sidstr = sid_binstring(talloc_tos(), sid);
|
||||
if (asprintf(&ldap_exp, "(objectSid=%s)", sidstr) == -1) {
|
||||
status = NT_STATUS_NO_MEMORY;
|
||||
goto done;
|
||||
}
|
||||
rc = ads_search_retry(ads, &msg, ldap_exp, attrs);
|
||||
free(ldap_exp);
|
||||
free(sidstr);
|
||||
TALLOC_FREE(sidstr);
|
||||
if (!ADS_ERR_OK(rc) || !msg) {
|
||||
DEBUG(1,("query_user(sid=%s) ads_search: %s\n",
|
||||
sid_string_dbg(sid), ads_errstr(rc)));
|
||||
@ -1011,21 +1011,19 @@ static NTSTATUS lookup_groupmem(struct winbindd_domain *domain,
|
||||
goto done;
|
||||
}
|
||||
|
||||
if ((sidbinstr = sid_binstring(group_sid)) == NULL) {
|
||||
if ((sidbinstr = sid_binstring(talloc_tos(), group_sid)) == NULL) {
|
||||
status = NT_STATUS_NO_MEMORY;
|
||||
goto done;
|
||||
}
|
||||
|
||||
/* search for all members of the group */
|
||||
if (!(ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)",
|
||||
sidbinstr)))
|
||||
{
|
||||
SAFE_FREE(sidbinstr);
|
||||
ldap_exp = talloc_asprintf(tmp_ctx, "(objectSid=%s)", sidbinstr);
|
||||
TALLOC_FREE(sidbinstr);
|
||||
if (ldap_exp == NULL) {
|
||||
DEBUG(1, ("ads: lookup_groupmem: talloc_asprintf for ldap_exp failed!\n"));
|
||||
status = NT_STATUS_NO_MEMORY;
|
||||
goto done;
|
||||
}
|
||||
SAFE_FREE(sidbinstr);
|
||||
|
||||
args.control = ADS_EXTENDED_DN_OID;
|
||||
args.val = ADS_EXTENDED_DN_HEX_STRING;
|
||||
|
||||
Loading…
Reference in New Issue
Block a user