r13494: Merge the stuff I've done in head the last days.

Volker
(This used to be commit bb40e544de68f01a6e774753f508e69373b39899)

3 files changed, 10 insertions, 914 deletions

diff --git a/source3/lib/system_smbd.c b/source3/lib/system_smbd.c
index 3fc2d69a03..081a07c019 100644
--- a/source3/lib/system_smbd.c
+++ b/source3/lib/system_smbd.c
@@ -123,14 +123,16 @@ static int sys_getgrouplist(const char *user, gid_t gid, gid_t *groups, int *grp
 
 	DEBUG(10,("sys_getgrouplist: user [%s]\n", user));
 	
-	/* see if we should disable winbindd lookups for local users */
-	if (strchr(user, *lp_winbind_separator()) == NULL) {
-		if ( !winbind_off() )
-			DEBUG(0,("sys_getgroup_list: Insufficient environment space "
-				 "for %s\n", WINBINDD_DONT_ENV));
-		else
-			DEBUG(10,("sys_getgrouplist(): disabled winbindd for group "
-				  "lookup [user == %s]\n", user));
+	/* This is only ever called for Unix users, remote memberships are
+	 * always determined by the info3 coming back from auth3 or the
+	 * PAC. */
+
+	if ( !winbind_off() ) {
+		DEBUG(0,("sys_getgroup_list: Insufficient environment space "
+			 "for %s\n", WINBINDD_DONT_ENV));
+	} else {
+		DEBUG(10,("sys_getgrouplist(): disabled winbindd for group "
+			  "lookup [user == %s]\n", user));
 	}
 
 #ifdef HAVE_GETGROUPLIST
@@ -198,62 +200,3 @@ BOOL getgroups_unix_user(TALLOC_CTX *mem_ctx, const char *user,
 	SAFE_FREE(temp_groups);
 	return True;
 }
-
-NTSTATUS pdb_default_enum_group_memberships(struct pdb_methods *methods,
-					    TALLOC_CTX *mem_ctx,
-					    SAM_ACCOUNT *user,
-					    DOM_SID **pp_sids,
-					    gid_t **pp_gids,
-					    size_t *p_num_groups)
-{
-	size_t i;
-	gid_t gid;
-
-	if ( !sid_to_gid(pdb_get_group_sid(user), &gid) ) 
-	{
-		uint32 rid;
-		struct passwd *pwd;
-	
-		/* second try, allow the DOMAIN_USERS group to pass */
-		
-		if ( !sid_peek_check_rid( get_global_sam_sid(), pdb_get_group_sid(user), &rid ) )
-			return NT_STATUS_NO_SUCH_USER;
-			
-		if ( rid != DOMAIN_GROUP_RID_USERS ) {
-			DEBUG(10, ("sid_to_gid failed\n"));
-			return NT_STATUS_NO_SUCH_USER;
-		}
-		
-		DEBUG(5,("pdb_default_enum_group_memberships: sid_to_gid() failed but giving "
-			"free pass to 'Domain Users' as primary group\n"));
-		
-		if ( !(pwd = getpwnam_alloc( NULL, pdb_get_username(user) ) ) ) 
-			return NT_STATUS_NO_SUCH_USER;
-			
-		gid = pwd->pw_gid;
-		
-		TALLOC_FREE( pwd );		
-	}
-
-	if (!getgroups_unix_user(mem_ctx, pdb_get_username(user), gid,
-				 pp_gids, p_num_groups)) {
-		return NT_STATUS_NO_SUCH_USER;
-	}
-
-	if (*p_num_groups == 0) {
-		smb_panic("primary group missing");
-	}
-
-	*pp_sids = TALLOC_ARRAY(mem_ctx, DOM_SID, *p_num_groups);
-
-	if (*pp_sids == NULL) {
-		talloc_free(*pp_gids);
-		return NT_STATUS_NO_MEMORY;
-	}
-
-	for (i=0; i<*p_num_groups; i++) {
-		gid_to_sid(&(*pp_sids)[i], (*pp_gids)[i]);
-	}
-
-	return NT_STATUS_OK;
-}
diff --git a/source3/lib/username.c b/source3/lib/username.c
index c04dfd05da..52994557f7 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -29,16 +29,6 @@ static struct passwd *uname_string_combinations2(char *s, TALLOC_CTX *mem_ctx, i
 						 struct passwd * (*fn) (TALLOC_CTX *mem_ctx, const char *),
 						 int N);
 
-/*****************************************************************
- Check if a user or group name is local (this is a *local* name for
- *local* people, there's nothing for you here...).
