1
0
mirror of https://github.com/samba-team/samba.git synced 2024-12-23 17:34:34 +03:00
Commit Graph

88 Commits

Author SHA1 Message Date
Michael Adam
b51809c13e s3:idmap: fix talloc hierarchy in idmap_passdb_domain()
(don't init to NULL context - we got one handed in...)

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>

Autobuild-User(master): Volker Lendecke <vl@samba.org>
Autobuild-Date(master): Fri Jul 25 14:18:20 CEST 2014 on sn-devel-104
2014-07-25 14:18:20 +02:00
Michael Adam
b78d44fe89 s3:idmap: only check the range values if a range setting has been found.
Otherwise, the check is superfluous since high and low values are
initialized to 0.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25 11:52:10 +02:00
Michael Adam
f354917208 s3:idmap: move loading of idmap options together before range checking in idmap_init_domain()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25 11:52:10 +02:00
Michael Adam
3ac00c9dc3 s3:idmap: in idmap_init_domain() load methods before loading further config
Check whether the requested backend exists at all, before going
further into the config parsing.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25 11:52:10 +02:00
Michael Adam
3c6ec8908a s3:idmap: don't log missing range config if range checking not requested
idmap_init_domain() is called with check_range == false from
idmap_passdb_domain(). In this case, we usually don't have an
idmap range at all, and we don't want to level 1 debug
messages complaining about the fact are irritating at least.

This patch removes the debug in the case of check_range == false.

BUG: https://bugzilla.samba.org/show_bug.cgi?id=10737

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Volker Lendecke <vl@samba.org>
2014-07-25 11:52:10 +02:00
Andrew Bartlett
ad533709e5 s3-winbindd: Honour pdb_is_responsible_for_everything_else()
This allows us to avoid running idmap_init_default_domain() which
gives an error in the default AD DC config.

Andrew Bartlett

Change-Id: I923bd941951f6a907e6fa1ad167e5218a01040ff
Signed-off-by: Andrew Bartlett <abartlet@samba.org>
Reviewed-by: Kamen Mazdrashki <kamenim@samba.org>
2014-06-16 00:26:26 +02:00
Michael Adam
5372571fde s3:idmap: fix a debug message and lower its level
It is not an error to be logged at level 1 when a
domain has no explicitly configured idmap backend.

Signed-off-by: Michael Adam <obnox@samba.org>

Reviewed-by: Andrew Bartlett <abartlet@samba.org>

Autobuild-User(master): Andrew Bartlett <abartlet@samba.org>
Autobuild-Date(master): Fri Mar  8 03:16:54 CET 2013 on sn-devel-104
2013-03-08 03:16:54 +01:00
Michael Adam
2d3f7e3141 s3:winbindd: use the new sid_check_is_for_passdb() in idmap_find_domain_with_sid()
This is more correct than the original one:
It also hands the wellknown and "Unix Users" and "Unix Groups" sids to passdb
for id mapping.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:29 +01:00
Michael Adam
e3ee397140 s3:winbindd: remove unused function idmap_backends_sid_to_unixid()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:28 +01:00
Michael Adam
4210e08109 s3:winbindd: make idmap_find_domain() static.
idmap_find_domain_with_sid() should be used instead

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:24 +01:00
Michael Adam
370d62578d s3:winbindd: add idmap_find_domain_with_sid()
This will return the passdb domain if the given sid is in our sam or builtin
or is the domain sid of those domains. Otherwise it returns the idmap domain
that results from the idmap configuration.

Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:23 +01:00
Michael Adam
150cfb4b97 s3:winbindd: rename idmap_init_passdb_domain() -> idmap_passdb_domain()
Signed-off-by: Michael Adam <obnox@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2012-12-03 08:48:23 +01:00
Guenther Deschner
3fe601afcf s3-winbind: Fix idmap initialization debug message.
Signed-off-by: Andreas Schneider <asn@samba.org>

Autobuild-User(master): Andreas Schneider <asn@cryptomilk.org>
Autobuild-Date(master): Mon Jul 23 18:19:00 CEST 2012 on sn-devel-104
2012-07-23 18:19:00 +02:00
Michael Adam
1ee95e4cb1 s3: rename sid_check_is_in_our_domain() to sid_check_is_in_our_sam()
This does not check whether the given sid is in our domain, but
but whether it belongs to the local sam, which is a different
thing on a domain member server.

