sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-23 09:57:40 +03:00
Code

r13460: by popular demand....

Browse Source 
* remove pdb_context data structure
* set default group for DOMAIN_RID_GUEST user as RID 513 (just
  like Windows)
* Allow RID 513 to resolve to always resolve to a name
* Remove auto mapping of guest account primary group given the
  previous 2 changes
(This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
This commit is contained in:
Gerald Carter 2006-02-11 21:27:08 +00:00 committed by Gerald (Jerry) Carter
parent 85160e654e
commit 75ef18fa75
14 changed files with 358 additions and 1522 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

54
source3/auth/auth_util.c
View File

@ -558,15 +558,13 @@ NTSTATUS make_server_info_sam(auth_serversupplied_info **server_info,
gid_t *gids;
auth_serversupplied_info *result;
pwd = getpwnam_alloc(NULL, pdb_get_username(sampass));
if ( pwd == NULL ) {
if ( !(pwd = getpwnam_alloc(NULL, pdb_get_username(sampass))) ) {
DEBUG(1, ("User %s in passdb, but getpwnam() fails!\n",
pdb_get_username(sampass)));
return NT_STATUS_NO_SUCH_USER;
}
result = make_server_info(NULL);
if (result == NULL) {
if ( !(result = make_server_info(NULL)) ) {
talloc_free(pwd);
return NT_STATUS_NO_MEMORY;
}
@ -1136,7 +1134,8 @@ NTSTATUS make_server_info_pw(auth_serversupplied_info **server_info,
Make (and fill) a user_info struct for a guest login.
This *must* succeed for smbd to start. If there is no mapping entry for
the guest gid, then create one.
***************************************************************************/
**********************
*****************************************************/
static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_info)
{
@ -1165,48 +1164,9 @@ static NTSTATUS make_new_server_info_guest(auth_serversupplied_info **server_inf
}
status = make_server_info_sam(server_info, sampass);
if (!NT_STATUS_IS_OK(status)) {
/* If there was no initial group mapping for the nobody user,
create one*/
if (NT_STATUS_EQUAL(status, NT_STATUS_NO_SUCH_USER)) {
GROUP_MAP map;
struct passwd *pwd = getpwnam_alloc(NULL, pdb_get_username(sampass));
if ( pwd == NULL ) {
DEBUG(1, ("No guest user %s!\n",
pdb_get_username(sampass)));
pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
map.gid = pwd->pw_gid;
sid_copy(&map.sid, get_global_sam_sid());
sid_append_rid(&map.sid, DOMAIN_GROUP_RID_GUESTS);
map.sid_name_use = SID_NAME_DOM_GRP;
fstrcpy(map.nt_name, "Domain Guests");
map.comment[0] = '\0';
if ( !NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map)) ) {
DEBUG(1, ("Could not update group database for guest user %s\n",
pdb_get_username(sampass) ));
talloc_free(pwd);
pdb_free_sam(&sampass);
return NT_STATUS_NO_SUCH_USER;
}
talloc_free(pwd);
/* And try again. */
status = make_server_info_sam(server_info, sampass);
}
if (!NT_STATUS_IS_OK(status)) {
pdb_free_sam(&sampass);
return status;
}
pdb_free_sam(&sampass);
return status;
}
(*server_info)->guest = True;
@ -1264,6 +1224,8 @@ BOOL init_guest_info(void)
{
if (guest_info != NULL)
return True;
return NT_STATUS_IS_OK(make_new_server_info_guest(&guest_info));
}