-*****************************************************************/
-
-static BOOL name_is_local(const char *name)
-{
-	return !(strchr_m(name, *lp_winbind_separator()));
-}
-
 /****************************************************************************
  Get a users home directory.
 ****************************************************************************/
@@ -58,161 +48,6 @@ char *get_user_home_dir(const char *user)
 	return(pass->pw_dir);      
 }
 
-/*******************************************************************
- Map a username from a dos name to a unix name by looking in the username
- map. Note that this modifies the name in place.
- This is the main function that should be called *once* on
- any incoming or new username - in order to canonicalize the name.
- This is being done to de-couple the case conversions from the user mapping
- function. Previously, the map_username was being called
- every time Get_Pwnam was called.
- Returns True if username was changed, false otherwise.
-********************************************************************/
-
-BOOL map_username(fstring user)
-{
-	static BOOL initialised=False;
-	static fstring last_from,last_to;
-	XFILE *f;
-	char *mapfile = lp_username_map();
-	char *s;
-	pstring buf;
-	BOOL mapped_user = False;
-	char *cmd = lp_username_map_script();
-	
-	if (!*user)
-		return False;
-		
-	if (strequal(user,last_to))
-		return False;
-
-	if (strequal(user,last_from)) {
-		DEBUG(3,("Mapped user %s to %s\n",user,last_to));
-		fstrcpy(user,last_to);
-		return True;
-	}
-	
-	/* first try the username map script */
-	
-	if ( *cmd ) {
-		char **qlines;
-		pstring command;
-		int numlines, ret, fd;
-
-		pstr_sprintf( command, "%s \"%s\"", cmd, user );
-
-		DEBUG(10,("Running [%s]\n", command));
-		ret = smbrun(command, &fd);
-		DEBUGADD(10,("returned [%d]\n", ret));
-
-		if ( ret != 0 ) {
-			if (fd != -1)
-				close(fd);
-			return False;
-		}
-
-		numlines = 0;
-		qlines = fd_lines_load(fd, &numlines,0);
-		DEBUGADD(10,("Lines returned = [%d]\n", numlines));
-		close(fd);
-
-		/* should be either no lines or a single line with the mapped username */
-
-		if (numlines) {
-			DEBUG(3,("Mapped user %s to %s\n", user, qlines[0] ));
-			fstrcpy( user, qlines[0] );
-		}
-
-		file_lines_free(qlines);
-		
-		return numlines != 0;
-	}
-
-	/* ok.  let's try the mapfile */
-	
-	if (!*mapfile)
-		return False;
-
-	if (!initialised) {
-		*last_from = *last_to = 0;
-		initialised = True;
-	}
-  
-	f = x_fopen(mapfile,O_RDONLY, 0);
-	if (!f) {
-		DEBUG(0,("can't open username map %s. Error %s\n",mapfile, strerror(errno) ));
-		return False;
-	}
-
-	DEBUG(4,("Scanning username map %s\n",mapfile));
-
-	while((s=fgets_slash(buf,sizeof(buf),f))!=NULL) {
-		char *unixname = s;
-		char *dosname = strchr_m(unixname,'=');
-		char **dosuserlist;
-		BOOL return_if_mapped = False;
-
-		if (!dosname)
-			continue;
-
-		*dosname++ = 0;
-
-		while (isspace((int)*unixname))
-			unixname++;
-
-		if ('!' == *unixname) {
-			return_if_mapped = True;
-			unixname++;
-			while (*unixname && isspace((int)*unixname))
-				unixname++;
-		}
-    
-		if (!*unixname || strchr_m("#;",*unixname))
-			continue;
-
-		{
-			int l = strlen(unixname);
-			while (l && isspace((int)unixname[l-1])) {
-				unixname[l-1] = 0;
-				l--;
-			}
-		}
-
-		dosuserlist = str_list_make(dosname, NULL);
-		if (!dosuserlist) {
-			DEBUG(0,("Unable to build user list\n"));
-			return False;
-		}
-
-		if (strchr_m(dosname,'*') ||
-		    user_in_list(user, (const char **)dosuserlist)) {
-			DEBUG(3,("Mapped user %s to %s\n",user,unixname));
-			mapped_user = True;
-			fstrcpy( last_from,user );
-			fstrcpy( user, unixname );
-			fstrcpy( last_to,user );
-			if ( return_if_mapped ) {
-				str_list_free (&dosuserlist);
-				x_fclose(f);
-				return True;
-			}
-		}
-    
-		str_list_free (&dosuserlist);
-	}
-
-	x_fclose(f);
-
-	/*
-	 * Setup the last_from and last_to as an optimization so 
-	 * that we don't scan the file again for the same user.
