mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
1a74d8d1f0
Samba now features a pluggable passdb interface, along the same lines as the
one in use in the auth subsystem. In this case, only one backend may be active
at a time by the 'normal' interface, and only one backend per passdb_context is
permitted outside that.
This pluggable interface is designed to allow any number of passdb backends to
be compiled in, with the selection at runtime. The 'passdb backend' paramater
has been created (and documented!) to support this.
As such, configure has been modfied to allow (for example) --with-ldap and the
old smbpasswd to be selected at the same time.
This patch also introduces two new backends: smbpasswd_nua and tdbsam_nua.
These two backends accept 'non unix accounts', where the user does *not* exist
in /etc/passwd. These accounts' don't have UIDs in the unix sense, but to
avoid conflicts in the algroitmic mapping of RIDs, they use the values
specified in the 'non unix account range' paramter - in the same way as the
winbind ranges are specifed.
While I was at it, I cleaned up some of the code in pdb_tdb (code copied
directly from smbpasswd and not really considered properly). Most of this was
to do with % macro expansion on stored data. It isn't easy to get the macros
into the tdb, and the first password change will 'expand' them. tdbsam needs
to use a similar system to pdb_ldap in this regard.
This patch only makes minor adjustments to pdb_nisplus and pdb_ldap, becouse I
don't have the test facilities for these. I plan to incoroprate at least
pdb_ldap into this scheme after consultation with Jerry.
Each (converted) passdb module now no longer has any 'static' variables, and
only exports 1 init function outside its .c file.
The non-unix-account support in this patch has been proven! It is now possible
to join a win2k machine to a Samba PDC without an account in /etc/passwd!
Other changes:
Minor interface adjustments:
pdb_delete_sam_account() now takes a SAM_ACCOUNT, not a char*.
pdb_update_sam_account() no longer takes the 'override' argument that was being
ignored so often (every other passdb backend). Extra checks have been added in
some places.
Minor code changes:
smbpasswd no longer attempts to initialise the passdb at startup, this is
now done on first use.
pdbedit has lost some of its 'machine account' logic, as this behaviour is now
controlled by the passdb subsystem directly.
The samr subsystem no longer calls 'local password change', but does the pdb
interactions directly. This allow the ACB_ flags specifed to be transferred
