sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-01-28 17:47:29 +03:00
Code
samba-mirror/source3/sam/gums.c
Simo Sorce 5733f731a9 So here it is a non-intrusive patch with my latest work on gums (the 
laternative to the current passdb).
Currently it is run through a comatibility module in the passdb layer, with
a subset of the functionality it may provide.
It is still work in progress, but as someone asked me about it, and as it
should make no difference to the normal code, I tought it was a good idea to
put it into.
It adds a dependency on perl. I know it is not very nice, but I'm sure we
will work out a solution for that.

As always blame me if I break something, but try to fix yourself, as I am
busy-busy-busy :-)

Simo.
(This used to be commit 7b3c94b5cfc1a9ceb430613353a937345f2eda74)
2003-10-13 21:26:10 +00:00

235 lines
7.4 KiB
C
Raw Blame History

/*
Unix SMB/CIFS implementation.
Grops and Users Management System initializations.
Copyright (C) Simo Sorce 2002
This program is free software; you can redistribute it and/or modify
it under the terms of the GNU General Public License as published by
the Free Software Foundation; either version 2 of the License, or
(at your option) any later version.
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program; if not, write to the Free Software
Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_SAM
#define GMV_MAJOR 0
#define GMV_MINOR 1
#define PRIV_NONE 0
#define PRIV_CREATE_TOKEN 1
#define PRIV_ASSIGNPRIMARYTOKEN 2
#define PRIV_LOCK_MEMORY 3
#define PRIV_INCREASE_QUOTA 4
#define PRIV_MACHINE_ACCOUNT 5
#define PRIV_TCB 6
#define PRIV_SECURITY 7
#define PRIV_TAKE_OWNERSHIP 8
#define PRIV_LOAD_DRIVER 9
#define PRIV_SYSTEM_PROFILE 10
#define PRIV_SYSTEMTIME 11
#define PRIV_PROF_SINGLE_PROCESS 12
#define PRIV_INC_BASE_PRIORITY 13
#define PRIV_CREATE_PAGEFILE 14
#define PRIV_CREATE_PERMANENT 15
#define PRIV_BACKUP 16
#define PRIV_RESTORE 17
#define PRIV_SHUTDOWN 18
#define PRIV_DEBUG 19
#define PRIV_AUDIT 20
#define PRIV_SYSTEM_ENVIRONMENT 21
#define PRIV_CHANGE_NOTIFY 22
#define PRIV_REMOTE_SHUTDOWN 23
#define PRIV_UNDOCK 24
#define PRIV_SYNC_AGENT 25
#define PRIV_ENABLE_DELEGATION 26
#define PRIV_ALL 255
static GUMS_FUNCTIONS *gums_backend = NULL;
static PRIVS gums_privs[] = {
{PRIV_NONE, "no_privs", "No privilege"}, /* this one MUST be first */
{PRIV_CREATE_TOKEN, "SeCreateToken", "Create Token"},
{PRIV_ASSIGNPRIMARYTOKEN, "SeAssignPrimaryToken", "Assign Primary Token"},
{PRIV_LOCK_MEMORY, "SeLockMemory", "Lock Memory"},
{PRIV_INCREASE_QUOTA, "SeIncreaseQuotaPrivilege", "Increase Quota Privilege"},
{PRIV_MACHINE_ACCOUNT, "SeMachineAccount", "Machine Account"},
{PRIV_TCB, "SeTCB", "TCB"},
{PRIV_SECURITY, "SeSecurityPrivilege", "Security Privilege"},
{PRIV_TAKE_OWNERSHIP, "SeTakeOwnershipPrivilege", "Take Ownership Privilege"},
{PRIV_LOAD_DRIVER, "SeLocalDriverPrivilege", "Local Driver Privilege"},
{PRIV_SYSTEM_PROFILE, "SeSystemProfilePrivilege", "System Profile Privilege"},
{PRIV_SYSTEMTIME, "SeSystemtimePrivilege", "System Time"},
{PRIV_PROF_SINGLE_PROCESS, "SeProfileSingleProcessPrivilege", "Profile Single Process Privilege"},
{PRIV_INC_BASE_PRIORITY, "SeIncreaseBasePriorityPrivilege", "Increase Base Priority Privilege"},
{PRIV_CREATE_PAGEFILE, "SeCreatePagefilePrivilege", "Create Pagefile Privilege"},
{PRIV_CREATE_PERMANENT, "SeCreatePermanent", "Create Permanent"},
{PRIV_BACKUP, "SeBackupPrivilege", "Backup Privilege"},
{PRIV_RESTORE, "SeRestorePrivilege", "Restore Privilege"},
{PRIV_SHUTDOWN, "SeShutdownPrivilege", "Shutdown Privilege"},
{PRIV_DEBUG, "SeDebugPrivilege", "Debug Privilege"},
{PRIV_AUDIT, "SeAudit", "Audit"},
{PRIV_SYSTEM_ENVIRONMENT, "SeSystemEnvironmentPrivilege", "System Environment Privilege"},
{PRIV_CHANGE_NOTIFY, "SeChangeNotify", "Change Notify"},
{PRIV_REMOTE_SHUTDOWN, "SeRemoteShutdownPrivilege", "Remote Shutdown Privilege"},