-	 */
-	fstrcpy(last_from,user);
-	fstrcpy(last_to,user);
-
-	return mapped_user;
-}
-
 /****************************************************************************
  * A wrapper for sys_getpwnam().  The following variations are tried:
  *   - as transmitted
@@ -334,351 +169,6 @@ struct passwd *Get_Pwnam(const char *user)
 	return ret;  
 }
 
-/****************************************************************************
- Check if a user is in a netgroup user list. If at first we don't succeed,
- try lower case.
-****************************************************************************/
-
-BOOL user_in_netgroup(const char *user, const char *ngname)
-{
-#ifdef HAVE_NETGROUP
-	static char *mydomain = NULL;
-	fstring lowercase_user;
-
-	if (mydomain == NULL)
-		yp_get_default_domain(&mydomain);
-
-	if(mydomain == NULL) {
-		DEBUG(5,("Unable to get default yp domain\n"));
-		return False;
-	}
-
-	DEBUG(5,("looking for user %s of domain %s in netgroup %s\n",
-		user, mydomain, ngname));
-
-	if (innetgr(ngname, NULL, user, mydomain)) {
-		DEBUG(5,("user_in_netgroup: Found\n"));
-		return (True);
-	} else {
-
-		/*
-		 * Ok, innetgr is case sensitive. Try once more with lowercase
-		 * just in case. Attempt to fix #703. JRA.
-		 */
-
-		fstrcpy(lowercase_user, user);
-		strlower_m(lowercase_user);
-	
-		DEBUG(5,("looking for user %s of domain %s in netgroup %s\n",
-			lowercase_user, mydomain, ngname));
-
-		if (innetgr(ngname, NULL, lowercase_user, mydomain)) {
-			DEBUG(5,("user_in_netgroup: Found\n"));
-			return (True);
-		}
-	}
-#endif /* HAVE_NETGROUP */
-	return False;
-}
-
-/****************************************************************************
- Check if a user is in a winbind group.
-****************************************************************************/
-  
-static BOOL user_in_winbind_group(const char *user, const char *gname,
-				  BOOL *winbind_answered)
-{
-	int i;
- 	gid_t gid, gid_low, gid_high;
- 	BOOL ret = False;
-	static gid_t *groups = NULL;
-	static int num_groups = 0;
-	static fstring last_user = "";
- 
- 	*winbind_answered = False;
- 
-	if ((gid = nametogid(gname)) == (gid_t)-1) {
- 		DEBUG(0,("user_in_winbind_group: nametogid for group %s "
-			 "failed.\n", gname ));
- 		goto err;
- 	}
-
-	if (!lp_idmap_gid(&gid_low, &gid_high)) {
-		DEBUG(4, ("winbind gid range not configured, therefore %s "
-			  "cannot be a winbind group\n", gname));
- 		goto err;
-	}
-
-	if (gid < gid_low || gid > gid_high) {
-		DEBUG(4, ("group %s is not a winbind group\n", gname));
- 		goto err;
-	}
- 
-	/* try to user the last user we looked up */
-	/* otherwise fall back to lookups */
-	
-	if ( !strequal( last_user, user ) || !groups )
- 	{
-		/* clear any cached information */
-		
- 	 	SAFE_FREE(groups);
-		fstrcpy( last_user, "" );
-
-	 	/*
- 		 * Get the gid's that this user belongs to.
- 		 */
- 
-	 	if ((num_groups = winbind_getgroups(user, &groups)) == -1)
- 			return False;
-			
-		if ( num_groups == -1 )
-			return False;
- 
-	 	if ( num_groups == 0 ) {
- 			*winbind_answered = True;
- 			return False;
- 		}
- 		
-		/* save the last username */
-		
-		fstrcpy( last_user, user );
-		
-	}
-	else 
-		DEBUG(10,("user_in_winbind_group: using cached user "
-			  "groups for [%s]\n", user));
- 
- 	if ( DEBUGLEVEL >= 10 ) {
-		DEBUG(10,("user_in_winbind_group: using groups -- "));
-	 	for ( i=0; i<num_groups; i++ )
-			DEBUGADD(10,("%lu ", (unsigned long)groups[i]));
-		DEBUGADD(10,("\n"));	
-	}
- 
-	/*
-	 * Now we have the gid list for this user - convert the gname to a
-	 * gid_t via either winbind or the local UNIX lookup and do the
-	 * comparison.
