1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-24 21:34:56 +03:00

Introduce a new passdb backend: pdb_onefs_sam

Implements a custom backend for onefs that exclusively uses the wbclient
interface for all passdb calls.
It lacks some features of a standard passdb.
In particular it's a read only interface and doesn't implement privileges.
This commit is contained in:
Dan Sledz 2009-02-13 12:28:57 -08:00 committed by Steven Danneman
parent c383022f89
commit fc02c3b089
3 changed files with 439 additions and 1 deletions

View File

@ -2364,6 +2364,10 @@ bin/tdbsam.@SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_tdb.o
@echo "Building plugin $@"
@$(SHLD_MODULE) passdb/pdb_tdb.o
bin/onefs_sam.@SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_onefs_sam.o
@echo "Building plugin $@"
@$(SHLD_MODULE) passdb/pdb_onefs_sam.o
bin/smbpasswd.@SHLIBEXT@: $(BINARY_PREREQS) passdb/pdb_smbpasswd.o
@echo "Building plugin $@"
@$(SHLD_MODULE) passdb/pdb_smbpasswd.o

View File

@ -1104,7 +1104,7 @@ echo $samba_cv_HAVE_ONEFS
if test x"$samba_cv_HAVE_ONEFS" = x"yes"; then
AC_DEFINE(HAVE_ONEFS,1,[Whether building on Isilon OneFS])
default_shared_modules="$default_shared_modules vfs_onefs vfs_onefs_shadow_copy perfcount_onefs"
default_static_modules="$default_static_modules auth_onefs_wb"
default_static_modules="$default_static_modules auth_onefs_wb pdb_onefs_sam"
ONEFS_LIBS="-lisi_acl -lisi_ecs -lisi_event -lisi_util"
# Need to also add general libs for oplocks support
save_LIBS="$save_LIBS -lisi_ecs -lisi_event -lisi_util -ldevstat"
@ -6146,6 +6146,7 @@ SMB_MODULE(pdb_ldap, passdb/pdb_ldap.o passdb/pdb_nds.o, "bin/ldapsam.$SHLIBEXT"
[ PASSDB_LIBS="$PASSDB_LIBS $LDAP_LIBS" ] )
SMB_MODULE(pdb_smbpasswd, passdb/pdb_smbpasswd.o, "bin/smbpasswd.$SHLIBEXT", PDB)
SMB_MODULE(pdb_tdbsam, passdb/pdb_tdb.o, "bin/tdbsam.$SHLIBEXT", PDB)
SMB_MODULE(pdb_onefs_sam, passdb/pdb_onefs_sam.o, "bin/onefs_sam.$SHLIBEXT", PDB)
SMB_SUBSYSTEM(PDB,passdb/pdb_interface.o)