160
source3/include/passdb.h
View File

@ -249,158 +249,9 @@ struct pdb_search {
#define PASSDB_INTERFACE_VERSION 12
typedef struct pdb_context
{
struct pdb_methods *pdb_methods;
struct pdb_methods *pwent_methods;
/* These functions are wrappers for the functions listed above.
They may do extra things like re-reading a SAM_ACCOUNT on update */
NTSTATUS (*pdb_setsampwent)(struct pdb_context *, BOOL update, uint16 acb_mask);
void (*pdb_endsampwent)(struct pdb_context *);
NTSTATUS (*pdb_getsampwent)(struct pdb_context *, SAM_ACCOUNT *user);
NTSTATUS (*pdb_getsampwnam)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const char *username);
NTSTATUS (*pdb_getsampwsid)(struct pdb_context *, SAM_ACCOUNT *sam_acct, const DOM_SID *sid);
NTSTATUS (*pdb_add_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass);
NTSTATUS (*pdb_update_sam_account)(struct pdb_context *, SAM_ACCOUNT *sampass);
NTSTATUS (*pdb_delete_sam_account)(struct pdb_context *, SAM_ACCOUNT *username);
NTSTATUS (*pdb_rename_sam_account)(struct pdb_context *, SAM_ACCOUNT *oldname, const char *newname);
NTSTATUS (*pdb_update_login_attempts)(struct pdb_context *context, SAM_ACCOUNT *sam_acct, BOOL success);
NTSTATUS (*pdb_getgrsid)(struct pdb_context *context, GROUP_MAP *map, DOM_SID sid);
NTSTATUS (*pdb_getgrgid)(struct pdb_context *context, GROUP_MAP *map, gid_t gid);
NTSTATUS (*pdb_getgrnam)(struct pdb_context *context, GROUP_MAP *map, const char *name);
NTSTATUS (*pdb_add_group_mapping_entry)(struct pdb_context *context,
GROUP_MAP *map);
NTSTATUS (*pdb_update_group_mapping_entry)(struct pdb_context *context,
GROUP_MAP *map);
NTSTATUS (*pdb_delete_group_mapping_entry)(struct pdb_context *context,
DOM_SID sid);
NTSTATUS (*pdb_enum_group_mapping)(struct pdb_context *context,
enum SID_NAME_USE sid_name_use,
GROUP_MAP **pp_rmap, size_t *p_num_entries,
BOOL unix_only);
NTSTATUS (*pdb_enum_group_members)(struct pdb_context *context,
TALLOC_CTX *mem_ctx,
const DOM_SID *group,
uint32 **pp_member_rids,
size_t *p_num_members);
NTSTATUS (*pdb_enum_group_memberships)(struct pdb_context *context,
TALLOC_CTX *mem_ctx,
SAM_ACCOUNT *user,
DOM_SID **pp_sids,
gid_t **pp_gids,
size_t *p_num_groups);
NTSTATUS (*pdb_find_alias)(struct pdb_context *context,
const char *name, DOM_SID *sid);
NTSTATUS (*pdb_create_alias)(struct pdb_context *context,
const char *name, uint32 *rid);
NTSTATUS (*pdb_delete_alias)(struct pdb_context *context,
const DOM_SID *sid);
NTSTATUS (*pdb_get_aliasinfo)(struct pdb_context *context,
const DOM_SID *sid,
struct acct_info *info);
NTSTATUS (*pdb_set_aliasinfo)(struct pdb_context *context,
const DOM_SID *sid,
struct acct_info *info);
NTSTATUS (*pdb_add_aliasmem)(struct pdb_context *context,
const DOM_SID *alias,
const DOM_SID *member);
NTSTATUS (*pdb_del_aliasmem)(struct pdb_context *context,
const DOM_SID *alias,
const DOM_SID *member);
NTSTATUS (*pdb_enum_aliasmem)(struct pdb_context *context,
const DOM_SID *alias,
DOM_SID **pp_members, size_t *p_num_members);
NTSTATUS (*pdb_enum_alias_memberships)(struct pdb_context *context,
TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
const DOM_SID *members,
size_t num_members,
uint32 **pp_alias_rids,
size_t *p_num_alias_rids);
NTSTATUS (*pdb_lookup_rids)(struct pdb_context *context,
const DOM_SID *domain_sid,
size_t num_rids,
uint32 *rids,
const char **pp_names,
uint32 *attrs);
NTSTATUS (*pdb_lookup_names)(struct pdb_context *context,
const DOM_SID *domain_sid,
size_t num_names,
const char **names,
uint32 *rids,
uint32 *attrs);
NTSTATUS (*pdb_get_account_policy)(struct pdb_context *context,
int policy_index, uint32 *value);
NTSTATUS (*pdb_set_account_policy)(struct pdb_context *context,
int policy_index, uint32 value);
NTSTATUS (*pdb_get_seq_num)(struct pdb_context *context, time_t *seq_num);
BOOL (*pdb_search_users)(struct pdb_context *context,
struct pdb_search *search,
uint16 acct_flags);
BOOL (*pdb_search_groups)(struct pdb_context *context,
struct pdb_search *search);
BOOL (*pdb_search_aliases)(struct pdb_context *context,
struct pdb_search *search,
const DOM_SID *sid);
BOOL (*pdb_uid_to_rid)(struct pdb_context *context,
uid_t uid, uint32 *rid);
BOOL (*pdb_gid_to_sid)(struct pdb_context *context,
uid_t gid, DOM_SID *sid);
BOOL (*pdb_sid_to_id)(struct pdb_context *context, const DOM_SID *sid,
union unid_t *id, enum SID_NAME_USE *type);
BOOL (*pdb_rid_algorithm)(struct pdb_context *context);
BOOL (*pdb_new_rid)(struct pdb_context *context, uint32 *rid);
void (*free_fn)(struct pdb_context **);
TALLOC_CTX *mem_ctx;
} PDB_CONTEXT;
typedef struct pdb_methods
struct pdb_methods
{
const char *name; /* What name got this module */
struct pdb_context *parent;
/* Use macros from dlinklist.h on these two */
struct pdb_methods *next;
struct pdb_methods *prev;
NTSTATUS (*setsampwent)(struct pdb_methods *, BOOL update, uint16 acb_mask);
@ -530,17 +381,16 @@ typedef struct pdb_methods
void *private_data; /* Private data of some kind */
void (*free_private_data)(void **);
};
} PDB_METHODS;
typedef NTSTATUS (*pdb_init_function)(struct pdb_context *,
struct pdb_methods **,
const char *);
typedef NTSTATUS (*pdb_init_function)(struct pdb_methods **, const char *);
struct pdb_init_function_entry {
const char *name;
/* Function to create a member of the pdb_methods list */
pdb_init_function init;
struct pdb_init_function_entry *prev, *next;
};

