diff options
author | Gerald Carter <jerry@samba.org> | 2005-01-18 14:46:24 +0000 |
---|---|---|
committer | Gerald (Jerry) Carter <jerry@samba.org> | 2007-10-10 10:53:55 -0500 |
commit | 862e610e4af0eb8b660c5526401cbe6f751444be (patch) | |
tree | 3d8601ebf54d73efa7666aa98737a143d730902f | |
parent | ade3ef6f0435a06d602519c012ffa6a0b0fbec71 (diff) | |
download | samba-862e610e4af0eb8b660c5526401cbe6f751444be.tar.gz samba-862e610e4af0eb8b660c5526401cbe6f751444be.tar.bz2 samba-862e610e4af0eb8b660c5526401cbe6f751444be.zip |
r4820: add beginnings of 'net rpc rights' for managing privilege assignments
(This used to be commit 164f94e52929330bd638f19bcf3bfce50303269e)
-rw-r--r-- | source3/Makefile.in | 2 | ||||
-rw-r--r-- | source3/utils/net.h | 13 | ||||
-rw-r--r-- | source3/utils/net_rpc.c | 11 | ||||
-rw-r--r-- | source3/utils/net_rpc_rights.c | 116 |
4 files changed, 134 insertions, 8 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index aeb6c456d2..fa918e556b 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -532,7 +532,7 @@ NET_OBJ1 = utils/net.o utils/net_ads.o utils/net_ads_cldap.o utils/net_help.o \ utils/net_rap.o utils/net_rpc.o utils/net_rpc_samsync.o \ utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o \ utils/net_cache.o utils/net_groupmap.o utils/net_idmap.o \ - utils/net_status.o utils/net_rpc_printer.o + utils/net_status.o utils/net_rpc_printer.o utils/net_rpc_rights.o NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ diff --git a/source3/utils/net.h b/source3/utils/net.h index 5e65ca0d4c..2d9fbd1644 100644 --- a/source3/utils/net.h +++ b/source3/utils/net.h @@ -17,8 +17,21 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +/* + * A function of this type is passed to the ' + * run_rpc_command' wrapper. Must go before the net_proto.h + * include + */ + +typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, const char *, + struct cli_state *, TALLOC_CTX *, int, const char **); + +/* INCLUDE FILES */ + #include "utils/net_proto.h" +/* MACROS & DEFINES */ + #define NET_FLAGS_MASTER 1 #define NET_FLAGS_DMB 2 diff --git a/source3/utils/net_rpc.c b/source3/utils/net_rpc.c index 4cbad9bde6..5374d48de6 100644 --- a/source3/utils/net_rpc.c +++ b/source3/utils/net_rpc.c @@ -37,10 +37,6 @@ **/ -/* A function of this type is passed to the 'run_rpc_command' wrapper */ -typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, const char *, - struct cli_state *, TALLOC_CTX *, int, const char **); - /** * Many of the RPC functions need the domain sid. This function gets * it at the start of every run @@ -100,7 +96,7 @@ static DOM_SID *net_get_remote_domain_sid(struct cli_state *cli, TALLOC_CTX *mem * @return A shell status integer (0 for success) */ -static int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flags, +int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flags, rpc_command_fn fn, int argc, const char **argv) { @@ -5260,10 +5256,10 @@ int net_rpc_usage(int argc, const char **argv) d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n"); d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n"); d_printf(" net rpc samdump \t\tdiplay an NT PDC's users, groups and other data\n"); - d_printf(" net rpc trustdom \t\tto create trusting domain's account\n" - "\t\t\t\t\tor establish trust\n"); + d_printf(" net rpc trustdom \t\tto create trusting domain's account or establish trust\n"); d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n"); d_printf(" net rpc shutdown \t\tto shutdown a remote server\n"); + d_printf(" net rpc rights\t\tto manage privileges assigned to SIDs\n"); d_printf("\n"); d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */ d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n"); @@ -5332,6 +5328,7 @@ int net_rpc(int argc, const char **argv) {"samdump", rpc_samdump}, {"vampire", rpc_vampire}, {"getsid", net_rpc_getsid}, + {"rights", net_rpc_rights}, {"help", net_rpc_help}, {NULL, NULL} }; diff --git a/source3/utils/net_rpc_rights.c b/source3/utils/net_rpc_rights.c new file mode 100644 index 0000000000..f1e61ae9ba --- /dev/null +++ b/source3/utils/net_rpc_rights.c @@ -0,0 +1,116 @@ +/* + Samba Unix/Linux SMB client library + Distributed SMB/CIFS Server Management Utility + Copyright (C) Gerald (Jerry) Carter 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +#include "includes.h" +#include "utils/net.h" + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_revoke_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_list( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_list_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_grant( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_grant_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_revoke( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_revoke_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int net_help_rights( int argc, const char **argv ) +{ + d_printf("net rpc rights list View available privileges\n"); + d_printf("net rpc rights grant View available privileges\n"); + d_printf("net rpc rights revoke View available privileges\n"); + + d_printf("Both 'grant' and 'revoke' require a SID and a commaa separated\n"); + d_printf("list of privilege names. For example\n"); + d_printf(" net rpc grant S-1-5-32-550 SePrintOperatorsPrivilege\n"); + d_printf("would grant the printer admin right to the 'BUILTIN\\Print Operators' group\n"); + + + return -1; +} + +/******************************************************************** +********************************************************************/ + +int net_rpc_rights(int argc, const char **argv) +{ + struct functable func[] = { + {"list", rpc_rights_list}, + {"grant", rpc_rights_grant}, + {"revoke", rpc_rights_revoke}, + {NULL, NULL} + }; + + if ( argc ) + return net_run_function( argc, argv, func, net_help_rights ); + + return net_help_rights( argc, argv ); +} + + |