diff options
author | Gerald Carter <jerry@samba.org> | 2003-04-22 05:14:21 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2003-04-22 05:14:21 +0000 |
commit | cbdb436e2147fe2215439305ab226048e1ae9b0e (patch) | |
tree | 70564c0748f93fd66a919cf373138748a60ce68f /source3 | |
parent | 6f99b229dbf4a9b72fe825ebb2e3751ef3d7b680 (diff) | |
download | samba-cbdb436e2147fe2215439305ab226048e1ae9b0e.tar.gz samba-cbdb436e2147fe2215439305ab226048e1ae9b0e.tar.bz2 samba-cbdb436e2147fe2215439305ab226048e1ae9b0e.zip |
support referencing group by sid in all operations; allow group name to be changed
(This used to be commit b6ccdb8f7b72eed4c4248db43fefa09b6f084852)
Diffstat (limited to 'source3')
-rw-r--r-- | source3/utils/net_groupmap.c | 73 |
1 files changed, 60 insertions, 13 deletions
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a9f47172fe..3cb132c2f9 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -176,6 +176,7 @@ int net_groupmap_add(int argc, const char **argv) PRIVILEGE_SET se_priv; DOM_SID sid; fstring ntgroup = ""; + fstring unixgrp = ""; fstring string_sid = ""; fstring type = ""; fstring ntcomment = ""; @@ -193,7 +194,14 @@ int net_groupmap_add(int argc, const char **argv) return -1; } } - else if ( !StrnCaseCmp(argv[i], "name", strlen("name")) ) { + else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { + fstrcpy( unixgrp, get_string_param( argv[i] ) ); + if ( !unixgrp[0] ) { + d_printf("must supply a name\n"); + return -1; + } + } + else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_printf("must supply a name\n"); @@ -237,8 +245,8 @@ int net_groupmap_add(int argc, const char **argv) } } - if ( !ntgroup[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { - d_printf("Usage: net groupmap add {rid=<int>|sid=<string>} name=<string>| type=<domain|local|builtin> [comment=<string>]\n"); + if ( !unixgrp[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { + d_printf("Usage: net groupmap add {rid=<int>|sid=<string>} unixgroup=<string> type=<domain|local|builtin> [ntgroup=<string>] [comment=<string>]\n"); return -1; } @@ -252,11 +260,15 @@ int net_groupmap_add(int argc, const char **argv) if (ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); - if ( !(gid = nametogid(ntgroup)) ) { + if ( !(gid = nametogid(unixgrp)) ) { d_printf("Can't lookup UNIX group %s\n", ntgroup); return -1; } + if ( !ntgroup[0] ) + fstrcpy( ntgroup, unixgrp ); + + init_privilege(&se_priv); #if 0 if (privilege!=NULL) @@ -282,18 +294,26 @@ int net_groupmap_modify(int argc, const char **argv) fstring ntcomment = ""; fstring type = ""; fstring ntgroup = ""; + fstring sid_string = ""; enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; int i; /* get the options */ for ( i=0; i<argc; i++ ) { - if ( !StrnCaseCmp(argv[i], "name", strlen("name")) ) { + if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_printf("must supply a name\n"); return -1; } } + else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { + fstrcpy( sid_string, get_string_param( argv[i] ) ); + if ( !sid_string[0] ) { + d_printf("must supply a name\n"); + return -1; + } + } else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { @@ -320,14 +340,25 @@ int net_groupmap_modify(int argc, const char **argv) } } - if ( !ntgroup[0] ) { - d_printf("Usage: net groupmap modify name=<string|SID> [comment=<string>] [type=<domain|local>\n"); + if ( !ntgroup[0] && !sid_string[0] ) { + d_printf("Usage: net groupmap modify {ntgroup=<string>|sid=<SID>} [comment=<string>] [type=<domain|local>\n"); return -1; } - - if (!get_sid_from_input(&sid, ntgroup)) { - return -1; + + /* give preference to the SID; if both the ntgroup name and SID + are defined, use the SID and assume that the group name could be a + new name */ + + if ( sid_string[0] ) { + if (!get_sid_from_input(&sid, sid_string)) { + return -1; + } } + else { + if (!get_sid_from_input(&sid, ntgroup)) { + return -1; + } + } /* Get the current mapping from the database */ if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) { @@ -358,6 +389,9 @@ int net_groupmap_modify(int argc, const char **argv) /* Change comment if new one */ if ( ntcomment[0] ) fstrcpy( map.comment, ntcomment ); + + if ( ntgroup[0] ) + fstrcpy( map.nt_name, ntgroup ); #if 0 /* Change the privilege if new one */ @@ -382,28 +416,41 @@ int net_groupmap_delete(int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; + fstring sid_string = ""; int i; /* get the options */ for ( i=0; i<argc; i++ ) { - if ( !StrnCaseCmp(argv[i], "name", strlen("name")) ) { + if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_printf("must supply a name\n"); return -1; } } + if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { + fstrcpy( sid_string, get_string_param( argv[i] ) ); + if ( !sid_string[0] ) { + d_printf("must supply a SID\n"); + return -1; + } + } else { d_printf("Bad option: %s\n", argv[i]); return -1; } } - if ( !ntgroup[0] ) { - d_printf("Usage: net groupmap delete name=<string|SID>\n"); + if ( !ntgroup[0] && !sid_string[0]) { + d_printf("Usage: net groupmap delete {ntgroup=<string>|sid=<SID>}\n"); return -1; } + /* give preference to the SID if we have that */ + + if ( sid_string[0] ) + fstrcpy( ntgroup, sid_string ); + if ( !get_sid_from_input(&sid, ntgroup) ) { d_printf("Unable to resolve group %s to a SID\n", ntgroup); return -1; |