9
source3/include/smbldap.h
View File

@ -195,17 +195,13 @@ struct ldapsam_privates {
};
/* Functions shared between pdb_ldap.c and pdb_nds.c. */
NTSTATUS pdb_init_ldapsam_compat(PDB_CONTEXT *pdb_context,
PDB_METHODS **pdb_method,
const char *location);
NTSTATUS pdb_init_ldapsam_compat( struct pdb_methods **pdb_method, const char *location);
void private_data_free_fn(void **result);
int ldapsam_search_suffix_by_name(struct ldapsam_privates *ldap_state,
const char *user,
LDAPMessage ** result,
const char **attr);
NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context,
PDB_METHODS **pdb_method,
const char *location);
NTSTATUS pdb_init_ldapsam( struct pdb_methods **pdb_method, const char *location);
const char** get_userattr_list( TALLOC_CTX *mem_ctx, int schema_ver );
char * smbldap_talloc_single_attribute(LDAP *ldap_struct, LDAPMessage *entry,
@ -217,7 +213,6 @@ const char *smbldap_talloc_dn(TALLOC_CTX *mem_ctx, LDAP *ld,
LDAPMessage *entry);
#endif /* HAVE_LDAP */
#define LDAP_CONNECT_DEFAULT_TIMEOUT 15

27
source3/lib/system_smbd.c
View File

@ -209,9 +209,30 @@ NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
size_t i;
gid_t gid;
if (!sid_to_gid(pdb_get_group_sid(user), &gid)) {
DEBUG(10, ("sid_to_gid failed\n"));
return NT_STATUS_NO_SUCH_USER;
if ( !sid_to_gid(pdb_get_group_sid(user), &gid) )
{
uint32 rid;
struct passwd *pwd;
/* second try, allow the DOMAIN_USERS group to pass */
if ( !sid_peek_check_rid( get_global_sam_sid(), pdb_get_group_sid(user), &rid ) )
return NT_STATUS_NO_SUCH_USER;
if ( rid != DOMAIN_GROUP_RID_USERS ) {
DEBUG(10, ("sid_to_gid failed\n"));
return NT_STATUS_NO_SUCH_USER;
}
DEBUG(5,("pdb_default_enum_group_memberships: sid_to_gid() failed but giving "
"free pass to 'Domain Users' as primary group\n"));
if ( !(pwd = getpwnam_alloc( NULL, pdb_get_username(user) ) ) )
return NT_STATUS_NO_SUCH_USER;
gid = pwd->pw_gid;
TALLOC_FREE( pwd );
}
if (!getgroups_unix_user(mem_ctx, pdb_get_username(user), gid,

11
source3/param/loadparm.c
View File

@ -124,7 +124,7 @@ typedef struct {
char *szConfigFile;
char *szSMBPasswdFile;
char *szPrivateDir;
char **szPassdbBackend;
char *szPassdbBackend;
char **szPreloadModules;
char *szPasswordServer;
char *szSocketOptions;
@ -861,7 +861,7 @@ static struct parm_struct parm_table[] = {
{"password server", P_STRING, P_GLOBAL, &Globals.szPasswordServer, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD},
{"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED},
{"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED},
{"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD},
{"passdb backend", P_STRING, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_WIZARD},
{"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.AlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED},
{"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED},
{"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_HIDE},
@ -1560,13 +1560,12 @@ static void init_globals(BOOL first_time_only)
a large number of sites (tridge) */
Globals.bHostnameLookups = False;
str_list_free(&Globals.szPassdbBackend);
#ifdef WITH_LDAP_SAMCONFIG
string_set(&Globals.szLdapServer, "localhost");
Globals.ldap_port = 636;
Globals.szPassdbBackend = str_list_make("ldapsam_compat", NULL);
string_set(&Globals.szPassdbBackend, "ldapsam_compat");
#else
Globals.szPassdbBackend = str_list_make("smbpasswd", NULL);
string_set(&Globals.szPassdbBackend, "smbpasswd");
#endif /* WITH_LDAP_SAMCONFIG */
string_set(&Globals.szLdapSuffix, "");
string_set(&Globals.szLdapMachineSuffix, "");
@ -1807,7 +1806,7 @@ FN_GLOBAL_STRING(lp_socket_address, &Globals.szSocketAddress)
FN_GLOBAL_STRING(lp_nis_home_map_name, &Globals.szNISHomeMapName)
static FN_GLOBAL_STRING(lp_announce_version, &Globals.szAnnounceVersion)
FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases)
FN_GLOBAL_LIST(lp_passdb_backend, &Globals.szPassdbBackend)
FN_GLOBAL_STRING(lp_passdb_backend, &Globals.szPassdbBackend)
FN_GLOBAL_LIST(lp_preload_modules, &Globals.szPreloadModules)
FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction)
FN_GLOBAL_STRING(lp_adduser_script, &Globals.szAddUserScript)