direct to the backend, without interference.
Doco:
I've updated the doco to reflect some of the changes, and removed some paramters
no longer applicable to HEAD.
(This used to be commit ff354c99c5)
189 lines
4.1 KiB
C
189 lines
4.1 KiB
C
#undef HAVE_VOLATILE
|
|
#undef HAVE_BROKEN_READDIR
|
|
#undef HAVE_C99_VSNPRINTF
|
|
#undef HAVE_ERRNO_DECL
|
|
#undef HAVE_LONGLONG
|
|
#undef HAVE_OFF64_T
|
|
#undef HAVE_REMSH
|
|
#undef HAVE_UNSIGNED_CHAR
|
|
#undef HAVE_UTIMBUF
|
|
#undef HAVE_SIG_ATOMIC_T_TYPE
|
|
#undef HAVE_SOCKLEN_T_TYPE
|
|
#undef ssize_t
|
|
#undef ino_t
|
|
#undef ssize_t
|
|
#undef loff_t
|
|
#undef offset_t
|
|
#undef aclent_t
|
|
#undef wchar_t
|
|
#undef HAVE_CONNECT
|
|
#undef HAVE_SHORT_INO_T
|
|
#undef WITH_SMBWRAPPER
|
|
#undef WITH_AFS
|
|
#undef WITH_DFS
|
|
#undef SUNOS5
|
|
#undef SUNOS4
|
|
#undef LINUX
|
|
#undef AIX
|
|
#undef BSD
|
|
#undef IRIX
|
|
#undef IRIX6
|
|
#undef HPUX
|
|
#undef QNX
|
|
#undef SCO
|
|
#undef OSF1
|
|
#undef NEXT2
|
|
#undef RELIANTUNIX
|
|
#undef HAVE_MMAP
|
|
#undef HAVE_FCNTL_LOCK
|
|
#undef HAVE_FTRUNCATE_EXTEND
|
|
#undef FTRUNCATE_NEEDS_ROOT
|
|
#undef HAVE_TRAPDOOR_UID
|
|
#undef HAVE_ROOT
|
|
#undef HAVE_GETTIMEOFDAY_TZ
|
|
#undef HAVE_SOCK_SIN_LEN
|
|
#undef STAT_READ_FILSYS
|
|
#undef STAT_STATFS2_BSIZE
|
|
#undef STAT_STATFS2_FSIZE
|
|
#undef STAT_STATFS2_FS_DATA
|
|
#undef STAT_STATFS3_OSF1
|
|
#undef STAT_STATFS4
|
|
#undef STAT_STATVFS
|
|
#undef STAT_STATVFS64
|
|
#undef HAVE_IFACE_AIX
|
|
#undef HAVE_IFACE_IFCONF
|
|
#undef HAVE_IFACE_IFREQ
|
|
#undef HAVE_CRYPT
|
|
#undef HAVE_PUTPRPWNAM
|
|
#undef HAVE_SET_AUTH_PARAMETERS
|
|
#undef WITH_SYSLOG
|
|
#undef WITH_PROFILE
|
|
#undef WITH_SSL
|
|
#undef SSL_DIR
|
|
#undef WITH_PAM
|
|
#undef WITH_NISPLUS_HOME
|
|
#undef WITH_AUTOMOUNT
|
|
#undef WITH_SMBMOUNT
|
|
#undef WITH_QUOTAS
|
|
#undef WITH_WINBIND
|
|
#undef HAVE_BROKEN_GETGROUPS
|
|
#undef REPLACE_GETPASS
|
|
#undef REPLACE_INET_NTOA
|
|
#undef HAVE_FILE_MACRO
|
|
#undef HAVE_FUNCTION_MACRO
|
|
#undef HAVE_SETRESUID_DECL
|
|
#undef HAVE_SETRESUID
|
|
#undef WITH_NETATALK
|
|
#undef WITH_UTMP
|
|
#undef WITH_MSDFS
|
|
#undef WITH_LIBICONV
|
|
#undef HAVE_INO64_T
|
|
#undef HAVE_DEV64_T
|
|
#undef HAVE_STRUCT_FLOCK64
|
|
#undef SIZEOF_INO_T
|
|
#undef SIZEOF_OFF_T
|
|
#undef STAT_STATVFS64
|
|
#undef HAVE_LIBREADLINE
|
|
#undef HAVE_KERNEL_SHARE_MODES
|
|
#undef HAVE_KERNEL_OPLOCKS_IRIX
|
|
#undef HAVE_KERNEL_OPLOCKS_LINUX
|
|
#undef HAVE_KERNEL_CHANGE_NOTIFY
|
|
#undef HAVE_IRIX_SPECIFIC_CAPABILITIES
|
|
#undef HAVE_INT16_FROM_RPC_RPC_H
|
|
#undef HAVE_UINT16_FROM_RPC_RPC_H
|
|
