sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-19 12:23:49 +03:00
Code Activity
Files
e76f593b3572ac881f1aa1fb3326d8b7169b0078
samba-mirror/source/passdb/smbpassgroupunix.c

240 lines
5.9 KiB
C
Raw Blame History

/*
* Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
* Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef USE_SMBUNIX_DB
extern int DEBUGLEVEL;
extern DOM_SID global_member_sid;
/***************************************************************
Start to enumerate the smbpasswd list. Returns a void pointer
to ensure no modification outside this module.
****************************************************************/
static void *startsmbfilegrpent(BOOL update)
{
return startsmbfilepwent(False);
}
/***************************************************************
End enumeration of the smbpasswd list.
****************************************************************/
static void endsmbfilegrpent(void *vp)
{
endsmbfilepwent(vp);
}
/*************************************************************************
Return the current position in the smbpasswd list as an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static SMB_BIG_UINT getsmbfilegrppos(void *vp)
{
return getsmbfilepwpos(vp);
}
/*************************************************************************
Set the current position in the smbpasswd list from an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static BOOL setsmbfilegrppos(void *vp, SMB_BIG_UINT tok)
{
return setsmbfilepwpos(vp, tok);
}
/*************************************************************************
Routine to return the next smbpassgroup entry
*************************************************************************/
static struct smb_passwd *getsmbfilegrpent(void *vp,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
/* Static buffers we will return. */
struct smb_passwd *pw_buf;
struct passwd *pw;
int i;
int unixgrps;
gid_t *grps;
if (vp == NULL)
{
DEBUG(0,("getsmbfilegrpent: Bad password file pointer.\n"));
return NULL;
}
pw_buf = getsmbfilepwent(vp);
if (grp_rids != NULL)
{
(*grp_rids) = NULL;
(*num_grps) = 0;
}
if (als_rids != NULL)
{
(*als_rids) = NULL;
(*num_alss) = 0;
}
if (als_rids == NULL && grp_rids == NULL)
{
return pw_buf;
}
/*
* find all unix groups
*/
pw = Get_Pwnam(pw_buf->smb_name, False);
if (pw == NULL)
{
return NULL;
}
if (get_unixgroups(pw_buf->smb_name, pw->pw_uid, pw->pw_gid, &unixgrps, &grps))
{
return NULL;
}
/*
* check each unix group for a mapping as an nt alias or an nt group
*/
for (i = 0; i < unixgrps; i++)
{
DOM_SID sid;
uint8 type;
char *unix_grpname;
uint32 status;
uint32 rid;
/*
* find the unix name for each user's group.
* assume the unix group is an nt name (alias? group? user?)
* (user or not our own domain will be an error).
*/
unix_grpname = gidtoname(grps[i]);
if (map_unix_alias_name(unix_grpname, &sid, NULL, NULL))
{
/*
* ok, the unix groupname is mapped to an alias.
* check that it is in our domain.
*/
sid_split_rid(&sid, &rid);
if (!sid_equal(&sid, &global_member_sid))
{
pstring sid_str;
sid_to_string(sid_str, &sid);
DEBUG(0,("user %s is in a UNIX group %s that maps to an NT RID (0x%x) in another domain (%s)\n",
pw_buf->smb_name, unix_grpname, rid, sid_str));
continue;
}
if (add_num_to_list(als_rids, num_alss, rid) == NULL)
{
return NULL;
}
}
else if (map_unix_group_name(unix_grpname, &sid, NULL, NULL))
{
/*
* ok, the unix groupname is mapped to a domain group.
* check that it is in our domain.
*/
sid_split_rid(&sid, &rid);
if (!sid_equal(&sid, &global_member_sid))
{
pstring sid_str;
sid_to_string(sid_str, &sid);
DEBUG(0,("user %s is in a UNIX group %s that maps to an NT RID (0x%x) in another domain (%s)\n",
pw_buf->smb_name, unix_grpname, rid, sid_str));
continue;
}
if (add_num_to_list(grp_rids, num_grps, rid) == NULL)
{
return NULL;
}
}
else if (lp_server_role() == ROLE_DOMAIN_MEMBER)
{
/*
* server is a member of a domain or stand-alone.
* name is not explicitly mapped
* so we are responsible for it.
* as a LOCAL group.
*/
rid = pwdb_gid_to_alias_rid(grps[i]);
if (add_num_to_list(als_rids, num_alss, rid) == NULL)
{
return NULL;
}
}
else if (lp_server_role() != ROLE_DOMAIN_NONE)
{
/*
* server is a PDC or BDC.
* name is explicitly mapped
* so we are responsible for it.
* as a DOMAIN group.
*/
rid = pwdb_gid_to_group_rid(grps[i]);
if (add_num_to_list(grp_rids, num_grps, rid) == NULL)
{
return NULL;
}
}
}
return pw_buf;
}
static struct passgrp_ops file_ops =
{
startsmbfilegrpent,
endsmbfilegrpent,
getsmbfilegrppos,
setsmbfilegrppos,
iterate_getsmbgrpnam, /* In passgrp.c */
iterate_getsmbgrpuid, /* In passgrp.c */
iterate_getsmbgrprid, /* In passgrp.c */
getsmbfilegrpent,
};
struct passgrp_ops *unix_initialise_password_grp(void)
{
return &file_ops;
}
#else
/* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
void smbpass_dummy_function(void) { } /* stop some compilers complaining */
#endif /* USE_SMBPASS_DB */
View Git Blame Copy Permalink