6
source3/passdb/passdb.c
View File

@ -206,7 +206,11 @@ static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd
if (!pdb_set_user_sid_from_rid(account_data, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) {
return NT_STATUS_UNSUCCESSFUL;
}
if (!pdb_set_group_sid_from_rid(account_data, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT)) {
/* by default the guest account is a member of of the domain users group
as well as the domain guests group. Verified against Windows NT - 2003 */
if (!pdb_set_group_sid_from_rid(account_data, DOMAIN_GROUP_RID_USERS, PDB_DEFAULT)) {
return NT_STATUS_UNSUCCESSFUL;
}
return NT_STATUS_OK;

11
source3/passdb/pdb_guest.c
View File

@ -114,7 +114,7 @@ static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_AC
/* apparently thr build farm relies upon this heavior :-( */
return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
return methods->add_sam_account(methods, newpwd);
#else
/* I don't think we should allow any modification of
the guest account as SID will could messed up with
@ -124,16 +124,11 @@ static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_AC
#endif
}
NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
NTSTATUS pdb_init_guestsam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
if (!pdb_context) {
DEBUG(0, ("invalid pdb_context specified\n"));
return NT_STATUS_UNSUCCESSFUL;
}
if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
return nt_status;
}

1321
source3/passdb/pdb_interface.c
View File

File diff suppressed because it is too large Load Diff

47
source3/passdb/pdb_ldap.c
View File

@ -4632,17 +4632,17 @@ static void free_private_data(void **vp)
/* No need to free any further, as it is talloc()ed */
}
/**********************************************************************
Intitalise the parts of the pdb_context that are common to all pdb_ldap modes
*********************************************************************/
/*********************************************************************
Intitalise the parts of the pdb_methods structure that are common to
all pdb_ldap modes
*********************************************************************/
static NTSTATUS pdb_init_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method,
const char *location)
static NTSTATUS pdb_init_ldapsam_common(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
return nt_status;
}
@ -4676,18 +4676,18 @@ static NTSTATUS pdb_init_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHODS **
/* TODO: Setup private data and free */
ldap_state = TALLOC_ZERO_P(pdb_context->mem_ctx, struct ldapsam_privates);
if (!ldap_state) {
if ( !(ldap_state = TALLOC_ZERO_P(*pdb_method, struct ldapsam_privates)) ) {
DEBUG(0, ("pdb_init_ldapsam_common: talloc() failed for ldapsam private_data!\n"));
return NT_STATUS_NO_MEMORY;
}
if (!NT_STATUS_IS_OK(nt_status =
smbldap_init(pdb_context->mem_ctx, location,
&ldap_state->smbldap_state)));
nt_status = smbldap_init(*pdb_method, location, &ldap_state->smbldap_state);
ldap_state->domain_name = talloc_strdup(pdb_context->mem_ctx, get_global_sam_name());
if (!ldap_state->domain_name) {
if ( !NT_STATUS_IS_OK(nt_status) ) {
return nt_status;
}
if ( !(ldap_state->domain_name = talloc_strdup(*pdb_method, get_global_sam_name()) ) ) {
return NT_STATUS_NO_MEMORY;
}
@ -4702,13 +4702,14 @@ static NTSTATUS pdb_init_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHODS **
Initialise the 'compat' mode for pdb_ldap
*********************************************************************/
NTSTATUS pdb_init_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
NTSTATUS pdb_init_ldapsam_compat(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
char *uri = talloc_strdup( NULL, location );
#ifdef WITH_LDAP_SAMCONFIG
if (!location) {
if (!uri) {
int ldap_port = lp_ldap_port();
/* remap default port if not using SSL (ie clear or TLS) */
@ -4716,17 +4717,23 @@ NTSTATUS pdb_init_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_met
ldap_port = 389;
}
location = talloc_asprintf(pdb_context->mem_ctx, "%s://%s:%d", lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", lp_ldap_server(), ldap_port);
if (!location) {
uri = talloc_asprintf(NULL, "%s://%s:%d", lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", lp_ldap_server(), ldap_port);
if (!uri) {
return NT_STATUS_NO_MEMORY;
}
location = uri;
}
#endif
if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location))) {
if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam_common( pdb_method, uri ))) {
return nt_status;
}
/* the module itself stores a copy of the location so throw this one away */
if ( uri )
TALLOC_FREE( uri );
(*pdb_method)->name = "ldapsam_compat";
ldap_state = (*pdb_method)->private_data;
@ -4741,7 +4748,7 @@ NTSTATUS pdb_init_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_met
Initialise the normal mode for pdb_ldap
*********************************************************************/
NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
NTSTATUS pdb_init_ldapsam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct ldapsam_privates *ldap_state;
@ -4754,7 +4761,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
pstring domain_sid_string;
char *dn;
nt_status = pdb_init_ldapsam_common(pdb_context, pdb_method, location);
nt_status = pdb_init_ldapsam_common(pdb_method, location);
if (!NT_STATUS_IS_OK(nt_status)) {
return nt_status;
}