-	 */
- 
- 	for (i = 0; i < num_groups; i++) {
- 		if (gid == groups[i]) {
- 			ret = True;
- 			break;
- 		}
- 	}
- 
- 	*winbind_answered = True;
- 	SAFE_FREE(groups);
- 	return ret;
- 
-   err:
- 
- 	*winbind_answered = False;
- 	SAFE_FREE(groups);
- 	return False;
-}	      
- 
-/****************************************************************************
- Check if a user is in a UNIX group.
-****************************************************************************/
-
-BOOL user_in_unix_group(const char *user,const char *gname)
-{
-	struct passwd *pass = Get_Pwnam(user);
-	struct sys_userlist *user_list;
-	struct sys_userlist *member;
-
-	DEBUG(10,("user_in_unix_group: checking user %s in group %s\n",
-		  user, gname));
-
- 	/*
- 	 * We need to check the users primary group as this
- 	 * group is implicit and often not listed in the group database.
- 	 */
- 
- 	if (pass) {
- 		if (strequal(gname,gidtoname(pass->pw_gid))) {
- 			DEBUG(10,("user_in_unix_group: group %s is "
-				  "primary group.\n", gname ));
- 			return True;
- 		}
- 	}
- 
-	user_list = get_users_in_group(gname);
- 	if (user_list == NULL) {
- 		DEBUG(10,("user_in_unix_group: no such group %s\n",
-			  gname ));
- 		return False;
- 	}
-
-	for (member = user_list; member; member = member->next) {
- 		DEBUG(10,("user_in_unix_group: checking user %s against "
-			  "member %s\n", user, member->unix_name ));
-  		if (strequal(member->unix_name,user)) {
-			free_userlist(user_list);
-  			return(True);
-  		}
-	}
-
-	free_userlist(user_list);
-	return False;
-}	      
-
-/****************************************************************************
- Check if a user is in a group list. Ask winbind first, then use UNIX.
-****************************************************************************/
-
-BOOL user_in_group(const char *user, const char *gname)
-{
-	BOOL winbind_answered = False;
-	BOOL ret;
-
-	ret = user_in_winbind_group(user, gname, &winbind_answered);
-	if (!winbind_answered)
-		ret = user_in_unix_group(user, gname);
-
-	if (ret)
-		DEBUG(10,("user_in_group: user |%s| is in group |%s|\n",
-			  user, gname));
-	return ret;
-}
-
-/****************************************************************************
- Check if a user is in a user list - can check combinations of UNIX
- and netgroup lists.
-****************************************************************************/
-
-BOOL user_in_list(const char *user,const char **list)
-{
-	if (!list || !*list)
-		return False;
-
-	DEBUG(10,("user_in_list: checking user %s in list\n", user));
-
-	while (*list) {
-
-		DEBUG(10,("user_in_list: checking user |%s| against |%s|\n",
-			  user, *list));
-
-		/*
-		 * Check raw username.
-		 */
-		if (strequal(user, *list))
-			return(True);
-
-		/*
-		 * Now check to see if any combination
-		 * of UNIX and netgroups has been specified.
-		 */
-
-		if(**list == '@') {
-			/*
-			 * Old behaviour. Check netgroup list
-			 * followed by UNIX list.
-			 */
-			if(user_in_netgroup(user, *list +1))
-				return True;
-			if(user_in_group(user, *list +1))
-				return True;
-		} else if (**list == '+') {
-
-			if((*(*list +1)) == '&') {
-				/*
-				 * Search UNIX list followed by netgroup.
-				 */
-				if(user_in_group(user, *list +2))
-					return True;
-				if(user_in_netgroup(user, *list +2))
-					return True;
-
-			} else {
-
-				/*
-				 * Just search UNIX list.
-				 */
-
-				if(user_in_group(user, *list +1))
-					return True;
-			}
-
-		} else if (**list == '&') {
-
-			if(*(*list +1) == '+') {
-				/*
-				 * Search netgroup list followed by UNIX list.