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Thu Jul 12 18:36:02 CEST 2012 on sn-devel-104
2012-07-12 18:36:02 +02:00
Andrew Bartlett
3d15137653 s3-talloc Change TALLOC_ARRAY() to talloc_array()
Using the standard macro makes it easier to move code into common, as
TALLOC_ARRAY isn't standard talloc.
2011-06-09 12:40:08 +02:00
Volker Lendecke
80f873853f s3: Make idmap_find_domain public
Signed-off-by: Jeremy Allison <jra@samba.org>
2011-04-13 14:13:25 -07:00
Günther Deschner
235f148590 s3-passdb: use passdb headers where needed.
Guenther
2011-03-30 01:13:08 +02:00
Michael Adam
f50a25cc8d s3:idmap: make sure that the id mapping system is initialized for first access 2011-03-22 22:49:58 +01:00
Michael Adam
ae5d35b09e s3:idmap: remove (now) unneeded function parse_idmap_module() 2011-03-22 22:49:57 +01:00
Michael Adam
efc1d38b32 s3:idmap: simply call idmap_init_named_domain for "*" in idmap_init_default_domain
The default domain "*" is now treated exactly the same as other explicitly
configured domains.
2011-03-22 22:49:57 +01:00
Michael Adam
ca8c493bfd s3:idmap: remove passdb argument from idmap_init_domain() 2011-03-22 22:49:57 +01:00
Michael Adam
82853a613b s3:idmap: remove the params argument from the init function 2011-03-22 22:49:56 +01:00
Michael Adam
0a3627d249 s3:idmap: remove the special treatment of the default domain "*" from idmap_init_domain 2011-03-22 22:49:56 +01:00
Volker Lendecke
233c8bca3b s3: Remove close_fn from idmap_methods
Autobuild-User: Volker Lendecke <vlendec@samba.org>
Autobuild-Date: Sun Mar  6 13:37:13 CET 2011 on sn-devel-104
2011-03-06 13:37:13 +01:00
Michael Adam
5f969d7a94 s3:winbindd/idmap.c: add my C 2011-01-03 08:34:04 +01:00
Jeremy Allison
3a5f03015b Second part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd allocates new uids/gids in error.
Ensure we return after calling passdb for SID lookups for which we are
authoritative.

Jeremy.

Autobuild-User: Jeremy Allison <jra@samba.org>
Autobuild-Date: Mon Nov  8 22:24:34 UTC 2010 on sn-devel-104
2010-11-08 22:24:34 +00:00
Jeremy Allison
42f9ae8756 First part of fix for bug #7777 - When requesting lookups for BUILTIN sids, winbindd allocates new uids/gids in error.
Ensure idmap_init_passdb_domain() correctly initialized the default
domain first.

Jeremy.
2010-11-08 13:38:13 -08:00
Günther Deschner
2b41f421fd s3-idmap: only include idmap headers where needed.
Guenther
2010-08-26 00:20:29 +02:00
Michael Adam
60eae5a134 s3:idmap: fix sid_to_unixid for builtin and own domain.
The old idmap code created a new mapping if asking the backends failed.
Now with the new layering, if passdb (which is used for our own domain
and builtin), then we need to continue and ask the backends, giving
tdb or whatever the default backend is a chance to create a mapping.
2010-08-14 02:10:57 +02:00
Michael Adam
9f60eb8c1b s3:idmap: fix spacing/indentation 2010-08-14 02:10:57 +02:00
Michael Adam
212627e9c0 s3:idmap: don't check range for passdb idmap domain 2010-08-14 02:10:42 +02:00
Michael Adam
24ff45ff4d s3:idmap: parse ranges and "read only" in idmap_init_domain(). 2010-08-14 02:10:42 +02:00
Michael Adam
3a2487e66b s3:idmap: remove idmap_alloc_context from idmap.c
The registering of alloc backends is being removed.
The idmap backends are responsible for initializing
their alloc code on their own if necessary.