17
source3/passdb/pdb_nds.c
View File

@ -848,10 +848,11 @@ static NTSTATUS pdb_nds_update_login_attempts(struct pdb_methods *methods,
}
/**********************************************************************
Intitalise the parts of the pdb_context that are common to NDS_ldapsam modes
Intitalise the parts of the pdb_methods structuire that are common
to NDS_ldapsam modes
*********************************************************************/
static NTSTATUS pdb_init_NDS_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
static NTSTATUS pdb_init_NDS_ldapsam_common(struct pdb_methods **pdb_method, const char *location)
{
struct ldapsam_privates *ldap_state = (*pdb_method)->private_data;
@ -872,13 +873,13 @@ static NTSTATUS pdb_init_NDS_ldapsam_common(PDB_CONTEXT *pdb_context, PDB_METHOD
Initialise the 'nds compat' mode for pdb_ldap
*********************************************************************/
static NTSTATUS pdb_init_NDS_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
static NTSTATUS pdb_init_NDS_ldapsam_compat(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status = pdb_init_ldapsam_compat(pdb_context, pdb_method, location);
NTSTATUS nt_status = pdb_init_ldapsam_compat(pdb_method, location);
(*pdb_method)->name = "NDS_ldapsam_compat";
pdb_init_NDS_ldapsam_common(pdb_context, pdb_method, location);
pdb_init_NDS_ldapsam_common(pdb_method, location);
return nt_status;
}
@ -888,13 +889,13 @@ static NTSTATUS pdb_init_NDS_ldapsam_compat(PDB_CONTEXT *pdb_context, PDB_METHOD
Initialise the 'nds' normal mode for pdb_ldap
*********************************************************************/
static NTSTATUS pdb_init_NDS_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
static NTSTATUS pdb_init_NDS_ldapsam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status = pdb_init_ldapsam(pdb_context, pdb_method, location);
NTSTATUS nt_status = pdb_init_ldapsam(pdb_method, location);
(*pdb_method)->name = "NDS_ldapsam";
pdb_init_NDS_ldapsam_common(pdb_context, pdb_method, location);
pdb_init_NDS_ldapsam_common(pdb_method, location);
return nt_status;
}

4
source3/passdb/pdb_plugin.c
View File

@ -24,7 +24,7 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_PASSDB
NTSTATUS pdb_init_plugin(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
NTSTATUS pdb_init_plugin(struct pdb_methods **pdb_method, const char *location)
{
void * dl_handle;
char *plugin_location, *plugin_name, *p;
@ -76,5 +76,5 @@ NTSTATUS pdb_init_plugin(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, con
}
DEBUG(5, ("Starting sam plugin %s with location %s\n", plugin_name, plugin_location));
return plugin_init(pdb_context, pdb_method, plugin_location);
return plugin_init(pdb_method, plugin_location);
}

12
source3/passdb/pdb_smbpasswd.c
View File

@ -1540,12 +1540,12 @@ static void free_private_data(void **vp)
/* No need to free any further, as it is talloc()ed */
}
static NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
static NTSTATUS pdb_init_smbpasswd( struct pdb_methods **pdb_method, const char *location )
{
NTSTATUS nt_status;
struct smbpasswd_privates *privates;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
if ( !NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method )) ) {
return nt_status;
}
@ -1565,9 +1565,7 @@ static NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_m
/* Setup private data and free function */
privates = TALLOC_ZERO_P(pdb_context->mem_ctx, struct smbpasswd_privates);
if (!privates) {
if ( !(privates = TALLOC_ZERO_P( *pdb_method, struct smbpasswd_privates )) ) {
DEBUG(0, ("talloc() failed for smbpasswd private_data!\n"));
return NT_STATUS_NO_MEMORY;
}
@ -1575,9 +1573,9 @@ static NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_m
/* Store some config details */
if (location) {
privates->smbpasswd_file = talloc_strdup(pdb_context->mem_ctx, location);
privates->smbpasswd_file = talloc_strdup(*pdb_method, location);
} else {
privates->smbpasswd_file = talloc_strdup(pdb_context->mem_ctx, lp_smb_passwd_file());
privates->smbpasswd_file = talloc_strdup(*pdb_method, lp_smb_passwd_file());
}
if (!privates->smbpasswd_file) {

