summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/sam/idmap_tdb.c43
-rw-r--r--source3/utils/net.c70
-rw-r--r--source3/utils/net_help.c3
3 files changed, 115 insertions, 1 deletions
diff --git a/source3/sam/idmap_tdb.c b/source3/sam/idmap_tdb.c
index 01d198e8d5..ecef98d380 100644
--- a/source3/sam/idmap_tdb.c
+++ b/source3/sam/idmap_tdb.c
@@ -117,6 +117,47 @@ static NTSTATUS db_allocate_id(unid_t *id, int id_type)
return NT_STATUS_OK;
}
+/* Set the HWM if necessary */
+/* This is not transaction safe, but the tdb should be locked
+ in db_set_mapping anyway. */
+static NTSTATUS db_adjust_hwm(unid_t id, int id_type)
+{
+ int32 hwm;
+
+ switch (id_type & ID_TYPEMASK) {
+ case ID_USERID:
+ hwm = tdb_fetch_int32(idmap_tdb, HWM_USER);
+ if (hwm == -1)
+ return NT_STATUS_INTERNAL_DB_ERROR;
+
+ if ((id.uid < hwm) || (id.uid > idmap_state.uid_high))
+ return NT_STATUS_OK;
+
+ if (tdb_store_int32(idmap_tdb, HWM_USER, id.uid+1) != 0)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ break;
+
+ case ID_GROUPID:
+ hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP);
+ if (hwm == -1)
+ return NT_STATUS_INTERNAL_DB_ERROR;
+
+ if ((id.gid < hwm) || (id.gid > idmap_state.gid_high))
+ return NT_STATUS_OK;
+
+ if (tdb_store_int32(idmap_tdb, HWM_GROUP, id.gid+1) != 0)
+ return NT_STATUS_UNSUCCESSFUL;
+
+ break;
+
+ default:
+ return NT_STATUS_INVALID_PARAMETER;
+ }
+
+ return NT_STATUS_OK;
+}
+
/* Get a sid from an id */
static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type)
{
@@ -283,7 +324,7 @@ static NTSTATUS db_set_mapping(const DOM_SID *sid, unid_t id, int id_type)
DEBUG(0, ("idb_set_mapping: tdb_store 2 error: %s\n", tdb_errorstr(idmap_tdb)));
return NT_STATUS_UNSUCCESSFUL;
}
- return NT_STATUS_OK;
+ return db_adjust_hwm(id, id_type);
}
/*****************************************************************************
diff --git a/source3/utils/net.c b/source3/utils/net.c
index d8f3264840..2b1609e225 100644
--- a/source3/utils/net.c
+++ b/source3/utils/net.c
@@ -376,6 +376,16 @@ static int net_idmap_dump_one_entry(TDB_CONTEXT *tdb,
TDB_DATA data,
void *unused)
{
+ if (strcmp(key.dptr, "USER HWM") == 0) {
+ printf("USER HWM %d\n", IVAL(data.dptr,0));
+ return 0;
+ }
+
+ if (strcmp(key.dptr, "GROUP HWM") == 0) {
+ printf("GROUP HWM %d\n", IVAL(data.dptr,0));
+ return 0;
+ }
+
if (strncmp(key.dptr, "S-", 2) != 0)
return 0;
@@ -408,6 +418,63 @@ static int net_idmap_dump(int argc, const char **argv)
}
/***********************************************************
+ Write entries from stdin to current local idmap
+ **********************************************************/
+static int net_idmap_restore(int argc, const char **argv)
+{
+ if (!idmap_init()) {
+ d_printf("Could not init idmap\n");
+ return -1;
+ }
+
+ while (!feof(stdin)) {
+ fstring line, sid_string;
+ int len;
+ unid_t id;
+ int type = ID_EMPTY;
+ DOM_SID sid;
+
+ if (fgets(line, sizeof(line)-1, stdin) == NULL)
+ break;
+
+ len = strlen(line);
+
+ if ( (len > 0) && (line[len-1] == '\n') )
+ line[len-1] = '\0';
+
+ if (sscanf(line, "GID %d %s", &id.gid, sid_string) == 2) {
+ type = ID_GROUPID;
+ }
+
+ if (sscanf(line, "UID %d %s", &id.uid, sid_string) == 2) {
+ type = ID_USERID;
+ }
+
+ if (type == ID_EMPTY) {
+ d_printf("ignoring invalid line [%s]\n", line);
+ continue;
+ }
+
+ if (!string_to_sid(&sid, sid_string)) {
+ d_printf("ignoring invalid sid [%s]\n", sid_string);
+ continue;
+ }
+
+ if (!NT_STATUS_IS_OK(idmap_set_mapping(&sid, id, type))) {
+ d_printf("Could not set mapping of %s %d to sid %s\n",
+ (type == ID_GROUPID) ? "GID" : "UID",
+ (type == ID_GROUPID) ? id.gid : id.uid,
+ sid_string_static(&sid));
+ continue;
+ }
+
+ }
+
+ idmap_close();
+ return 0;
+}
+
+/***********************************************************
Look at the current idmap
**********************************************************/
static int net_idmap(int argc, const char **argv)
@@ -418,6 +485,9 @@ static int net_idmap(int argc, const char **argv)
if ( !StrCaseCmp( argv[0], "dump" ) )
return net_idmap_dump(argc-1, argv+1);
+ if ( !StrCaseCmp( argv[0], "restore" ) )
+ return net_idmap_restore(argc-1, argv+1);
+
return net_help_idmap( argc, argv );
}
diff --git a/source3/utils/net_help.c b/source3/utils/net_help.c
index 16db55480e..941baf3378 100644
--- a/source3/utils/net_help.c
+++ b/source3/utils/net_help.c
@@ -123,6 +123,9 @@ int net_help_idmap(int argc, const char **argv)
d_printf("net idmap dump filename"\
"\n Dump current id mapping\n");
+ d_printf("net idmap restore"\
+ "\n Restore entries from stdin to current local idmap\n");
+
return -1;
}