summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/groupdb/mapping.c72
-rw-r--r--source3/include/passdb.h3
-rw-r--r--source3/passdb/lookup_sid.c4
-rw-r--r--source3/passdb/passdb.c2
-rw-r--r--source3/passdb/pdb_interface.c21
-rw-r--r--source3/rpc_server/srv_lsa_nt.c2
-rw-r--r--source3/torture/local-groupmap.c43
-rw-r--r--source3/utils/net_groupmap.c12
-rw-r--r--source3/utils/net_rpc_samsync.c6
-rw-r--r--source3/utils/net_sam.c8
10 files changed, 52 insertions, 121 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 20bc63e56e..67b550680c 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -168,7 +168,7 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap)
const char *grpname, *dom, *name;
uint32 rid;
- if (pdb_getgrgid(&map, grp->gr_gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
return NT_STATUS_GROUP_EXISTS;
}
@@ -811,7 +811,7 @@ BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map)
/* if the group is NOT in the database, it CAN NOT be a domain group */
become_root();
- ret = pdb_getgrsid(map, sid);
+ ret = NT_STATUS_IS_OK(pdb_getgrsid(map, sid));
unbecome_root();
/* special case check for rid 513 */
@@ -1048,22 +1048,6 @@ NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
-NTSTATUS pdb_default_find_alias(struct pdb_methods *methods,
- const char *name, DOM_SID *sid)
-{
- GROUP_MAP map;
-
- if (!pdb_getgrnam(&map, name))
- return NT_STATUS_NO_SUCH_ALIAS;
-
- if ((map.sid_name_use != SID_NAME_WKN_GRP) &&
- (map.sid_name_use != SID_NAME_ALIAS))
- return NT_STATUS_OBJECT_TYPE_MISMATCH;
-
- sid_copy(sid, &map.sid);
- return NT_STATUS_OK;
-}
-
NTSTATUS pdb_default_create_alias(struct pdb_methods *methods,
const char *name, uint32 *rid)
{
@@ -1138,7 +1122,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods,
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
return NT_STATUS_NO_SUCH_ALIAS;
if ((map.sid_name_use != SID_NAME_ALIAS) &&
@@ -1161,7 +1145,7 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods,
{
GROUP_MAP map;
- if (!pdb_getgrsid(&map, sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid)))
return NT_STATUS_NO_SUCH_ALIAS;
fstrcpy(map.nt_name, info->acct_name);
@@ -1228,54 +1212,6 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
return NT_STATUS_OK;
}
-/**********************************************************************
- no ops for passdb backends that don't implement group mapping
- *********************************************************************/
-
-NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
- DOM_SID sid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
- gid_t gid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
- const char *name)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_add_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods,
- GROUP_MAP *map)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods,
- DOM_SID sid)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
-NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods,
- enum SID_NAME_USE sid_name_use,
- GROUP_MAP **rmap, size_t *num_entries,
- BOOL unix_only)
-{
- return NT_STATUS_UNSUCCESSFUL;
-}
-
/****************************************************************************
These need to be redirected through pdb_interface.c
****************************************************************************/
diff --git a/source3/include/passdb.h b/source3/include/passdb.h
index fa3a3bdb3d..d8d0a54c3c 100644
--- a/source3/include/passdb.h
+++ b/source3/include/passdb.h
@@ -329,9 +329,6 @@ struct pdb_methods
TALLOC_CTX *mem_ctx,
uint32 group_rid, uint32 member_rid);
- NTSTATUS (*find_alias)(struct pdb_methods *methods,
- const char *name, DOM_SID *sid);
-
NTSTATUS (*create_alias)(struct pdb_methods *methods,
const char *name, uint32 *rid);
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index f6c15168a9..acfccfdd26 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -142,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx,
GROUP_MAP map;
- if (pdb_getgrgid(&map, grp->gr_gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) {
/* The hack gets worse. Handle the case where we have
* 'force group = +unixgroup' but "unixgroup" has a
* group mapping */
@@ -1352,7 +1352,7 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
if ((sid_check_is_in_builtin(psid) ||
sid_check_is_in_wellknown_domain(psid))) {
- if (pdb_getgrsid(&map, psid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, psid))) {
*pgid = map.gid;
goto done;
}
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index f74b1fbe3b..ab8844f599 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -604,7 +604,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