-				 */
-				if(user_in_netgroup(user, *list +2))
-					return True;
-				if(user_in_group(user, *list +2))
-					return True;
-			} else {
-				/*
-				 * Just search netgroup list.
-				 */
-				if(user_in_netgroup(user, *list +1))
-					return True;
-			}
-		} else if (!name_is_local(*list)) {
-			/*
-			 * If user name did not match and token is not a unix
-			 * group and the token has a winbind separator in the
-			 * name then see if it is a Windows group.
-			 */
-
-			DOM_SID g_sid;
-			enum SID_NAME_USE name_type;
-			BOOL winbind_answered = False;
-			BOOL ret;
-			fstring groupname, domain;
-			
-			/* Parse a string of the form DOMAIN/user into a
-			 * domain and a user */
-
-			char *p = strchr(*list,*lp_winbind_separator());
-			
-			DEBUG(10,("user_in_list: checking if user |%s| is in "
-				  "winbind group |%s|\n", user, *list));
-
-			if (p) {
-				fstrcpy(groupname, p+1);
-				fstrcpy(domain, *list);
-				domain[PTR_DIFF(p, *list)] = 0;
-
-				/* Check to see if name is a Windows group;
-				   Win2k native mode DCs will return domain
-				   local groups; while NT4 or mixed mode 2k
-				   DCs will not */
-			
-				if ( winbind_lookup_name(domain, groupname,
-							 &g_sid, &name_type) 
-				     && ( name_type==SID_NAME_DOM_GRP || 
-					  (strequal(lp_workgroup(), domain) &&
-					   name_type==SID_NAME_ALIAS) ) )
-				{
-					
-					/* Check if user name is in the
-					 * Windows group */
-					ret = user_in_winbind_group(
-						user, *list,
-						&winbind_answered);
-					
-					if (winbind_answered && ret == True) {
-						DEBUG(10,("user_in_list: user "
-							  "|%s| is in winbind "
-							  "group |%s|\n",
-							  user, *list));
-						return ret;
-					}
-				}
-			}
-		}
-    
-		list++;
-	}
-	return(False);
-}
-
 /* The functions below have been taken from password.c and slightly modified */
 /****************************************************************************
  Apply a function to upper/lower case combinations
diff --git a/source3/lib/util_getent.c b/source3/lib/util_getent.c
deleted file mode 100644
index 7c045fccb2..0000000000
--- a/source3/lib/util_getent.c
+++ /dev/null
@@ -1,337 +0,0 @@
-/*
-   Unix SMB/CIFS implementation.
-   Samba utility functions
-   Copyright (C) Simo Sorce 2001
-   Copyright (C) Jeremy Allison 2001
-
-   This program is free software; you can redistribute it and/or modify
-   it under the terms of the GNU General Public License as published by
-   the Free Software Foundation; either version 2 of the License, or
-   (at your option) any later version.
-   
-   This program is distributed in the hope that it will be useful,
-   but WITHOUT ANY WARRANTY; without even the implied warranty of
-   MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
-   GNU General Public License for more details.
-   
-   You should have received a copy of the GNU General Public License
-   along with this program; if not, write to the Free Software
-   Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
-*/
-
-#include "includes.h"
-
-
-/****************************************************************
- Returns a single linked list of group entries.
- Use grent_free() to free it after use.
