diff options
author | Christian Ambach <ambi@samba.org> | 2011-10-20 18:44:48 +0200 |
---|---|---|
committer | Christian Ambach <ambi@samba.org> | 2011-10-21 16:30:56 +0200 |
commit | ed45a558aed5cd7c7f21425ee93212bbf77da3ad (patch) | |
tree | bceeebe660cefb374bde1d3f7559d6f84eadf351 /source3/winbindd | |
parent | 0a85d1c8916a953edd00235f0701ab7d52868de7 (diff) | |
download | samba-ed45a558aed5cd7c7f21425ee93212bbf77da3ad.tar.gz samba-ed45a558aed5cd7c7f21425ee93212bbf77da3ad.tar.bz2 samba-ed45a558aed5cd7c7f21425ee93212bbf77da3ad.zip |
s3:idmap_autorid: add an allocation range to autorid
this is needed to allocate gids for BUILTIN\Users and
BUILTIN\Administrators and for local users/group that
admins might want to create
autorid will now allocate one range for this purpose
and can so give out as many uids and gids as the
configured rangesize allows
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/idmap_autorid.c | 97 |
1 files changed, 96 insertions, 1 deletions
diff --git a/source3/winbindd/idmap_autorid.c b/source3/winbindd/idmap_autorid.c index 503f8748b7..1a88fd4cb8 100644 --- a/source3/winbindd/idmap_autorid.c +++ b/source3/winbindd/idmap_autorid.c @@ -35,6 +35,9 @@ #define DBGC_CLASS DBGC_IDMAP #define HWM "NEXT RANGE" +#define ALLOC_HWM_UID "NEXT ALLOC UID" +#define ALLOC_HWM_GID "NEXT ALLOC GID" +#define ALLOC_RANGE "ALLOC" #define CONFIGKEY "CONFIG" struct autorid_global_config { @@ -166,6 +169,18 @@ static NTSTATUS idmap_autorid_id_to_sid(struct autorid_global_config *cfg, DEBUG(4, ("id %d belongs to range %d which does not have " "domain mapping, ignoring mapping request\n", map->xid.id, range)); + TALLOC_FREE(data.dptr); + map->status = ID_UNKNOWN; + return NT_STATUS_OK; + } + + if (strncmp((const char *)data.dptr, + ALLOC_RANGE, + strlen(ALLOC_RANGE)) == 0) { + /* this is from the alloc range, there is no mapping back */ + DEBUG(5, ("id %d belongs to alloc range, cannot map back\n", + map->xid.id)); + TALLOC_FREE(data.dptr); map->status = ID_UNKNOWN; return NT_STATUS_OK; } @@ -381,7 +396,12 @@ static NTSTATUS idmap_autorid_db_init(void) status = idmap_autorid_init_hwm(HWM); NT_STATUS_NOT_OK_RETURN(status); - return NT_STATUS_OK; + status = idmap_autorid_init_hwm(ALLOC_HWM_UID); + NT_STATUS_NOT_OK_RETURN(status); + + status = idmap_autorid_init_hwm(ALLOC_HWM_GID); + + return status; } static struct autorid_global_config *idmap_autorid_loadconfig(TALLOC_CTX * ctx) @@ -564,6 +584,80 @@ done: return status; } +static NTSTATUS idmap_autorid_allocate_id(struct idmap_domain *dom, + struct unixid *xid) { + + NTSTATUS ret; + struct autorid_global_config *globalcfg; + struct autorid_domain_config domaincfg; + uint32_t hwm; + const char *hwmkey; + + if (!strequal(dom->name, "*")) { + DEBUG(3, ("idmap_autorid_allocate_id: " + "Refusing creation of mapping for domain'%s'. " + "Currently only supported for the default " + "domain \"*\".\n", + dom->name)); + return NT_STATUS_NOT_IMPLEMENTED; + } + + if ((xid->type != ID_TYPE_UID) && (xid->type != ID_TYPE_GID)) { + return NT_STATUS_INVALID_PARAMETER; + } + + + globalcfg = talloc_get_type(dom->private_data, + struct autorid_global_config); + + /* fetch the range for the allocation pool */ + + ZERO_STRUCT(domaincfg); + + domaincfg.globalcfg = globalcfg; + fstrcpy(domaincfg.sid, ALLOC_RANGE); + + ret = dbwrap_trans_do(autorid_db, + idmap_autorid_get_domainrange, + &domaincfg); + if (!NT_STATUS_IS_OK(ret)) { + DEBUG(3, ("Could not determine range for allocation pool, " + "check previous messages for reason\n")); + return ret; + } + + /* fetch the current HWM */ + hwmkey = (xid->type==ID_TYPE_UID)?ALLOC_HWM_UID:ALLOC_HWM_GID; + + ret = dbwrap_fetch_uint32(autorid_db, hwmkey, &hwm); + + if (!NT_STATUS_IS_OK(ret)) { + DEBUG(1, ("Failed to fetch current allocation HWM value: %s\n", + nt_errstr(ret))); + return NT_STATUS_INTERNAL_ERROR; + } + + if (hwm >= globalcfg->rangesize) { + DEBUG(1, ("allocation range is depleted!\n")); + return NT_STATUS_NO_MEMORY; + } + + ret = dbwrap_change_uint32_atomic(autorid_db, hwmkey, &(xid->id), 1); + if (!NT_STATUS_IS_OK(ret)) { + DEBUG(1, ("Fatal error while allocating new ID!\n")); + return ret; + } + + xid->id = globalcfg->minvalue + + globalcfg->rangesize * domaincfg.domainnum + + xid->id; + + DEBUG(10, ("Returned new %s %d from allocation range\n", + (xid->type==ID_TYPE_UID)?"uid":"gid", xid->id)); + + return ret; +} + /* Close the idmap tdb instance */ @@ -571,6 +665,7 @@ static struct idmap_methods autorid_methods = { .init = idmap_autorid_initialize, .unixids_to_sids = idmap_autorid_unixids_to_sids, .sids_to_unixids = idmap_autorid_sids_to_unixids, + .allocate_id = idmap_autorid_allocate_id }; NTSTATUS samba_init_module(void) |