1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

r9455: Support for reading the policy database

This commit is contained in:
Jelmer Vernooij 2005-08-21 20:01:10 +00:00 committed by Gerald (Jerry) Carter
parent 65ddea09b9
commit 7548a5012a
5 changed files with 134 additions and 1 deletions

View File

@ -3,7 +3,8 @@
[SUBSYSTEM::LIBSAMBA3]
INIT_OBJ_FILES = \
lib/samba3/smbpasswd.o \
lib/samba3/tdbsam.o
lib/samba3/tdbsam.o \
lib/samba3/policy.o
# End SUBSYSTEM LIBSAMBA3
################################################

View File

@ -0,0 +1,67 @@
/*
* Unix SMB/CIFS implementation.
* account policy storage
* Copyright (C) Jean François Micouleau 1998-2001.
* Copyright (C) Andrew Bartlett 2002
*
* This program is free software; you can redistribute it and/or modify
* it under the terms of the GNU General Public License as published by
* the Free Software Foundation; either version 2 of the License, or
* (at your option) any later version.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU General Public License for more details.
*
* You should have received a copy of the GNU General Public License
* along with this program; if not, write to the Free Software
* Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include "lib/tdb/include/tdbutil.h"
#include "lib/samba3/policy.h"
#include "system/filesys.h"
#define DATABASE_VERSION 2
/****************************************************************************
Open the account policy tdb.
****************************************************************************/
struct samba3_policy *samba3_read_account_policy(TALLOC_CTX *ctx, const char *fn)
{
struct samba3_policy *ret;
const char *vstring = "INFO/version";
uint32_t version;
TDB_CONTEXT *tdb = tdb_open(fn, 0, TDB_DEFAULT, O_RDONLY, 0600);
if (!tdb) {
DEBUG(0,("Failed to open account policy database\n"));
return NULL;
}
/* handle a Samba upgrade */
if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) {
tdb_store_uint32(tdb, vstring, DATABASE_VERSION);
}
ret = talloc_zero(ctx, struct samba3_policy);
tdb_fetch_uint32(tdb, "min password length", &ret->min_password_length);
tdb_fetch_uint32(tdb, "password history", &ret->password_history);
tdb_fetch_uint32(tdb, "user must logon to change pasword", &ret->user_must_logon_to_change_password);
tdb_fetch_uint32(tdb, "maximum password age", &ret->maximum_password_age);
tdb_fetch_uint32(tdb, "minimum password age", &ret->minimum_password_age);
tdb_fetch_uint32(tdb, "lockout duration", &ret->lockout_duration);
tdb_fetch_uint32(tdb, "reset count minutes", &ret->reset_count_minutes);
tdb_fetch_uint32(tdb, "bad lockout minutes", &ret->bad_lockout_minutes);
tdb_fetch_uint32(tdb, "disconnect time", &ret->disconnect_time);
tdb_fetch_uint32(tdb, "refuse machine password change", &ret->refuse_machine_password_change);
tdb_close(tdb);
return ret;
}

View File

@ -0,0 +1,37 @@
/*
Unix SMB/CIFS implementation.
Copyright (C) Jelmer Vernooij 2005.
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#ifndef _SAMBA3_POLICY_H /* _SAMBA3_POLICY_H */
#define _SAMBA3_POLICY_H
struct samba3_policy
{
uint32_t min_password_length;
uint32_t password_history;
uint32_t user_must_logon_to_change_password;
uint32_t maximum_password_age;
uint32_t minimum_password_age;
uint32_t lockout_duration;
uint32_t reset_count_minutes;
uint32_t bad_lockout_minutes;
uint32_t disconnect_time;
uint32_t refuse_machine_password_change;
};
#endif /* _SAMBA3_POLICY_H */

View File

@ -20,11 +20,34 @@
*/
#include "includes.h"
#include "lib/samba3/policy.h"
#include "lib/samba3/sam.h"
#include "lib/cmdline/popt_common.h"
static const char *libdir = "/var/lib/samba";
static NTSTATUS print_policy(void)
{
struct samba3_policy *ret;
char *policy_file;
TALLOC_CTX *mem_ctx = talloc_init(NULL);
policy_file = talloc_asprintf(mem_ctx, "%s/account_policy.tdb", libdir);
printf("Opening policy file %s\n", policy_file);
ret = samba3_read_account_policy(mem_ctx, policy_file);
if (ret == NULL)
return NT_STATUS_UNSUCCESSFUL;
printf("Min password length: %d\n", ret->min_password_length);
talloc_free(mem_ctx);
return NT_STATUS_OK;
}
static NTSTATUS print_sam(void)
{
struct samba3_samaccount *accounts;
@ -39,8 +62,10 @@ static NTSTATUS print_sam(void)
status = samba3_read_tdbsam(NULL, tdbsam_file, &accounts, &count);
if (NT_STATUS_IS_ERR(status)) {
fprintf(stderr, "Error reading tdbsam database %s\n", tdbsam_file);
SAFE_FREE(tdbsam_file);
return status;
}
SAFE_FREE(tdbsam_file);
for (i = 0; i < count; i++) {
printf("%d: %s\n", accounts[i].user_rid, accounts[i].username);
@ -68,6 +93,7 @@ int main(int argc, char **argv)
}
print_sam();
print_policy();
poptFreeContext(pc);

View File

@ -38,7 +38,9 @@ int32_t tdb_change_int32_atomic(TDB_CONTEXT *tdb, const char *keystr, int32_t *o
int tdb_lock_bystring(TDB_CONTEXT *tdb, const char *keyval);
void tdb_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval);
int32_t tdb_fetch_int32(TDB_CONTEXT *tdb, const char *keystr);
BOOL tdb_store_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t value);
int tdb_store_int32(TDB_CONTEXT *tdb, const char *keystr, int32_t v);
BOOL tdb_fetch_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t *value);
int tdb_traverse_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf,
void *state);
int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags);