diff options
| author | Jim McDonough <jmcd@samba.org> | 2004-02-12 15:20:40 +0000 |
|---|---|---|
| committer | Jim McDonough <jmcd@samba.org> | 2004-02-12 15:20:40 +0000 |
| commit | 34232f9ec0eb8f0c78688581cb71ae8041aae535 (patch) | |
| tree | ee68d8797147d33554d081d55426bdae11af27a1 /source3/passdb/passdb.c | |
| parent | c987e9e611019f572606e0de72285925bd5d048f (diff) | |
| download | samba-34232f9ec0eb8f0c78688581cb71ae8041aae535.tar.gz samba-34232f9ec0eb8f0c78688581cb71ae8041aae535.tar.bz2 samba-34232f9ec0eb8f0c78688581cb71ae8041aae535.zip | |
Start of merging HEAD changes. Right now, just move one fn() to eliminate
the prototype at the beginning, and change some comments so diffs to HEAD
aren't filled with useless info.
(This used to be commit 7b40f6c464ecbd40ab3fdf32b53da1e61475d2e7)
Diffstat (limited to 'source3/passdb/passdb.c')
| -rw-r--r-- | source3/passdb/passdb.c | 130 |
1 files changed, 63 insertions, 67 deletions
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index 3e86f05eae..db3ec6eb11 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -27,9 +27,6 @@ #undef DBGC_CLASS #define DBGC_CLASS DBGC_PASSDB -static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, - const struct passwd *pwd); - /****************************************************************** get the default domain/netbios name to be used when testing authentication. For example, if you connect @@ -167,7 +164,7 @@ NTSTATUS pdb_init_sam_talloc(TALLOC_CTX *mem_ctx, SAM_ACCOUNT **user) /************************************************************* - Alloc memory and initialises a struct sam_passwd. + Allocates memory and initialises a struct sam_passwd. ************************************************************/ NTSTATUS pdb_init_sam(SAM_ACCOUNT **user) @@ -192,6 +189,68 @@ NTSTATUS pdb_init_sam(SAM_ACCOUNT **user) return NT_STATUS_OK; } +/************************************************************************** + * This function will take care of all the steps needed to correctly + * allocate and set the user SID, please do use this function to create new + * users, messing with SIDs is not good. + * + * account_data must be provided initialized, pwd may be null. + * SSS + ***************************************************************************/ + +static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd *pwd) +{ + const char *guest_account = lp_guestaccount(); + GROUP_MAP map; + BOOL ret; + + if (!account_data || !pwd) { + return NT_STATUS_INVALID_PARAMETER; + } + + /* this is a hack this thing should not be set + this way --SSS */ + if (!(guest_account && *guest_account)) { + DEBUG(1, ("NULL guest account!?!?\n")); + return NT_STATUS_UNSUCCESSFUL; + } else { + /* Ensure this *must* be set right */ + if (strcmp(pwd->pw_name, guest_account) == 0) { + if (!pdb_set_user_sid_from_rid(account_data, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) { + return NT_STATUS_UNSUCCESSFUL; + } + if (!pdb_set_group_sid_from_rid(account_data, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT)) { + return NT_STATUS_UNSUCCESSFUL; + } + return NT_STATUS_OK; + } + } + + if (!pdb_set_user_sid_from_rid(account_data, fallback_pdb_uid_to_user_rid(pwd->pw_uid), PDB_SET)) { + DEBUG(0,("Can't set User SID from RID!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + + /* call the mapping code here */ + become_root(); + ret = pdb_getgrgid(&map, pwd->pw_gid); + unbecome_root(); + + if( ret ) { + if (!pdb_set_group_sid(account_data, &map.sid, PDB_SET)){ + DEBUG(0,("Can't set Group SID!\n")); + return NT_STATUS_INVALID_PARAMETER; + } + } + else { + if (!pdb_set_group_sid_from_rid(account_data, pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) { + DEBUG(0,("Can't set Group SID\n")); + return NT_STATUS_INVALID_PARAMETER; + } + } + + return NT_STATUS_OK; +} /************************************************************* Initialises a struct sam_passwd with sane values. @@ -406,69 +465,6 @@ NTSTATUS pdb_free_sam(SAM_ACCOUNT **user) return NT_STATUS_OK; } -/************************************************************************** - * This function will take care of all the steps needed to correctly - * allocate and set the user SID, please do use this function to create new - * users, messing with SIDs is not good. - * - * account_data must be provided initialized, pwd may be null. - * SSS - ***************************************************************************/ - -static NTSTATUS pdb_set_sam_sids(SAM_ACCOUNT *account_data, const struct passwd *pwd) -{ - const char *guest_account = lp_guestaccount(); - GROUP_MAP map; - BOOL ret; - - if (!account_data || !pwd) { - return NT_STATUS_INVALID_PARAMETER; - } - - /* this is a hack this thing should not be set - this way --SSS */ - if (!(guest_account && *guest_account)) { - DEBUG(1, ("NULL guest account!?!?\n")); - return NT_STATUS_UNSUCCESSFUL; - } else { - /* Ensure this *must* be set right */ - if (strcmp(pwd->pw_name, guest_account) == 0) { - if (!pdb_set_user_sid_from_rid(account_data, DOMAIN_USER_RID_GUEST, PDB_DEFAULT)) { - return NT_STATUS_UNSUCCESSFUL; - } - if (!pdb_set_group_sid_from_rid(account_data, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT)) { - return NT_STATUS_UNSUCCESSFUL; - } - return NT_STATUS_OK; - } - } - - if (!pdb_set_user_sid_from_rid(account_data, fallback_pdb_uid_to_user_rid(pwd->pw_uid), PDB_SET)) { - DEBUG(0,("Can't set User SID from RID!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - - /* call the mapping code here */ - become_root(); - ret = pdb_getgrgid(&map, pwd->pw_gid); - unbecome_root(); - - if( ret ) { - if (!pdb_set_group_sid(account_data, &map.sid, PDB_SET)){ - DEBUG(0,("Can't set Group SID!\n")); - return NT_STATUS_INVALID_PARAMETER; - } - } - else { - if (!pdb_set_group_sid_from_rid(account_data, pdb_gid_to_group_rid(pwd->pw_gid), PDB_SET)) { - DEBUG(0,("Can't set Group SID\n")); - return NT_STATUS_INVALID_PARAMETER; - } - } - - return NT_STATUS_OK; -} - /********************************************************** Encode the account control bits into a string. length = length of string to encode into (including terminating |