diff options
| author | Jean-François Micouleau <jfm@samba.org> | 2001-12-04 21:53:47 +0000 |
|---|---|---|
| committer | Jean-François Micouleau <jfm@samba.org> | 2001-12-04 21:53:47 +0000 |
| commit | 922eb763d7365716fd3c20aa069746fc9bfb8ab3 (patch) | |
| tree | 5aa576e627be2c74803509ec298881dbc3c57864 /source3/utils | |
| parent | 4d3ec230b4319510826b2cccc0b957096d8a53fe (diff) | |
| download | samba-922eb763d7365716fd3c20aa069746fc9bfb8ab3.tar.gz samba-922eb763d7365716fd3c20aa069746fc9bfb8ab3.tar.bz2 samba-922eb763d7365716fd3c20aa069746fc9bfb8ab3.zip | |
added a boolean to the group mapping functions to specify if we need or
not the privileges. Usually we don't need them, so the memory is free
early.
lib/util_sid.c: added some helper functions to check an SID.
passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !
rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.
J.F.
(This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
Diffstat (limited to 'source3/utils')
| -rw-r--r-- | source3/utils/smbgroupedit.c | 14 |
1 files changed, 9 insertions, 5 deletions
diff --git a/source3/utils/smbgroupedit.c b/source3/utils/smbgroupedit.c index 58ed0a8294..f32f7b7129 100644 --- a/source3/utils/smbgroupedit.c +++ b/source3/utils/smbgroupedit.c @@ -89,9 +89,12 @@ int addgroup(char *group, enum SID_NAME_USE sid_type, char *ntgroup, char *ntcom if (privilege!=NULL) convert_priv_from_text(&se_priv, privilege); - if(!add_initial_entry(gid, string_sid, sid_type, name, comment, se_priv, PR_ACCESS_FROM_NETWORK)) + if(!add_initial_entry(gid, string_sid, sid_type, name, comment, se_priv, PR_ACCESS_FROM_NETWORK)) { + free_privilege(&se_priv); return -1; + } + free_privilege(&se_priv); return 0; } @@ -103,12 +106,11 @@ int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type, char DOM_SID sid; GROUP_MAP map; gid_t gid; - PRIVILEGE_SET se_priv; string_to_sid(&sid, sid_string); /* Get the current mapping from the database */ - if(!get_group_map_from_sid(sid, &map)) { + if(!get_group_map_from_sid(sid, &map, MAPPING_WITH_PRIV)) { printf("This SID does not exist in the database\n"); return -1; } @@ -145,9 +147,11 @@ int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type, char if (!add_mapping_entry(&map, TDB_REPLACE)) { printf("Count not update group database\n"); + free_privilege(&map.priv_set); return -1; } - + + free_privilege(&map.priv_set); return 0; } @@ -180,7 +184,7 @@ int listgroup(enum SID_NAME_USE sid_type, BOOL long_list) if (!long_list) printf("NT group (SID) -> Unix group\n"); - if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED)) + if (!enum_group_mapping(sid_type, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV)) return -1; for (i=0; i<entries; i++) { |