mirror of
https://github.com/samba-team/samba.git
synced 2025-02-01 05:47:28 +03:00
120 lines
2.1 KiB
Bash
Executable File
120 lines
2.1 KiB
Bash
Executable File
#!/bin/bash
|
|
# idmap script to map SIDs to UIDs/GIDs using NIS
|
|
# tridge@samba.org June 2009
|
|
|
|
DOMAIN=$(ypdomainname)
|
|
|
|
(
|
|
date
|
|
echo $*
|
|
) >> /var/log/samba/idmap.log
|
|
|
|
cmd=$1
|
|
shift
|
|
|
|
PATH=/usr/bin:bin:$PATH
|
|
|
|
shopt -s nocasematch || {
|
|
echo "shell option nocasematch not supported"
|
|
exit 1
|
|
}
|
|
|
|
# map from a domain and name to a uid/gid
|
|
map_name() {
|
|
domain="$1"
|
|
name="$2"
|
|
ntype="$3"
|
|
case $ntype in
|
|
1)
|
|
rtype="UID"
|
|
map="passwd"
|
|
;;
|
|
2)
|
|
rtype="GID"
|
|
map="group"
|
|
;;
|
|
*)
|
|
echo "ERR: bad name type $ntype"
|
|
exit 1
|
|
;;
|
|
esac
|
|
id=$(ypmatch "$name" "$map".byname 2>/dev/null | cut -d: -f3)
|
|
[ -z "$id" ] && {
|
|
echo "ERR: bad match for $name in map $map"
|
|
exit 1
|
|
}
|
|
echo "$rtype":"$id"
|
|
}
|
|
|
|
# map from a unix id to a name
|
|
map_id() {
|
|
ntype="$1"
|
|
id="$2"
|
|
case $ntype in
|
|
UID)
|
|
map="passwd.byuid"
|
|
;;
|
|
GID)
|
|
map="group.bygid"
|
|
;;
|
|
*)
|
|
echo "ERR: bad name type $ntype"
|
|
exit 1
|
|
;;
|
|
esac
|
|
name="$(ypmatch "$id" "$map" 2>/dev/null | cut -d: -f1)"
|
|
[ -z "$name" ] && {
|
|
echo "ERR: bad match for $name in map $map"
|
|
exit 1
|
|
}
|
|
echo "$name"
|
|
}
|
|
|
|
|
|
case $cmd in
|
|
SIDTOID)
|
|
sid=$1
|
|
rid=`echo $sid | cut -d- -f8`
|
|
[ -z "$rid" ] && {
|
|
echo "ERR: bad rid in SID $sid"
|
|
exit 1
|
|
}
|
|
|
|
unset _NO_WINBINDD
|
|
# oh, this is ugly. Shell is just not meant for parsing text
|
|
fullname=`wbinfo -s $sid 2> /dev/null`
|
|
domain=`echo $fullname | cut -d'\' -f1`
|
|
[[ "$domain" = $DOMAIN ]] || {
|
|
echo "ERR: bad domain $domain"
|
|
exit 1
|
|
}
|
|
name=`echo $fullname | cut -d'\' -f2`
|
|
nwords=`echo $name | wc -w`
|
|
ntype=`echo $name | cut -d' ' -f$nwords`
|
|
nminusone=`expr $nwords - 1`
|
|
name=`echo $name | cut -d' ' -f-$nminusone`
|
|
[ -z "$name" ] && {
|
|
echo "ERR: bad name $fullname for SID $sid"
|
|
exit 1
|
|
}
|
|
map_name "$domain" "$name" "$ntype"
|
|
;;
|
|
IDTOSID)
|
|
ntype=$1
|
|
id=$2
|
|
name="$(map_id "$ntype" "$id")"
|
|
sid="$(wbinfo -n "$name" 2>/dev/null | cut -d' ' -f1)"
|
|
[ -z "$sid" ] && {
|
|
echo "ERR: name $name not found in ADS"
|
|
exit 1
|
|
}
|
|
echo "SID:$sid"
|
|
;;
|
|
*)
|
|
echo "ERR: Unknown command $cmd"
|
|
exit 1;
|
|
;;
|
|
esac
|
|
|
|
exit 0
|