*/
become_root();
- ret = pdb_getgrnam(&map, user);
+ ret = NT_STATUS_IS_OK(pdb_getgrnam(&map, user));
unbecome_root();
if (!ret) {
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 4e30f92acf..6a9d072fbb 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success)
return pdb->update_login_attempts(pdb, sam_acct, success);
}
-BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
+NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid));
+ return pdb->getgrsid(pdb, map, sid);
}
-BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid)
+NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid));
+ return pdb->getgrgid(pdb, map, gid);
}
-BOOL pdb_getgrnam(GROUP_MAP *map, const char *name)
+NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name)
{
struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name));
+ return pdb->getgrnam(pdb, map, name);
}
static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods,
@@ -920,12 +920,6 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid,
return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid);
}
-BOOL pdb_find_alias(const char *name, DOM_SID *sid)
-{
- struct pdb_methods *pdb = pdb_get_methods();
- return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid));
-}
-
NTSTATUS pdb_create_alias(const char *name, uint32 *rid)
{
struct pdb_methods *pdb = pdb_get_methods();
@@ -1522,7 +1516,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid,
}
TALLOC_FREE(sam_account);
- ret = pdb_getgrsid(&map, &sid);
+ ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid));
unbecome_root();
/* END BECOME_ROOT BLOCK */
@@ -2032,7 +2026,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods )
(*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group;
(*methods)->add_groupmem = pdb_default_add_groupmem;
(*methods)->del_groupmem = pdb_default_del_groupmem;
- (*methods)->find_alias = pdb_default_find_alias;
(*methods)->create_alias = pdb_default_create_alias;
(*methods)->delete_alias = pdb_default_delete_alias;
(*methods)->get_aliasinfo = pdb_default_get_aliasinfo;
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 33cbba933f..adccc76275 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1730,7 +1730,7 @@ NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA
if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
return NT_STATUS_ACCESS_DENIED;
- if (!pdb_getgrsid(&map, &info->sid))
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &info->sid)))
return NT_STATUS_NO_SUCH_GROUP;
return pdb_update_group_mapping_entry(&map);
diff --git a/source3/torture/local-groupmap.c b/source3/torture/local-groupmap.c
index bd6f060e71..e83cfece97 100644
--- a/source3/torture/local-groupmap.c
+++ b/source3/torture/local-groupmap.c
@@ -212,16 +212,18 @@ BOOL run_local_groupmap(int dummy)
string_to_sid(&sid, "S-1-5-32-545");
ZERO_STRUCT(map);
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) pdb_getgrsid failed\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrsid failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
ZERO_STRUCT(map1);
- if (!pdb_getgrgid(&map1, map.gid)) {
- d_fprintf(stderr, "(%s) pdb_getgrgid failed\n",
- __location__);
+ status = pdb_getgrgid(&map1, map.gid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrgid failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
@@ -232,9 +234,10 @@ BOOL run_local_groupmap(int dummy)
}
ZERO_STRUCT(map1);
- if (!pdb_getgrnam(&map1, map.nt_name)) {
- d_fprintf(stderr, "(%s) pdb_getgrnam failed\n",
- __location__);
+ status = pdb_getgrnam(&map1, map.nt_name);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) pdb_getgrnam failed: %s\n",
+ __location__, nt_errstr(status));
goto fail;
}
@@ -252,9 +255,10 @@ BOOL run_local_groupmap(int dummy)
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-545");
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-545\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-545: "
+ "%s\n", __location__, nt_errstr(status));
goto fail;
}
@@ -267,19 +271,19 @@ BOOL run_local_groupmap(int dummy)
CHECK_STATUS(status, NT_STATUS_UNSUCCESSFUL);
#endif
- if (pdb_getgrsid(&map1, &sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map1, &sid))) {
d_fprintf(stderr, "(%s) getgrsid found deleted "
"entry\n", __location__);
goto fail;
}
- if (pdb_getgrgid(&map1, map.gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, map.gid))) {
d_fprintf(stderr, "(%s) getgrgid found deleted "
"entry\n", __location__);
goto fail;
}
- if (pdb_getgrnam(&map1, map.nt_name)) {
