summaryrefslogtreecommitdiff
path: root/source3/groupdb
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2004-01-05 23:41:50 +0000
committerAndrew Bartlett <abartlet@samba.org>2004-01-05 23:41:50 +0000
commit17b22be3c9b286bb20481db1ab7c5c3a09138fe9 (patch)
tree8cd7463534abb276fffa56f4aef7b1a96f06db2a /source3/groupdb
parent0c78e6fc3e8df9ad9480d3b1b6b2d5a3eb19bf45 (diff)
downloadsamba-17b22be3c9b286bb20481db1ab7c5c3a09138fe9.tar.gz
samba-17b22be3c9b286bb20481db1ab7c5c3a09138fe9.tar.bz2
samba-17b22be3c9b286bb20481db1ab7c5c3a09138fe9.zip
(merge from 3.0)
JHT came up with a nasty (broken) torture case in preparing examples for his book. This prompted me to look at the code that reads the unix group list. This code did a lot of name -> uid -> name -> sid translations, which caused problems. Instead, we now do just name -> sid I also cleaned up some interfaces, and client tools. Andrew Bartlett (This used to be commit cc535a6c70d8dcf677322e31b24dec58b23d80f0)
Diffstat (limited to 'source3/groupdb')
-rw-r--r--source3/groupdb/mapping.c91
1 files changed, 63 insertions, 28 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 08ac6a25a5..97abbd46e3 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -551,7 +551,7 @@ BOOL get_domain_group_from_sid(DOM_SID sid, GROUP_MAP *map)
/* get a local (alias) group from it's SID */
-BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+BOOL get_local_group_from_sid(DOM_SID *sid, GROUP_MAP *map)
{
BOOL ret;
@@ -562,7 +562,7 @@ BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
/* The group is in the mapping table */
become_root();
- ret = pdb_getgrsid(map, sid);
+ ret = pdb_getgrsid(map, *sid);
unbecome_root();
if ( !ret )
@@ -585,7 +585,7 @@ BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
uint32 alias_rid;
struct group *grp;
- sid_peek_rid(&sid, &alias_rid);
+ sid_peek_rid(sid, &alias_rid);
map->gid=pdb_group_rid_to_gid(alias_rid);
grp = getgrgid(map->gid);
@@ -599,7 +599,7 @@ BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
fstrcpy(map->nt_name, grp->gr_name);
fstrcpy(map->comment, "Local Unix Group");
- sid_copy(&map->sid, &sid);
+ sid_copy(&map->sid, sid);
}
#endif
@@ -608,7 +608,7 @@ BOOL get_local_group_from_sid(DOM_SID sid, GROUP_MAP *map)
/* get a builtin group from it's SID */
-BOOL get_builtin_group_from_sid(DOM_SID sid, GROUP_MAP *map)
+BOOL get_builtin_group_from_sid(DOM_SID *sid, GROUP_MAP *map)
{
struct group *grp;
BOOL ret;
@@ -620,7 +620,7 @@ BOOL get_builtin_group_from_sid(DOM_SID sid, GROUP_MAP *map)
}
become_root();
- ret = pdb_getgrsid(map, sid);
+ ret = pdb_getgrsid(map, *sid);
unbecome_root();
if ( !ret )
@@ -690,7 +690,7 @@ BOOL get_group_from_gid(gid_t gid, GROUP_MAP *map)
Get the member users of a group and
all the users who have that group as primary.
- give back an array of uid
+ give back an array of SIDS
return the grand number of users
@@ -698,21 +698,21 @@ BOOL get_group_from_gid(gid_t gid, GROUP_MAP *map)
****************************************************************************/
-BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
+BOOL get_sid_list_of_group(gid_t gid, DOM_SID **sids, int *num_sids)
{
struct group *grp;
struct passwd *pwd;
int i=0;
char *gr;
- uid_t *u;
+ DOM_SID *s;
if(!init_group_mapping()) {
DEBUG(0,("failed to initialize group mapping"));
return(False);
}
- *num_uids = 0;
- *uid=NULL;
+ *num_sids = 0;
+ *sids=NULL;
if ( (grp=getgrgid(gid)) == NULL)
return False;
@@ -721,39 +721,74 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids)
DEBUG(10, ("getting members\n"));
while (gr && (*gr != (char)'\0')) {
- u = Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
- if (!u) {
- DEBUG(0,("get_uid_list_of_group: unable to enlarge uid list!\n"));
+ SAM_ACCOUNT *group_member_acct = NULL;
+ BOOL found_user;
+ s = Realloc((*sids), sizeof(**sids)*(*num_sids+1));
+ if (!s) {
+ DEBUG(0,("get_uid_list_of_group: unable to enlarge SID list!\n"));
return False;
}
- else (*uid) = u;
+ else (*sids) = s;
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&group_member_acct))) {
+ continue;
+ }
- if( (pwd=getpwnam_alloc(gr)) !=NULL) {
- (*uid)[*num_uids]=pwd->pw_uid;
- (*num_uids)++;
- passwd_free(&pwd);
+ become_root();
+ found_user = pdb_getsampwnam(group_member_acct, gr);
+ unbecome_root();
+
+ if (found_user) {
+ sid_copy(&(*sids)[*num_sids], pdb_get_user_sid(group_member_acct));
+ (*num_sids)++;
}
+
+ pdb_free_sam(&group_member_acct);
+
gr = grp->gr_mem[++i];
}
- DEBUG(10, ("got [%d] members\n", *num_uids));
+ DEBUG(10, ("got [%d] members\n", *num_sids));
+
+ winbind_off();
setpwent();
while ((pwd=getpwent()) != NULL) {
if (pwd->pw_gid==gid) {
- u = Realloc((*uid), sizeof(uid_t)*(*num_uids+1));
- if (!u) {
- DEBUG(0,("get_uid_list_of_group: unable to enlarge uid list!\n"));
+ SAM_ACCOUNT *group_member_acct = NULL;
+ BOOL found_user;
+ s = Realloc((*sids), sizeof(**sids)*(*num_sids+1));
+ if (!s) {
+ DEBUG(0,("get_sid_list_of_group: unable to enlarge SID list!\n"));
+ winbind_on();
return False;
}
- else (*uid) = u;
- (*uid)[*num_uids]=pwd->pw_uid;
-
- (*num_uids)++;
+ else (*sids) = s;
+
+ if (!NT_STATUS_IS_OK(pdb_init_sam(&group_member_acct))) {
+ continue;
+ }
+
+ become_root();
+ found_user = pdb_getsampwnam(group_member_acct, pwd->pw_name);
+ unbecome_root();
+
+ if (found_user) {
+ sid_copy(&(*sids)[*num_sids], pdb_get_user_sid(group_member_acct));
+ (*num_sids)++;
+ } else {
+ DEBUG(4,("get_sid_list_of_group: User %s [uid == %lu] has no samba account\n",
+ pwd->pw_name, (unsigned long)pwd->pw_uid));
+ if (algorithmic_uid_to_sid(&(*sids)[*num_sids], pwd->pw_uid))
+ (*num_sids)++;
+ }
+
+ pdb_free_sam(&group_member_acct);
}
}
endpwent();
- DEBUG(10, ("got primary groups, members: [%d]\n", *num_uids));
+ DEBUG(10, ("got primary groups, members: [%d]\n", *num_sids));
+ winbind_on();
return True;
}