This moves the group mapping API into the passdb backend.

Currently this calls back to mapping.c, but we have the framework
to get the information into LDAP and the passdb.tdb (should we? I
think so..).

This has received moderate testing with net rpc vampire and
usrmgr. I found the add_groupmem segfault in add_aliasmem as
well, but that will be another checkin.

Volker
(This used to be commit f30095852fea19421ac8e25dfe9c5cd4b2206f84)

1 files changed, 60 insertions, 1 deletions

diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c
index 3f625d1690..63c422abea 100644
--- a/source3/passdb/pdb_ldap.c
+++ b/source3/passdb/pdb_ldap.c
@@ -722,7 +722,7 @@ static BOOL init_sam_from_ldap (struct ldapsam_privates *ldap_state,
 		if (group_rid == 0) {
 			GROUP_MAP map;
 			/* call the mapping code here */
-			if(get_group_map_from_gid(gid, &map, MAPPING_WITHOUT_PRIV)) {
+			if(pdb_getgrgid(&map, gid, MAPPING_WITHOUT_PRIV)) {
 				pdb_set_group_sid(sampass, &map.sid, PDB_SET);
 			} 
 			else {
@@ -1733,6 +1733,58 @@ static NTSTATUS ldapsam_add_sam_account(struct pdb_methods *my_methods, SAM_ACCO
 	return NT_STATUS_OK;
 }
 
+static NTSTATUS lsapsam_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
+				 DOM_SID sid, BOOL with_priv)
+{
+	return get_group_map_from_sid(sid, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
+				 gid_t gid, BOOL with_priv)
+{
+	return get_group_map_from_gid(gid, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
+				 char *name, BOOL with_priv)
+{
+	return get_group_map_from_ntname(name, map, with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_add_group_mapping_entry(struct pdb_methods *methods,
+						GROUP_MAP *map)
+{
+	return add_mapping_entry(map, TDB_INSERT) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_update_group_mapping_entry(struct pdb_methods *methods,
+						   GROUP_MAP *map)
+{
+	return add_mapping_entry(map, TDB_REPLACE) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_delete_group_mapping_entry(struct pdb_methods *methods,
+						   DOM_SID sid)
+{
+	return group_map_remove(sid) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
+static NTSTATUS lsapsam_enum_group_mapping(struct pdb_methods *methods,
+					   enum SID_NAME_USE sid_name_use,
+					   GROUP_MAP **rmap, int *num_entries,
+					   BOOL unix_only, BOOL with_priv)
+{
+	return enum_group_mapping(sid_name_use, rmap, num_entries, unix_only,
+				  with_priv) ?
+		NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
+}
+
 static void free_private_data(void **vp) 
 {
 	struct ldapsam_privates **ldap_state = (struct ldapsam_privates **)vp;
@@ -1772,6 +1824,13 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co
 	(*pdb_method)->add_sam_account = ldapsam_add_sam_account;
 	(*pdb_method)->update_sam_account = ldapsam_update_sam_account;
 	(*pdb_method)->delete_sam_account = ldapsam_delete_sam_account;
+	(*pdb_method)->getgrsid = lsapsam_getgrsid;
+	(*pdb_method)->getgrgid = lsapsam_getgrgid;
+	(*pdb_method)->getgrnam = lsapsam_getgrnam;
+	(*pdb_method)->add_group_mapping_entry = lsapsam_add_group_mapping_entry;
+	(*pdb_method)->update_group_mapping_entry = lsapsam_update_group_mapping_entry;
+	(*pdb_method)->delete_group_mapping_entry = lsapsam_delete_group_mapping_entry;
+	(*pdb_method)->enum_group_mapping = lsapsam_enum_group_mapping;
 
 	/* TODO: Setup private data and free */