#undef HAVE_INT32_FROM_RPC_RPC_H
|
|
#undef HAVE_UINT32_FROM_RPC_RPC_H
|
|
#undef KRB4_AUTH
|
|
#undef KRB5_AUTH
|
|
#undef KRB4_DIR
|
|
#undef KRB5_DIR
|
|
#undef SEEKDIR_RETURNS_VOID
|
|
#undef HAVE_DIRENT_D_OFF
|
|
#undef HAVE_GETSPNAM
|
|
#undef HAVE_BIGCRYPT
|
|
#undef HAVE_GETPRPWNAM
|
|
#undef HAVE_FSTAT64
|
|
#undef HAVE_LSTAT64
|
|
#undef HAVE_STAT64
|
|
#undef HAVE_SETRESGID
|
|
#undef HAVE_SETRESGID_DECL
|
|
#undef HAVE_SHADOW_H
|
|
#undef HAVE_CUPS
|
|
#undef HAVE_MEMSET
|
|
#undef HAVE_STRCASECMP
|
|
#undef HAVE_STRUCT_DIRENT64
|
|
#undef HAVE_TRUNCATED_SALT
|
|
#undef BROKEN_NISPLUS_INCLUDE_FILES
|
|
#undef HAVE_RPC_AUTH_ERROR_CONFLICT
|
|
#undef HAVE_EXPLICIT_LARGEFILE_SUPPORT
|
|
#undef USE_BOTH_CRYPT_CALLS
|
|
#undef HAVE_BROKEN_FCNTL64_LOCKS
|
|
#undef HAVE_SECURE_MKSTEMP
|
|
#undef HAVE_FNMATCH
|
|
#undef USE_SETEUID
|
|
#undef USE_SETRESUID
|
|
#undef USE_SETREUID
|
|
#undef USE_SETUIDX
|
|
#undef HAVE_LIBDL
|
|
#undef SYSCONF_SC_NGROUPS_MAX
|
|
#undef HAVE_UT_UT_NAME
|
|
#undef HAVE_UT_UT_USER
|
|
#undef HAVE_UT_UT_ID
|
|
#undef HAVE_UT_UT_HOST
|
|
#undef HAVE_UT_UT_TIME
|
|
#undef HAVE_UT_UT_TV
|
|
#undef HAVE_UT_UT_TYPE
|
|
#undef HAVE_UT_UT_PID
|
|
#undef HAVE_UT_UT_EXIT
|
|
#undef HAVE_UT_UT_ADDR
|
|
#undef HAVE_UX_UT_SYSLEN
|
|
#undef PUTUTLINE_RETURNS_UTMP
|
|
#undef COMPILER_SUPPORTS_LL
|
|
#undef HAVE_YP_GET_DEFAULT_DOMAIN
|
|
#undef USE_SPINLOCKS
|
|
#undef SPARC_SPINLOCKS
|
|
#undef INTEL_SPINLOCKS
|
|
#undef MIPS_SPINLOCKS
|
|
#undef POWERPC_SPINLOCKS
|
|
#undef HAVE_POSIX_ACLS
|
|
#undef HAVE_ACL_GET_PERM_NP
|
|
#undef HAVE_UNIXWARE_ACLS
|
|
#undef HAVE_SOLARIS_ACLS
|
|
#undef HAVE_HPUX_ACLS
|
|
#undef HAVE_IRIX_ACLS
|
|
#undef HAVE_AIX_ACLS
|
|
#undef HAVE_TRU64_ACLS
|
|
#undef HAVE_NO_ACLS
|
|
#undef HAVE_LIBPAM
|
|
#undef HAVE_ASPRINTF_DECL
|
|
#undef HAVE_VASPRINTF_DECL
|
|
#undef HAVE_SNPRINTF_DECL
|
|
#undef HAVE_VSNPRINTF_DECL
|
|
#undef HAVE_NATIVE_ICONV
|
|
#undef HAVE_UNIXSOCKET
|
|
#undef MMAP_BLACKLIST
|
|
#undef HAVE_IMMEDIATE_STRUCTURES
|
|
#undef HAVE_CUPS
|
|
#undef WITH_LDAP_SAM
|
|
#undef WITH_NISPLUS_SAM
|
|
#undef WITH_TDB_SAM
|
|
#undef LINUX_QUOTAS_1
|
|
#undef LINUX_QUOTAS_2
|
|
#undef PACKAGE
|
|
#undef VERSION
|
|
#undef HAVE_LC_MESSAGES
|
|
#undef ENABLE_NLS
|
|
#undef HAVE_CATGETS
|
|
#undef HAVE_GETTEXT
|
|
#undef HAVE_STPCPY
|
|
#undef I18N_SWAT
|
|
#undef I18N_DEFAULT_PREF_LANG
|
|
#undef HAVE_KRB5
|
|
#undef HAVE_GSSAPI
|
|
#undef BROKEN_REDHAT_7_SYSTEM_HEADERS
|
|
#undef HAVE_LDAP
|
|
#undef HAVE_STAT_ST_BLOCKS
|
|
#undef STAT_ST_BLOCKSIZE
|
|
#undef HAVE_DEVICE_MAJOR_FN
|
|
#undef HAVE_DEVICE_MINOR_FN
|