{PRIV_UNDOCK, "SeUndock", "Undock"},
{PRIV_SYNC_AGENT, "SeSynchronizationAgent", "Synchronization Agent"},
{PRIV_ENABLE_DELEGATION, "SeEnableDelegation", "Enable Delegation"},
{PRIV_ALL, "SaAllPrivs", "All Privileges"}
};
static struct gums_init_function_entry *backends = NULL;
static void lazy_initialize_gums(void)
{
static BOOL initialized = False;
if (initialized)
return;
static_init_gums;
initialized = True;
}
static struct gums_init_function_entry *gums_find_backend_entry(const char *name);
NTSTATUS gums_register_module(int version, const char *name, gums_init_function init_fn)
{
struct gums_init_function_entry *entry = backends;
if (version != GUMS_INTERFACE_VERSION) {
DEBUG(0,("Can't register gums backend!\n"
"You tried to register a gums module with"
"GUMS_INTERFACE_VERSION %d, while this version"
"of samba uses version %d\n", version,
GUMS_INTERFACE_VERSION));
return NT_STATUS_OBJECT_TYPE_MISMATCH;
}
if (!name || !init_fn) {
return NT_STATUS_INVALID_PARAMETER;
}
DEBUG(5,("Attempting to register gums backend %s\n", name));
/* Check for duplicates */
if (gums_find_backend_entry(name)) {
DEBUG(0,("There already is a gums backend registered"
"with the name %s!\n", name));
return NT_STATUS_OBJECT_NAME_COLLISION;
}
entry = smb_xmalloc(sizeof(struct gums_init_function_entry));
entry->name = smb_xstrdup(name);
entry->init_fn = init_fn;
DLIST_ADD(backends, entry);
DEBUG(5,("Successfully added gums backend '%s'\n", name));
return NT_STATUS_OK;
}
static struct gums_init_function_entry *gums_find_backend_entry(const char *name)
{
struct gums_init_function_entry *entry = backends;
while (entry) {
if (strcmp(entry->name, name) == 0)
return entry;
entry = entry->next;
}
return NULL;
}
NTSTATUS gums_setup_backend(const char *backend)
{
TALLOC_CTX *mem_ctx;
char *module_name = smb_xstrdup(backend);
char *p, *module_data = NULL;
struct gums_init_function_entry *entry;
NTSTATUS ret = NT_STATUS_UNSUCCESSFUL;
lazy_initialize_gums();
p = strchr(module_name, ':');
if (p) {
*p = 0;
module_data = p+1;
trim_string(module_data, " ", " ");
}
trim_string(module_name, " ", " ");
DEBUG(5,("Attempting to find a gums backend to match %s (%s)\n", backend, module_name));
entry = gums_find_backend_entry(module_name);
/* Try to find a module that contains this module */
if (!entry) {
DEBUG(2,("No builtin backend found, trying to load plugin\n"));
if(NT_STATUS_IS_OK(smb_probe_module("gums", module_name)) && !(entry = gums_find_backend_entry(module_name))) {
DEBUG(0,("Plugin is available, but doesn't register gums backend %s\n", module_name));
SAFE_FREE(module_name);
return NT_STATUS_UNSUCCESSFUL;
}
}
/* No such backend found */
if(!entry) {
DEBUG(0,("No builtin nor plugin backend for %s found\n", module_name));
SAFE_FREE(module_name);
return NT_STATUS_INVALID_PARAMETER;
}
DEBUG(5,("Found gums backend %s\n", module_name));
/* free current functions structure if any */
if (gums_backend) {
gums_backend->free_private_data(gums_backend->private_data);
talloc_destroy(gums_backend->mem_ctx);
gums_backend = NULL;
}
/* allocate a new GUMS_FUNCTIONS structure and memory context */
mem_ctx = talloc_init("gums_backend (%s)", module_name);
if (!mem_ctx)
return NT_STATUS_NO_MEMORY;
gums_backend = talloc(mem_ctx, sizeof(GUMS_FUNCTIONS));
if (!gums_backend)
return NT_STATUS_NO_MEMORY;
gums_backend->mem_ctx = mem_ctx;
/* init the requested backend module */
if (NT_STATUS_IS_OK(ret = entry->init_fn(gums_backend, module_data))) {
DEBUG(5,("gums backend %s has a valid init\n", backend));
} else {
DEBUG(0,("gums backend %s did not correctly init (error was %s)\n", backend, nt_errstr(ret)));
}
SAFE_FREE(module_name);
return ret;
}
NTSTATUS get_gums_fns(GUMS_FUNCTIONS **fns)
{
if (gums_backend != NULL) {
*fns = gums_backend;
return NT_STATUS_OK;
}
DEBUG(2, ("get_gums_fns: unable to get gums functions! backend uninitialized?\n"));
return NT_STATUS_UNSUCCESSFUL;
}
View Git Blame Copy Permalink