16
source3/passdb/pdb_tdb.c
View File

@ -965,25 +965,21 @@ static void free_private_data(void **vp)
/* No need to free any further, as it is talloc()ed */
}
/**
* Init tdbsam backend
*
* @param pdb_context initialised passdb context
* @param pdb_method backend methods structure to be filled with function pointers
* @param location the backend tdb file location
*
* @return nt_status code
**/
static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
static NTSTATUS pdb_init_tdbsam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS nt_status;
struct tdbsam_privates *tdb_state;
if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
if (!NT_STATUS_IS_OK(nt_status = make_pdb_method( pdb_method ))) {
return nt_status;
}
@ -1002,21 +998,19 @@ static NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_meth
(*pdb_method)->rid_algorithm = tdbsam_rid_algorithm;
(*pdb_method)->new_rid = tdbsam_new_rid;
tdb_state = TALLOC_ZERO_P(pdb_context->mem_ctx, struct tdbsam_privates);
if (!tdb_state) {
if ( !(tdb_state = TALLOC_ZERO_P( *pdb_method, struct tdbsam_privates)) ) {
DEBUG(0, ("talloc() failed for tdbsam private_data!\n"));
return NT_STATUS_NO_MEMORY;
}
if (location) {
tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, location);
tdb_state->tdbsam_location = talloc_strdup(*pdb_method, location);
} else {
pstring tdbfile;
get_private_directory(tdbfile);
pstrcat(tdbfile, "/");
pstrcat(tdbfile, PASSDB_FILE_NAME);
tdb_state->tdbsam_location = talloc_strdup(pdb_context->mem_ctx, tdbfile);
tdb_state->tdbsam_location = talloc_strdup(*pdb_method, tdbfile);
}
(*pdb_method)->private_data = tdb_state;

