Add 'net idmap restore'. This restores a broken idmap file

from the output of 'net idmap dump'.

'net idmap dump' now also prints the USER/GROUP HWM.

Volker

source/sam/idmap_tdb.c

@@ -117,6 +117,47 @@ static NTSTATUS db_allocate_id(unid_t *id, int id_type)
 	return NT_STATUS_OK;
 }
 
+/* Set the HWM if necessary */
+/* This is not transaction safe, but the tdb should be locked
+   in db_set_mapping anyway. */
+static NTSTATUS db_adjust_hwm(unid_t id, int id_type)
+{
+	int32 hwm;
+
+	switch (id_type & ID_TYPEMASK) {
+	case ID_USERID:
+		hwm = tdb_fetch_int32(idmap_tdb, HWM_USER);
+		if (hwm == -1)
+			return NT_STATUS_INTERNAL_DB_ERROR;
+
+		if ((id.uid < hwm) || (id.uid > idmap_state.uid_high))
+			return NT_STATUS_OK;
+
+		if (tdb_store_int32(idmap_tdb, HWM_USER, id.uid+1) != 0)
+			return NT_STATUS_UNSUCCESSFUL;
+
+		break;
+
+	case ID_GROUPID:
+		hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP);
+		if (hwm == -1)
+			return NT_STATUS_INTERNAL_DB_ERROR;
+
+		if ((id.gid < hwm) || (id.gid > idmap_state.gid_high))
+			return NT_STATUS_OK;
+
+		if (tdb_store_int32(idmap_tdb, HWM_GROUP, id.gid+1) != 0)
+			return NT_STATUS_UNSUCCESSFUL;
+
+		break;
+
+	default:
+		return NT_STATUS_INVALID_PARAMETER;
+	}
+
+	return NT_STATUS_OK;
+}
+
 /* Get a sid from an id */
 static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
 {
@@ -283,7 +324,7 @@ static NTSTATUS db_set_mapping(const DOM_SID *sid, unid_t id, int id_type)
 		DEBUG(0, ("idb_set_mapping: tdb_store 2 error: %s\n", tdb_errorstr(idmap_tdb)));
 		return NT_STATUS_UNSUCCESSFUL;
 	}
-	return NT_STATUS_OK;
+	return db_adjust_hwm(id, id_type);
 }
 
 /*****************************************************************************

source/utils/net.c

@@ -376,6 +376,16 @@ static int net_idmap_dump_one_entry(TDB_CONTEXT *tdb,
 				    TDB_DATA data,
 				    void *unused)
 {
+	if (strcmp(key.dptr, "USER HWM") == 0) {
+		printf("USER HWM %d\n", IVAL(data.dptr,0));
+		return 0;
+	}
+
+	if (strcmp(key.dptr, "GROUP HWM") == 0) {
+		printf("GROUP HWM %d\n", IVAL(data.dptr,0));
+		return 0;
+	}
+
 	if (strncmp(key.dptr, "S-", 2) != 0)
 		return 0;
 
@@ -407,6 +417,63 @@ static int net_idmap_dump(int argc, const char **argv)
 	return 0;
 }
 
+/***********************************************************
+ Write entries from stdin to current local idmap
+ **********************************************************/
+static int net_idmap_restore(int argc, const char **argv)
+{
+	if (!idmap_init()) {
+		d_printf("Could not init idmap\n");
+		return -1;
+	}
+
+	while (!feof(stdin)) {
+		fstring line, sid_string;
+		int len;
+		unid_t id;
+		int type = ID_EMPTY;
+		DOM_SID sid;
+
+		if (fgets(line, sizeof(line)-1, stdin) == NULL)
+			break;
+
+		len = strlen(line);
+
+		if ( (len > 0) && (line[len-1] == '\n') )
+			line[len-1] = '\0';
+
+		if (sscanf(line, "GID %d %s", &id.gid, sid_string) == 2) {
+			type = ID_GROUPID;
+		}
+
+		if (sscanf(line, "UID %d %s", &id.uid, sid_string) == 2) {
+			type = ID_USERID;
+		}
+
+		if (type == ID_EMPTY) {
+			d_printf("ignoring invalid line [%s]\n", line);
+			continue;
+		}
+
+		if (!string_to_sid(&sid, sid_string)) {
+			d_printf("ignoring invalid sid [%s]\n", sid_string);
+			continue;
+		}
+
+		if (!NT_STATUS_IS_OK(idmap_set_mapping(&sid, id, type))) {
+			d_printf("Could not set mapping of %s %d to sid %s\n",
+				 (type == ID_GROUPID) ? "GID" : "UID",
+				 (type == ID_GROUPID) ? id.gid : id.uid,
+				 sid_string_static(&sid));
+			continue;
+		}
+				 
+	}
+
+	idmap_close();
+	return 0;
+}
+
 /***********************************************************
  Look at the current idmap
  **********************************************************/
@@ -418,6 +485,9 @@ static int net_idmap(int argc, const char **argv)
 	if ( !StrCaseCmp( argv[0], "dump" ) )
 		return net_idmap_dump(argc-1, argv+1);
 
+	if ( !StrCaseCmp( argv[0], "restore" ) )
+		return net_idmap_restore(argc-1, argv+1);
+
 	return net_help_idmap( argc, argv );
 }
 

source/utils/net_help.c

@@ -123,6 +123,9 @@ int net_help_idmap(int argc, const char **argv)
 	d_printf("net idmap dump filename"\
 		 "\n  Dump current id mapping\n");
 
+	d_printf("net idmap restore"\
+		 "\n  Restore entries from stdin to current local idmap\n");
+
 	return -1;
 }