View File

@ -0,0 +1,433 @@
/*
Unix SMB/CIFS implementation.
Password and authentication handling for wbclient
Copyright (C) Andrew Bartlett 2002
Copyright (C) Jelmer Vernooij 2002
Copyright (C) Simo Sorce 2003
Copyright (C) Volker Lendecke 2006
Copyright (C) Dan Sledz 2009
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 3 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
#include "includes.h"
/***************************************************************************
Default implementations of some functions.
****************************************************************************/
static NTSTATUS _pdb_onefs_sam_getsampw(struct pdb_methods *methods,
struct samu *user,
const struct passwd *pwd)
{
NTSTATUS result = NT_STATUS_OK;
if (pwd == NULL)
return NT_STATUS_NO_SUCH_USER;
memset(user, 0, sizeof(user));
/* Can we really get away with this little of information */
user->methods = methods;
result = samu_set_unix(user, pwd);
return result;
}
static NTSTATUS pdb_onefs_sam_getsampwnam(struct pdb_methods *methods, struct samu *user, const char *sname)
{
return _pdb_onefs_sam_getsampw(methods, user, winbind_getpwnam(sname));
}
static NTSTATUS pdb_onefs_sam_getsampwsid(struct pdb_methods *methods, struct samu *user, const DOM_SID *sid)
{
return _pdb_onefs_sam_getsampw(methods, user, winbind_getpwsid(sid));
}
static bool pdb_onefs_sam_uid_to_sid(struct pdb_methods *methods, uid_t uid,
DOM_SID *sid)
{
return winbind_uid_to_sid(sid, uid);
}
static bool pdb_onefs_sam_gid_to_sid(struct pdb_methods *methods, gid_t gid,
DOM_SID *sid)
{
return winbind_gid_to_sid(sid, gid);
}
static bool pdb_onefs_sam_sid_to_id(struct pdb_methods *methods,
const DOM_SID *sid,
union unid_t *id, enum lsa_SidType *type)
{
if (winbind_sid_to_uid(&id->uid, sid)) {
*type = SID_NAME_USER;
} else if (winbind_sid_to_gid(&id->gid, sid)) {
/* We assume all gids are groups, not aliases */
*type = SID_NAME_DOM_GRP;
} else {
return false;
}
return true;
}
static NTSTATUS pdb_onefs_sam_enum_group_members(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
const DOM_SID *group,
uint32 **pp_member_rids,
size_t *p_num_members)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS pdb_onefs_sam_enum_group_memberships(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
struct samu *user,
DOM_SID **pp_sids,
gid_t **pp_gids,
size_t *p_num_groups)
{
size_t i;
const char *username = pdb_get_username(user);
if (!winbind_get_groups(mem_ctx, username, p_num_groups, pp_gids)) {
return NT_STATUS_NO_SUCH_USER;
}
if (*p_num_groups == 0) {
smb_panic("primary group missing");
}
*pp_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *p_num_groups);
if (*pp_sids == NULL) {
TALLOC_FREE(*pp_gids);
return NT_STATUS_NO_MEMORY;
}
for (i=0; i < *p_num_groups; i++) {
gid_to_sid(&(*pp_sids)[i], (*pp_gids)[i]);
}
return NT_STATUS_OK;
}
static NTSTATUS pdb_onefs_sam_lookup_rids(struct pdb_methods *methods,
const DOM_SID *domain_sid,
int num_rids,
uint32 *rids,
const char **names,
enum lsa_SidType *attrs)
{
NTSTATUS result = NT_STATUS_OK;
char *domain = NULL;
char **account_names = NULL;
char name[256];
enum lsa_SidType *attr_list = NULL;
int i;
if (!winbind_lookup_rids(talloc_tos(), domain_sid, num_rids, rids,
(const char **)&domain,
(const char ***)&account_names, &attr_list))
{
result = NT_STATUS_NONE_MAPPED;
goto done;
}
memcpy(attrs, attr_list, num_rids * sizeof(enum lsa_SidType));
for (i=0; i<num_rids; i++) {
if (attrs[i] == SID_NAME_UNKNOWN) {
names[i] = NULL;
} else {
snprintf(name, sizeof(name), "%s%c%s", domain,
*lp_winbind_separator(), account_names[i]);
names[i] = talloc_strdup(names, name);
}
}
done:
TALLOC_FREE(account_names);
TALLOC_FREE(domain);
TALLOC_FREE(attrs);
return result;
}
static NTSTATUS pdb_onefs_sam_get_account_policy(struct pdb_methods *methods, int policy_index, uint32 *value)
{
return NT_STATUS_UNSUCCESSFUL;
}
static NTSTATUS pdb_onefs_sam_set_account_policy(struct pdb_methods *methods, int policy_index, uint32 value)
{
return NT_STATUS_UNSUCCESSFUL;
}
static bool pdb_onefs_sam_search_groups(struct pdb_methods *methods,
struct pdb_search *search)
{
return false;
}
static bool pdb_onefs_sam_search_aliases(struct pdb_methods *methods,
struct pdb_search *search,
const DOM_SID *sid)
{
return false;
}
static bool pdb_onefs_sam_get_trusteddom_pw(struct pdb_methods *methods,
const char *domain,
char **pwd,
DOM_SID *sid,
time_t *pass_last_set_time)
{
return false;
}
static bool pdb_onefs_sam_set_trusteddom_pw(struct pdb_methods *methods,
const char *domain,
const char *pwd,
const DOM_SID *sid)
{
return false;
}
static bool pdb_onefs_sam_del_trusteddom_pw(struct pdb_methods *methods,
const char *domain)
{
return false;
}
static NTSTATUS pdb_onefs_sam_enum_trusteddoms(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
uint32 *num_domains,
struct trustdom_info ***domains)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static bool _make_group_map(struct pdb_methods *methods, const char *domain, const char *name, enum lsa_SidType name_type, gid_t gid, DOM_SID *sid, GROUP_MAP *map)
{
snprintf(map->nt_name, sizeof(map->nt_name), "%s%c%s",
domain, *lp_winbind_separator(), name);
map->sid_name_use = name_type;
map->sid = *sid;
map->gid = gid;
return true;