185
source3/utils/pdbedit.c
View File

@ -54,70 +54,6 @@
#define MASK_ALWAYS_GOOD 0x0000001F
#define MASK_USER_GOOD 0x00405FE0
/*********************************************************
Add all currently available users to another db
********************************************************/
static int export_database (struct pdb_context *in, struct pdb_context
*out, const char *username) {
SAM_ACCOUNT *user = NULL;
DEBUG(3, ("called with username=\"%s\"\n", username));
if (NT_STATUS_IS_ERR(in->pdb_setsampwent(in, 0, 0))) {
fprintf(stderr, "Can't sampwent!\n");
return 1;
}
if (!NT_STATUS_IS_OK(pdb_init_sam(&user))) {
fprintf(stderr, "Can't initialize new SAM_ACCOUNT!\n");
return 1;
}
while (NT_STATUS_IS_OK(in->pdb_getsampwent(in, user))) {
DEBUG(4, ("Processing account %s\n",
user->private_u.username));
if (!username ||
(strcmp(username, user->private_u.username)
== 0)) {
out->pdb_add_sam_account(out, user);
if (!NT_STATUS_IS_OK(pdb_reset_sam(user))) {
fprintf(stderr,
"Can't reset SAM_ACCOUNT!\n");
return 1;
}
}
}
in->pdb_endsampwent(in);
return 0;
}
/*********************************************************
Add all currently available group mappings to another db
********************************************************/
static int export_groups (struct pdb_context *in, struct pdb_context *out) {
GROUP_MAP *maps = NULL;
size_t i, entries = 0;
if (NT_STATUS_IS_ERR(in->pdb_enum_group_mapping(in, SID_NAME_UNKNOWN,
&maps, &entries,
False))) {
fprintf(stderr, "Can't get group mappings!\n");
return 1;
}
for (i=0; i<entries; i++) {
out->pdb_add_group_mapping_entry(out, &(maps[i]));
}
SAFE_FREE(maps);
return 0;
}
/*********************************************************
Reset account policies to their default values and remove marker
********************************************************/
@ -146,38 +82,6 @@ static int reinit_account_policies (void)
return 0;
}
/*********************************************************
Add all currently available account policy from tdb to one backend
********************************************************/
static int export_account_policies (struct pdb_context *in, struct pdb_context *out)
{
int i;
if (!account_policy_migrated(True)) {
fprintf(stderr, "Can't set account policy marker in tdb\n");
return -1;
}
for (i=1; decode_account_policy_name(i) != NULL; i++) {
uint32 policy_value;
if (NT_STATUS_IS_ERR(in->pdb_get_account_policy(in, i, &policy_value))) {
fprintf(stderr, "Can't get account policy from tdb\n");
remove_account_policy_migrated();
return -1;
}
if (NT_STATUS_IS_ERR(out->pdb_set_account_policy(out, i, policy_value))) {
fprintf(stderr, "Can't set account policy in passdb\n");
remove_account_policy_migrated();
return -1;
}
}
return 0;
}
/*********************************************************
Print info from sam structure
**********************************************************/
@ -266,7 +170,7 @@ static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdst
Get an Print User Info
**********************************************************/
static int print_user_info (struct pdb_context *in, const char *username, BOOL verbosity, BOOL smbpwdstyle)
static int print_user_info (struct pdb_methods *in, const char *username, BOOL verbosity, BOOL smbpwdstyle)
{
SAM_ACCOUNT *sam_pwent=NULL;
BOOL ret;
@ -275,7 +179,7 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v
return -1;
}
ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username));
ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username));
if (ret==False) {
fprintf (stderr, "Username not found!\n");
@ -292,12 +196,12 @@ static int print_user_info (struct pdb_context *in, const char *username, BOOL v
/*********************************************************
List Users
**********************************************************/
static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwdstyle)
static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwdstyle)
{
SAM_ACCOUNT *sam_pwent=NULL;
BOOL check;
check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0));
check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0));
if (!check) {
return 1;
}
@ -305,7 +209,7 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd
check = True;
if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1;
while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) {
while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) {
if (verbosity)
printf ("---------------\n");
print_sam_info (sam_pwent, verbosity, smbpwdstyle);
@ -314,19 +218,19 @@ static int print_users_list (struct pdb_context *in, BOOL verbosity, BOOL smbpwd
}
if (check) pdb_free_sam(&sam_pwent);
in->pdb_endsampwent(in);
in->endsampwent(in);
return 0;
}
/*********************************************************
Fix a list of Users for uninitialised passwords
**********************************************************/
static int fix_users_list (struct pdb_context *in)
static int fix_users_list (struct pdb_methods *in)
{
SAM_ACCOUNT *sam_pwent=NULL;
BOOL check;
check = NT_STATUS_IS_OK(in->pdb_setsampwent(in, False, 0));
check = NT_STATUS_IS_OK(in->setsampwent(in, False, 0));
if (!check) {
return 1;
}
@ -334,7 +238,7 @@ static int fix_users_list (struct pdb_context *in)
check = True;
if (!(NT_STATUS_IS_OK(pdb_init_sam(&sam_pwent)))) return 1;
while (check && NT_STATUS_IS_OK(in->pdb_getsampwent (in, sam_pwent))) {
while (check && NT_STATUS_IS_OK(in->getsampwent (in, sam_pwent))) {
printf("Updating record for user %s\n", pdb_get_username(sam_pwent));
if (!NT_STATUS_IS_OK(pdb_update_sam_account(sam_pwent))) {
@ -349,7 +253,7 @@ static int fix_users_list (struct pdb_context *in)
}
if (check) pdb_free_sam(&sam_pwent);
in->pdb_endsampwent(in);
in->endsampwent(in);
return 0;
}
@ -357,7 +261,7 @@ static int fix_users_list (struct pdb_context *in)
Set User Info
**********************************************************/
static int set_user_info (struct pdb_context *in, const char *username,
static int set_user_info (struct pdb_methods *in, const char *username,
const char *fullname, const char *homedir,
const char *acct_desc,
const char *drive, const char *script,