-****************************************************************/
-
-struct sys_grent * getgrent_list(void)
-{
-	struct sys_grent *glist;
-	struct sys_grent *gent;
-	struct group *grp;
-	
-	gent = SMB_MALLOC_P(struct sys_grent);
-	if (gent == NULL) {
-		DEBUG (0, ("Out of memory in getgrent_list!\n"));
-		return NULL;
-	}
-	memset(gent, '\0', sizeof(struct sys_grent));
-	glist = gent;
-	
-	setgrent();
-	grp = getgrent();
-	if (grp == NULL) {
-		endgrent();
-		SAFE_FREE(glist);
-		return NULL;
-	}
-
-	while (grp != NULL) {
-		int i,num;
-		
-		if (grp->gr_name) {
-			if ((gent->gr_name = SMB_STRDUP(grp->gr_name)) == NULL)
-				goto err;
-		}
-		if (grp->gr_passwd) {
-			if ((gent->gr_passwd = SMB_STRDUP(grp->gr_passwd)) == NULL)
-				goto err;
-		}
-		gent->gr_gid = grp->gr_gid;
-		
-		/* number of strings in gr_mem */
-		for (num = 0; grp->gr_mem[num];	num++)
-			;
-		
-		/* alloc space for gr_mem string pointers */
-		if ((gent->gr_mem = SMB_MALLOC_ARRAY(char *, num+1)) == NULL)
-			goto err;
-
-		memset(gent->gr_mem, '\0', (num+1) * sizeof(char *));
-
-		for (i=0; i < num; i++) {
-			if ((gent->gr_mem[i] = SMB_STRDUP(grp->gr_mem[i])) == NULL)
-				goto err;
-		}
-		gent->gr_mem[num] = NULL;
-		
-		grp = getgrent();
-		if (grp) {
-			gent->next = SMB_MALLOC_P(struct sys_grent);
-			if (gent->next == NULL)
-				goto err;
-			gent = gent->next;
-			memset(gent, '\0', sizeof(struct sys_grent));
-		}
-	}
-	
-	endgrent();
-	return glist;
-
-  err:
-
-	endgrent();
-	DEBUG(0, ("Out of memory in getgrent_list!\n"));
-	grent_free(glist);
-	return NULL;
-}
-
-/****************************************************************
- Free the single linked list of group entries made by
- getgrent_list()
-****************************************************************/
-
-void grent_free (struct sys_grent *glist)
-{
-	while (glist) {
-		struct sys_grent *prev;
-		
-		SAFE_FREE(glist->gr_name);
-		SAFE_FREE(glist->gr_passwd);
-		if (glist->gr_mem) {
-			int i;
-			for (i = 0; glist->gr_mem[i]; i++)
-				SAFE_FREE(glist->gr_mem[i]);
-			SAFE_FREE(glist->gr_mem);
-		}
-		prev = glist;
-		glist = glist->next;
-		SAFE_FREE(prev);
-	}
-}
-
-/****************************************************************
- Returns a single linked list of passwd entries.
- Use pwent_free() to free it after use.
-****************************************************************/
-
-struct sys_pwent * getpwent_list(void)
-{
-	struct sys_pwent *plist;
-	struct sys_pwent *pent;
-	struct passwd *pwd;
-	
-	pent = SMB_MALLOC_P(struct sys_pwent);
-	if (pent == NULL) {
-		DEBUG (0, ("Out of memory in getpwent_list!\n"));
-		return NULL;
-	}
-	plist = pent;
-	
-	setpwent();
-	pwd = getpwent();
-	while (pwd != NULL) {
-		memset(pent, '\0', sizeof(struct sys_pwent));
-		if (pwd->pw_name) {
-			if ((pent->pw_name = SMB_STRDUP(pwd->pw_name)) == NULL)
-				goto err;
-		}
-		if (pwd->pw_passwd) {
-			if ((pent->pw_passwd = SMB_STRDUP(pwd->pw_passwd)) == NULL)
-				goto err;
-		}
-		pent->pw_uid = pwd->pw_uid;
-		pent->pw_gid = pwd->pw_gid;
-		if (pwd->pw_gecos) {
-			if ((pent->pw_gecos = SMB_STRDUP(pwd->pw_gecos)) == NULL)
-				goto err;
-		}
-		if (pwd->pw_dir) {
-			if ((pent->pw_dir = SMB_STRDUP(pwd->pw_dir)) == NULL)
-				goto err;
-		}
-		if (pwd->pw_shell) {
-			if ((pent->pw_shell = SMB_STRDUP(pwd->pw_shell)) == NULL)
-				goto err;
-		}
-
-		pwd = getpwent();
-		if (pwd) {
-			pent->next = SMB_MALLOC_P(struct sys_pwent);
-			if (pent->next == NULL)
-				goto err;
-			pent = pent->next;
-		}
-	}
-	
-	endpwent();
-	return plist;
-
-  err:
-
-	endpwent();
-	DEBUG(0, ("Out of memory in getpwent_list!\n"));
-	pwent_free(plist);
-	return NULL;
-}
-
-/****************************************************************
- Free the single linked list of passwd entries made by
- getpwent_list()
-****************************************************************/
-
-void pwent_free (struct sys_pwent *plist)
-{
-	while (plist) {
-		struct sys_pwent *prev;
-		
-		SAFE_FREE(plist->pw_name);
-		SAFE_FREE(plist->pw_passwd);
-		SAFE_FREE(plist->pw_gecos);
-		SAFE_FREE(plist->pw_dir);
-		SAFE_FREE(plist->pw_shell);
-
-		prev = plist;
-		plist = plist->next;
-		SAFE_FREE(prev);
-	}
-}
-
-/****************************************************************
- Add the individual group users onto the list.