}
static NTSTATUS pdb_onefs_sam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
DOM_SID sid)
{
NTSTATUS result = NT_STATUS_OK;
char *name = NULL;
char *domain = NULL;
enum lsa_SidType name_type;
gid_t gid;
if (!winbind_lookup_sid(talloc_tos(), &sid, (const char **)&domain,
(const char **) &name, &name_type)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if ((name_type != SID_NAME_DOM_GRP) &&
(name_type != SID_NAME_DOMAIN) &&
(name_type != SID_NAME_ALIAS) &&
(name_type != SID_NAME_WKN_GRP)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!winbind_sid_to_gid(&gid, &sid)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!_make_group_map(methods, domain, name, name_type, gid, &sid, map)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
done:
TALLOC_FREE(name);
TALLOC_FREE(domain);
return result;
}
static NTSTATUS pdb_onefs_sam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid)
{
NTSTATUS result = NT_STATUS_OK;
char *name = NULL;
char *domain = NULL;
DOM_SID sid;
enum lsa_SidType name_type;
if (!winbind_gid_to_sid(&sid, gid)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!winbind_lookup_sid(talloc_tos(), &sid, (const char **)&domain,
(const char **)&name, &name_type)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if ((name_type != SID_NAME_DOM_GRP) &&
(name_type != SID_NAME_DOMAIN) &&
(name_type != SID_NAME_ALIAS) &&
(name_type != SID_NAME_WKN_GRP)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!_make_group_map(methods, domain, name, name_type, gid, &sid, map)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
done:
TALLOC_FREE(name);
TALLOC_FREE(domain);
return result;
}
static NTSTATUS pdb_onefs_sam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
const char *name)
{
NTSTATUS result = NT_STATUS_OK;
char *user_name = NULL;
char *domain = NULL;
DOM_SID sid;
gid_t gid;
enum lsa_SidType name_type;
if (!winbind_lookup_name(domain, user_name, &sid, &name_type)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if ((name_type != SID_NAME_DOM_GRP) &&
(name_type != SID_NAME_DOMAIN) &&
(name_type != SID_NAME_ALIAS) &&
(name_type != SID_NAME_WKN_GRP)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!winbind_sid_to_gid(&gid, &sid)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
if (!_make_group_map(methods, domain, user_name, name_type, gid, &sid, map)) {
result = NT_STATUS_NO_SUCH_GROUP;
goto done;
}
done:
return result;
}
static NTSTATUS pdb_onefs_sam_enum_group_mapping(struct pdb_methods *methods,
const DOM_SID *sid, enum lsa_SidType sid_name_use,
GROUP_MAP **pp_rmap, size_t *p_num_entries,
bool unix_only)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS pdb_onefs_sam_get_aliasinfo(struct pdb_methods *methods,
const DOM_SID *sid,
struct acct_info *info)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS pdb_onefs_sam_enum_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, DOM_SID **pp_members,
size_t *p_num_members)
{
return NT_STATUS_NOT_IMPLEMENTED;
}
static NTSTATUS pdb_onefs_sam_alias_memberships(struct pdb_methods *methods,
TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
const DOM_SID *members,
size_t num_members,
uint32 **pp_alias_rids,
size_t *p_num_alias_rids)
{
if (!winbind_get_sid_aliases(mem_ctx, domain_sid,
members, num_members, pp_alias_rids, p_num_alias_rids))
return NT_STATUS_UNSUCCESSFUL;
return NT_STATUS_OK;
}
static NTSTATUS pdb_init_onefs_sam(struct pdb_methods **pdb_method, const char *location)
{
NTSTATUS result;
if (!NT_STATUS_IS_OK(result = make_pdb_method( pdb_method))) {
return result;
}
(*pdb_method)->name = "onefs_sam";
(*pdb_method)->getsampwnam = pdb_onefs_sam_getsampwnam;
(*pdb_method)->getsampwsid = pdb_onefs_sam_getsampwsid;
(*pdb_method)->getgrsid = pdb_onefs_sam_getgrsid;
(*pdb_method)->getgrgid = pdb_onefs_sam_getgrgid;
(*pdb_method)->getgrnam = pdb_onefs_sam_getgrnam;
(*pdb_method)->enum_group_mapping = pdb_onefs_sam_enum_group_mapping;
(*pdb_method)->enum_group_members = pdb_onefs_sam_enum_group_members;
(*pdb_method)->enum_group_memberships = pdb_onefs_sam_enum_group_memberships;
(*pdb_method)->get_aliasinfo = pdb_onefs_sam_get_aliasinfo;
(*pdb_method)->enum_aliasmem = pdb_onefs_sam_enum_aliasmem;
(*pdb_method)->enum_alias_memberships = pdb_onefs_sam_alias_memberships;
(*pdb_method)->lookup_rids = pdb_onefs_sam_lookup_rids;
(*pdb_method)->get_account_policy = pdb_onefs_sam_get_account_policy;
(*pdb_method)->set_account_policy = pdb_onefs_sam_set_account_policy;
(*pdb_method)->uid_to_sid = pdb_onefs_sam_uid_to_sid;
(*pdb_method)->gid_to_sid = pdb_onefs_sam_gid_to_sid;
(*pdb_method)->sid_to_id = pdb_onefs_sam_sid_to_id;
(*pdb_method)->search_groups = pdb_onefs_sam_search_groups;
(*pdb_method)->search_aliases = pdb_onefs_sam_search_aliases;
(*pdb_method)->get_trusteddom_pw = pdb_onefs_sam_get_trusteddom_pw;
(*pdb_method)->set_trusteddom_pw = pdb_onefs_sam_set_trusteddom_pw;
(*pdb_method)->del_trusteddom_pw = pdb_onefs_sam_del_trusteddom_pw;
(*pdb_method)->enum_trusteddoms = pdb_onefs_sam_enum_trusteddoms;
(*pdb_method)->private_data = NULL;
(*pdb_method)->free_private_data = NULL;
return NT_STATUS_OK;
}
NTSTATUS pdb_onefs_sam_init(void)
{
return smb_register_passdb(PASSDB_INTERFACE_VERSION, "onefs_sam", pdb_init_onefs_sam);
}