@ -373,7 +277,7 @@ static int set_user_info (struct pdb_context *in, const char *username,
pdb_init_sam(&sam_pwent);
ret = NT_STATUS_IS_OK(in->pdb_getsampwnam (in, sam_pwent, username));
ret = NT_STATUS_IS_OK(in->getsampwnam (in, sam_pwent, username));
if (ret==False) {
fprintf (stderr, "Username not found!\n");
pdb_free_sam(&sam_pwent);
@ -473,7 +377,7 @@ static int set_user_info (struct pdb_context *in, const char *username,
pdb_set_bad_password_time(sam_pwent, 0, PDB_CHANGED);
}
if (NT_STATUS_IS_OK(in->pdb_update_sam_account (in, sam_pwent)))
if (NT_STATUS_IS_OK(in->update_sam_account (in, sam_pwent)))
print_user_info (in, username, True, False);
else {
fprintf (stderr, "Unable to modify entry!\n");
@ -487,7 +391,7 @@ static int set_user_info (struct pdb_context *in, const char *username,
/*********************************************************
Add New User
**********************************************************/
static int new_user (struct pdb_context *in, const char *username,
static int new_user (struct pdb_methods *in, const char *username,
const char *fullname, const char *homedir,
const char *drive, const char *script,
const char *profile, char *user_sid, char *group_sid)
@ -568,7 +472,7 @@ static int new_user (struct pdb_context *in, const char *username,
pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL, PDB_CHANGED);
if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) {
if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) {
print_user_info (in, username, True, False);
} else {
fprintf (stderr, "Unable to add user! (does it already exist?)\n");
@ -583,7 +487,7 @@ static int new_user (struct pdb_context *in, const char *username,
Add New Machine
**********************************************************/
static int new_machine (struct pdb_context *in, const char *machine_in)
static int new_machine (struct pdb_methods *in, const char *machine_in)
{
SAM_ACCOUNT *sam_pwent=NULL;
fstring machinename;
@ -625,7 +529,7 @@ static int new_machine (struct pdb_context *in, const char *machine_in)
pdb_set_group_sid_from_rid(sam_pwent, DOMAIN_GROUP_RID_COMPUTERS, PDB_CHANGED);
if (NT_STATUS_IS_OK(in->pdb_add_sam_account (in, sam_pwent))) {
if (NT_STATUS_IS_OK(in->add_sam_account (in, sam_pwent))) {
print_user_info (in, machineaccount, True, False);
} else {
fprintf (stderr, "Unable to add machine! (does it already exist?)\n");
@ -640,7 +544,7 @@ static int new_machine (struct pdb_context *in, const char *machine_in)
Delete user entry
**********************************************************/
static int delete_user_entry (struct pdb_context *in, const char *username)
static int delete_user_entry (struct pdb_methods *in, const char *username)
{
SAM_ACCOUNT *samaccount = NULL;
@ -648,12 +552,12 @@ static int delete_user_entry (struct pdb_context *in, const char *username)
return -1;
}
if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, username))) {
if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, username))) {
fprintf (stderr, "user %s does not exist in the passdb\n", username);
return -1;
}
if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) {
if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) {
fprintf (stderr, "Unable to delete user %s\n", username);
return -1;
}
@ -664,7 +568,7 @@ static int delete_user_entry (struct pdb_context *in, const char *username)
Delete machine entry
**********************************************************/
static int delete_machine_entry (struct pdb_context *in, const char *machinename)
static int delete_machine_entry (struct pdb_methods *in, const char *machinename)
{
fstring name;
SAM_ACCOUNT *samaccount = NULL;
@ -678,12 +582,12 @@ static int delete_machine_entry (struct pdb_context *in, const char *machinename
return -1;
}
if (!NT_STATUS_IS_OK(in->pdb_getsampwnam(in, samaccount, name))) {
if (!NT_STATUS_IS_OK(in->getsampwnam(in, samaccount, name))) {
fprintf (stderr, "machine %s does not exist in the passdb\n", name);
return -1;
}
if (!NT_STATUS_IS_OK(in->pdb_delete_sam_account (in, samaccount))) {
if (!NT_STATUS_IS_OK(in->delete_sam_account (in, samaccount))) {
fprintf (stderr, "Unable to delete machine %s\n", name);
return -1;
}
@ -733,9 +637,7 @@ int main (int argc, char **argv)
static char *pwd_must_change_time = NULL;
static char *pwd_time_format = NULL;
struct pdb_context *bin;
struct pdb_context *bout;
struct pdb_context *bdef;
struct pdb_methods *bdef = NULL;
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
@ -835,12 +737,12 @@ int main (int argc, char **argv)
(pwd_must_change_time ? BIT_MUST_CHANGE: 0);
if (setparms & BIT_BACKEND) {
if (!NT_STATUS_IS_OK(make_pdb_context_string(&bdef, backend))) {
if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) {
fprintf(stderr, "Can't initialize passdb backend.\n");
return 1;
}
} else {
if (!NT_STATUS_IS_OK(make_pdb_context_list(&bdef, lp_passdb_backend()))) {
if (!NT_STATUS_IS_OK(make_pdb_method_name(&bdef, lp_passdb_backend()))) {
fprintf(stderr, "Can't initialize passdb backend.\n");
return 1;
}
@ -894,41 +796,6 @@ int main (int argc, char **argv)
exit(0);
}
/* import and export operations */
if (((checkparms & BIT_IMPORT) || (checkparms & BIT_EXPORT))
&& !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER))) {
if (backend_in) {
if (!NT_STATUS_IS_OK(make_pdb_context_string(&bin, backend_in))) {
fprintf(stderr, "Can't initialize passdb backend.\n");
return 1;
}
} else {
bin = bdef;
}
if (backend_out) {
if (!NT_STATUS_IS_OK(make_pdb_context_string(&bout, backend_out))) {
fprintf(stderr, "Can't initialize %s.\n", backend_out);
return 1;
}
} else {
bout = bdef;
}
if (transfer_account_policies) {
if (!(checkparms & BIT_USER))
return export_account_policies(bin, bout);
} else if (transfer_groups) {
if (!(checkparms & BIT_USER))
return export_groups(bin, bout);
} else {
if (checkparms & BIT_USER)
return export_database(bin, bout,
user_name);
else
return export_database(bin, bout,
NULL);
}
}
/* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */
/* fake up BIT_LIST if only BIT_USER is defined */
if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) {