-****************************************************************/
-
-static struct sys_userlist *add_members_to_userlist(struct sys_userlist *list_head, const struct group *grp)
-{
-	size_t num_users, i;
-
-	/* Count the number of users. */
-	for (num_users = 0; grp->gr_mem[num_users]; num_users++)
-		;
-
-	for (i = 0; i < num_users; i++) {
-		struct sys_userlist *entry = SMB_MALLOC_P(struct sys_userlist);
-		if (entry == NULL) {
-			free_userlist(list_head);
-			return NULL;
-		}
-		entry->unix_name = (char *)SMB_STRDUP(grp->gr_mem[i]);
-		if (entry->unix_name == NULL) {
-			SAFE_FREE(entry);
-			free_userlist(list_head);
-			return NULL;
-		}
-		DLIST_ADD(list_head, entry);
-	}
-	return list_head;
-}
-
-/*****************************************************************
- Splits passed user or group name to domain and user/group name parts
- Returns True if name was splitted and False otherwise.
-*****************************************************************/
-
-static BOOL split_domain_and_name(const char *name, char *domain,
-				  char* username)
-{
-	char *p = strchr(name,*lp_winbind_separator());
-	
-	
-	/* Parse a string of the form DOMAIN/user into a domain and a user */
-	DEBUG(10,("split_domain_and_name: checking whether name |%s| local or "
-		  "not\n", name));
-	
-	if (p) {
-		fstrcpy(username, p+1);
-		fstrcpy(domain, name);
-		domain[PTR_DIFF(p, name)] = 0;
-	} else if (lp_winbind_use_default_domain()) {
-		fstrcpy(username, name);
-		fstrcpy(domain, lp_workgroup());
-	} else {
-		return False;
-	}
-
-	DEBUG(10,("split_domain_and_name: all is fine, domain is |%s| and "
-		  "name is |%s|\n", domain, username));
-	return True;
-}
-
-/****************************************************************
- Get the list of UNIX users in a group.
- We have to enumerate the /etc/group file as some UNIX getgrnam()
- calls won't do that for us (notably Tru64 UNIX).
-****************************************************************/
-
-struct sys_userlist *get_users_in_group(const char *gname)
-{
-	struct sys_userlist *list_head = NULL;
-	struct group *gptr;
-	fstring domain;
-	fstring groupname;
-	DOM_SID sid;
-	enum SID_NAME_USE name_type;
-
-	/* No point using winbind if we can't split it in the
-	   first place */
-	if (split_domain_and_name(gname, domain, groupname)) {
-
-		/*
-		 * If we're doing this via winbindd, don't do the
-		 * entire group list enumeration as we know this is
-		 * pointless (and slow).
-		 */
-		
-		if (winbind_lookup_name(domain, groupname, &sid, &name_type) 
-		    && name_type == SID_NAME_DOM_GRP) {
-			if ((gptr = (struct group *)getgrnam(gname)) == NULL)
-				return NULL;
-			return add_members_to_userlist(list_head, gptr);
-		}
-	}
-	
-#if !defined(BROKEN_GETGRNAM)
-	if ((gptr = (struct group *)getgrnam(gname)) == NULL)
-		return NULL;
-	return add_members_to_userlist(list_head, gptr);
-#else
-	/* BROKEN_GETGRNAM - True64 */
-	setgrent();
-	while((gptr = getgrent()) != NULL) {
-		if (strequal(gname, gptr->gr_name)) {
-			list_head = add_members_to_userlist(list_head, gptr);
-			if (list_head == NULL)
-				return NULL;
-		}
-	}
-	endgrent();
-	return list_head;
-#endif
-}
-
-/****************************************************************
- Free list allocated above.
-****************************************************************/
-
-void free_userlist(struct sys_userlist *list_head)
-{
-	while (list_head) {
-		struct sys_userlist *old_head = list_head;
-		DLIST_REMOVE(list_head, list_head);
-		SAFE_FREE(old_head->unix_name);
-		SAFE_FREE(old_head);
-	}
-}