No list of alloc backends is maintained any more in the top level.
2010-08-14 02:10:40 +02:00
Michael Adam
12a0ab3c96 s3:idmap: remove the alloc methods list from idmap.c
The registering of alloc backends is being removed.
The idmap backends are responsible for initializing
their alloc code on their own if necessary.

No list of alloc backends is maintained any more in the top level.
2010-08-14 02:10:39 +02:00
Michael Adam
a423f5151d s3:idmap: remove unused get_alloc_methods(). 2010-08-14 02:10:39 +02:00
Michael Adam
75a6c24459 s3:idmap: remove unused smb_register_idmap_alloc().
The registering of alloc backends is being removed.
The idmap backends are responsible for initializing
their alloc code on their own if necessary.
2010-08-14 02:10:39 +02:00
Michael Adam
fe8b1588b4 s3:idmap: remove unused idmap_alloc_init(). 2010-08-14 02:10:37 +02:00
Michael Adam
212468bc6e s3:idmap: use allocate_id() from the idmap_methods in idmap_allocate_unixid()
The idmap alloc methods are being removed.
2010-08-14 02:10:37 +02:00
Michael Adam
0d369271c5 s3:idmap: factor out common code of idmap_allocate_uid|gid()
into new idmap_allocate_unixid().
2010-08-14 02:10:37 +02:00
Michael Adam
95617a03db s3:idmap: remove idmap_new_mapping() - now implemented in the backends 2010-08-14 02:10:36 +02:00
Michael Adam
d888e726a9 s3:idmap: remove unused idmap_remove_mapping().
Michael
2010-08-14 02:10:34 +02:00
Michael Adam
6740c180e6 s3:idmap: remove unused idmap_set_mapping().
Michael
2010-08-14 02:10:34 +02:00
Michael Adam
806e006288 s3:idmap: remove unused idmap_set_gid_hwm()
Michael
2010-08-14 02:10:32 +02:00
Michael Adam
002fe91768 s3:idmap: remove unused idmap_set_uid_hwm()
Michael
2010-08-14 02:10:32 +02:00
Stefan Metzmacher
3f14d03adb s3:winbindd: make sure we only call static_init_idmap once
metze

Signed-off-by: Michael Adam <obnox@samba.org>
2010-06-01 10:33:13 +02:00
Andrew Bartlett
e67b0cf603 s3:winbind Ensure we always init idmap_passdb before we use it
It seems that it is possible for idmap_init_passdb_domain() to be run
before idmap_init_domain(), so ensure we run the static init functions
in both.

Andrew Bartlett

Signed-off-by: Michael Adam <obnox@samba.org>
2010-06-01 10:33:13 +02:00
Michael Adam
3fe9859342 s3:idmap: fix a comment typo
Michael
2009-05-27 19:32:46 +02:00
Günther Deschner
67588ca80d s3-idmap: Fix bug #6286: Call init function for builtin idmap modules before probing for them as shared modules.
idmap-gurus of the world, please check.

Guenther
2009-04-24 10:02:06 +02:00
Volker Lendecke
76d53e7648 Alternative fix for 45db33e73 and 0d443ae7931
Simo is right, we need to ask passdb first. At least this fixes a nasty to find
NT_STATUS_ACCESS_DENIED problem in the build farm for the test run I just did
on host "opi".

Michael, can you re-check if this also fixes the error you found, leading to
the two fixes?

Thanks,

Volker
2009-01-02 15:00:05 +01:00
Volker Lendecke
13248e8917 Revert "s:Fix uid_to_sid mapping when the idmap cache is empty."
This reverts commit 9a9b64dbdf.
2009-01-02 15:00:05 +01:00