+ if (NT_STATUS_IS_OK(pdb_getgrnam(&map1, map.nt_name))) {
d_fprintf(stderr, "(%s) getgrnam found deleted "
"entry\n", __location__);
goto fail;
@@ -295,9 +299,10 @@ BOOL run_local_groupmap(int dummy)
GROUP_MAP map, map1;
string_to_sid(&sid, "S-1-5-32-544");
- if (!pdb_getgrsid(&map, &sid)) {
- d_fprintf(stderr, "(%s) did not find S-1-5-32-544\n",
- __location__);
+ status = pdb_getgrsid(&map, &sid);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "(%s) did not find S-1-5-32-544: "
+ "%s\n", __location__, nt_errstr(status));
goto fail;
}
@@ -307,7 +312,7 @@ BOOL run_local_groupmap(int dummy)
status = pdb_update_group_mapping_entry(&map);
CHECK_STATUS(status, NT_STATUS_OK);
- if (pdb_getgrgid(&map1, oldgid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, oldgid))) {
d_fprintf(stderr, "(%s) getgrgid found outdated "
"entry\n", __location__);
goto fail;
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index 3865382c92..10ea8cce2a 100644
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -66,7 +66,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input)
if (StrnCaseCmp( input, "S-", 2)) {
/* Perhaps its the NT group name? */
- if (!pdb_getgrnam(&map, input)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) {
printf("NT Group %s doesn't exist in mapping DB\n", input);
return False;
} else {
@@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv)
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, &sid)) {
+ if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
@@ -265,7 +265,7 @@ static int net_groupmap_add(int argc, const char **argv)
{
GROUP_MAP map;
- if (pdb_getgrgid(&map, gid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrgid(&map, gid))) {
d_printf("Unix group %s already mapped to SID %s\n",
unixgrp, sid_string_static(&map.sid));
return -1;
@@ -404,7 +404,7 @@ static int net_groupmap_modify(int argc, const char **argv)
}
/* Get the current mapping from the database */
- if(!pdb_getgrsid(&map, &sid)) {
+ if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Failure to local group SID in the database\n");
return -1;
}
@@ -533,13 +533,13 @@ static int net_groupmap_set(int argc, const char **argv)
}
}
- have_map = pdb_getgrnam(&map, ntgroup);
+ have_map = NT_STATUS_IS_OK(pdb_getgrnam(&map, ntgroup));
if (!have_map) {
DOM_SID sid;
have_map = ( (strncmp(ntgroup, "S-", 2) == 0) &&
string_to_sid(&sid, ntgroup) &&
- pdb_getgrsid(&map, &sid) );
+ NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)) );
}
if (!have_map) {
diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c
index fe3c919d9a..09c6f4c775 100644
--- a/source3/utils/net_rpc_samsync.c
+++ b/source3/utils/net_rpc_samsync.c
@@ -588,7 +588,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta)
group_sid = *pdb_get_group_sid(sam_account);
- if (!pdb_getgrsid(&map, &group_sid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
DEBUG(0, ("Primary group of %s has no mapping!\n",
pdb_get_username(sam_account)));
} else {
@@ -630,7 +630,7 @@ static NTSTATUS fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta)
sid_append_rid(&group_sid, rid);
sid_to_string(sid_string, &group_sid);
- if (pdb_getgrsid(&map, &group_sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) {
if ( map.gid != -1 )
grp = getgrgid(map.gid);
insert = False;
@@ -815,7 +815,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta,
sid_copy(&alias_sid, &dom_sid);
sid_append_rid(&alias_sid, rid);
- if (pdb_getgrsid(&map, &alias_sid)) {
+ if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &alias_sid))) {
grp = getgrgid(map.gid);
insert = False;
}
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index aed07553b6..16f7b1b25b 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -330,7 +330,7 @@ static int net_sam_set_comment(int argc, const char **argv)
return -1;
}
- if (!pdb_getgrsid(&map, &sid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) {
d_fprintf(stderr, "Could not load group %s\n", argv[0]);
return -1;
}
@@ -882,7 +882,7 @@ static int net_sam_provision(int argc, const char **argv)
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS);
- if (!pdb_getgrsid(&gmap, &gsid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
@@ -935,7 +935,7 @@ domu_done:
sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS);
- if (!pdb_getgrsid(&gmap, &gsid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;
@@ -1153,7 +1153,7 @@ doma_done:
goto done;
}
- if (!pdb_getgrgid(&gmap, pwd->pw_gid)) {
+ if (!NT_STATUS_IS_OK(pdb_getgrgid(&gmap, pwd->pw_gid))) {
LDAPMod **mods = NULL;
char *dn;
char *uname;