diff options
-rw-r--r-- | source3/groupdb/mapping.c | 72 | ||||
-rw-r--r-- | source3/include/passdb.h | 3 | ||||
-rw-r--r-- | source3/passdb/lookup_sid.c | 4 | ||||
-rw-r--r-- | source3/passdb/passdb.c | 2 | ||||
-rw-r--r-- | source3/passdb/pdb_interface.c | 21 | ||||
-rw-r--r-- | source3/rpc_server/srv_lsa_nt.c | 2 | ||||
-rw-r--r-- | source3/torture/local-groupmap.c | 43 | ||||
-rw-r--r-- | source3/utils/net_groupmap.c | 12 | ||||
-rw-r--r-- | source3/utils/net_rpc_samsync.c | 6 | ||||
-rw-r--r-- | source3/utils/net_sam.c | 8 |
10 files changed, 52 insertions, 121 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 20bc63e56e..67b550680c 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -168,7 +168,7 @@ NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) const char *grpname, *dom, *name; uint32 rid; - if (pdb_getgrgid(&map, grp->gr_gid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) { return NT_STATUS_GROUP_EXISTS; } @@ -811,7 +811,7 @@ BOOL get_domain_group_from_sid(const DOM_SID *sid, GROUP_MAP *map) /* if the group is NOT in the database, it CAN NOT be a domain group */ become_root(); - ret = pdb_getgrsid(map, sid); + ret = NT_STATUS_IS_OK(pdb_getgrsid(map, sid)); unbecome_root(); /* special case check for rid 513 */ @@ -1048,22 +1048,6 @@ NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods, NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL; } -NTSTATUS pdb_default_find_alias(struct pdb_methods *methods, - const char *name, DOM_SID *sid) -{ - GROUP_MAP map; - - if (!pdb_getgrnam(&map, name)) - return NT_STATUS_NO_SUCH_ALIAS; - - if ((map.sid_name_use != SID_NAME_WKN_GRP) && - (map.sid_name_use != SID_NAME_ALIAS)) - return NT_STATUS_OBJECT_TYPE_MISMATCH; - - sid_copy(sid, &map.sid); - return NT_STATUS_OK; -} - NTSTATUS pdb_default_create_alias(struct pdb_methods *methods, const char *name, uint32 *rid) { @@ -1138,7 +1122,7 @@ NTSTATUS pdb_default_get_aliasinfo(struct pdb_methods *methods, { GROUP_MAP map; - if (!pdb_getgrsid(&map, sid)) + if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid))) return NT_STATUS_NO_SUCH_ALIAS; if ((map.sid_name_use != SID_NAME_ALIAS) && @@ -1161,7 +1145,7 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods, { GROUP_MAP map; - if (!pdb_getgrsid(&map, sid)) + if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, sid))) return NT_STATUS_NO_SUCH_ALIAS; fstrcpy(map.nt_name, info->acct_name); @@ -1228,54 +1212,6 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods, return NT_STATUS_OK; } -/********************************************************************** - no ops for passdb backends that don't implement group mapping - *********************************************************************/ - -NTSTATUS pdb_nop_getgrsid(struct pdb_methods *methods, GROUP_MAP *map, - DOM_SID sid) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_getgrgid(struct pdb_methods *methods, GROUP_MAP *map, - gid_t gid) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_getgrnam(struct pdb_methods *methods, GROUP_MAP *map, - const char *name) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_add_group_mapping_entry(struct pdb_methods *methods, - GROUP_MAP *map) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_update_group_mapping_entry(struct pdb_methods *methods, - GROUP_MAP *map) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_delete_group_mapping_entry(struct pdb_methods *methods, - DOM_SID sid) -{ - return NT_STATUS_UNSUCCESSFUL; -} - -NTSTATUS pdb_nop_enum_group_mapping(struct pdb_methods *methods, - enum SID_NAME_USE sid_name_use, - GROUP_MAP **rmap, size_t *num_entries, - BOOL unix_only) -{ - return NT_STATUS_UNSUCCESSFUL; -} - /**************************************************************************** These need to be redirected through pdb_interface.c ****************************************************************************/ diff --git a/source3/include/passdb.h b/source3/include/passdb.h index fa3a3bdb3d..d8d0a54c3c 100644 --- a/source3/include/passdb.h +++ b/source3/include/passdb.h @@ -329,9 +329,6 @@ struct pdb_methods TALLOC_CTX *mem_ctx, uint32 group_rid, uint32 member_rid); - NTSTATUS (*find_alias)(struct pdb_methods *methods, - const char *name, DOM_SID *sid); - NTSTATUS (*create_alias)(struct pdb_methods *methods, const char *name, uint32 *rid); diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index f6c15168a9..acfccfdd26 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -142,7 +142,7 @@ BOOL lookup_name(TALLOC_CTX *mem_ctx, GROUP_MAP map; - if (pdb_getgrgid(&map, grp->gr_gid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map, grp->gr_gid))) { /* The hack gets worse. Handle the case where we have * 'force group = +unixgroup' but "unixgroup" has a * group mapping */ @@ -1352,7 +1352,7 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid) if ((sid_check_is_in_builtin(psid) || sid_check_is_in_wellknown_domain(psid))) { - if (pdb_getgrsid(&map, psid)) { + if (NT_STATUS_IS_OK(pdb_getgrsid(&map, psid))) { *pgid = map.gid; goto done; } diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c index f74b1fbe3b..ab8844f599 100644 --- a/source3/passdb/passdb.c +++ b/source3/passdb/passdb.c @@ -604,7 +604,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid, */ become_root(); - ret = pdb_getgrnam(&map, user); + ret = NT_STATUS_IS_OK(pdb_getgrnam(&map, user)); unbecome_root(); if (!ret) { diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c index 4e30f92acf..6a9d072fbb 100644 --- a/source3/passdb/pdb_interface.c +++ b/source3/passdb/pdb_interface.c @@ -561,22 +561,22 @@ NTSTATUS pdb_update_login_attempts(struct samu *sam_acct, BOOL success) return pdb->update_login_attempts(pdb, sam_acct, success); } -BOOL pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid) +NTSTATUS pdb_getgrsid(GROUP_MAP *map, const DOM_SID *sid) { struct pdb_methods *pdb = pdb_get_methods(); - return NT_STATUS_IS_OK(pdb->getgrsid(pdb, map, sid)); + return pdb->getgrsid(pdb, map, sid); } -BOOL pdb_getgrgid(GROUP_MAP *map, gid_t gid) +NTSTATUS pdb_getgrgid(GROUP_MAP *map, gid_t gid) { struct pdb_methods *pdb = pdb_get_methods(); - return NT_STATUS_IS_OK(pdb->getgrgid(pdb, map, gid)); + return pdb->getgrgid(pdb, map, gid); } -BOOL pdb_getgrnam(GROUP_MAP *map, const char *name) +NTSTATUS pdb_getgrnam(GROUP_MAP *map, const char *name) { struct pdb_methods *pdb = pdb_get_methods(); - return NT_STATUS_IS_OK(pdb->getgrnam(pdb, map, name)); + return pdb->getgrnam(pdb, map, name); } static NTSTATUS pdb_default_create_dom_group(struct pdb_methods *methods, @@ -920,12 +920,6 @@ NTSTATUS pdb_del_groupmem(TALLOC_CTX *mem_ctx, uint32 group_rid, return pdb->del_groupmem(pdb, mem_ctx, group_rid, member_rid); } -BOOL pdb_find_alias(const char *name, DOM_SID *sid) -{ - struct pdb_methods *pdb = pdb_get_methods(); - return NT_STATUS_IS_OK(pdb->find_alias(pdb, name, sid)); -} - NTSTATUS pdb_create_alias(const char *name, uint32 *rid) { struct pdb_methods *pdb = pdb_get_methods(); @@ -1522,7 +1516,7 @@ static BOOL lookup_global_sam_rid(TALLOC_CTX *mem_ctx, uint32 rid, } TALLOC_FREE(sam_account); - ret = pdb_getgrsid(&map, &sid); + ret = NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)); unbecome_root(); /* END BECOME_ROOT BLOCK */ @@ -2032,7 +2026,6 @@ NTSTATUS make_pdb_method( struct pdb_methods **methods ) (*methods)->set_unix_primary_group = pdb_default_set_unix_primary_group; (*methods)->add_groupmem = pdb_default_add_groupmem; (*methods)->del_groupmem = pdb_default_del_groupmem; - (*methods)->find_alias = pdb_default_find_alias; (*methods)->create_alias = pdb_default_create_alias; (*methods)->delete_alias = pdb_default_delete_alias; (*methods)->get_aliasinfo = pdb_default_get_aliasinfo; diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c index 33cbba933f..adccc76275 100644 --- a/source3/rpc_server/srv_lsa_nt.c +++ b/source3/rpc_server/srv_lsa_nt.c @@ -1730,7 +1730,7 @@ NTSTATUS _lsa_setsystemaccount(pipes_struct *p, LSA_Q_SETSYSTEMACCOUNT *q_u, LSA if ( !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) ) return NT_STATUS_ACCESS_DENIED; - if (!pdb_getgrsid(&map, &info->sid)) + if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &info->sid))) return NT_STATUS_NO_SUCH_GROUP; return pdb_update_group_mapping_entry(&map); diff --git a/source3/torture/local-groupmap.c b/source3/torture/local-groupmap.c index bd6f060e71..e83cfece97 100644 --- a/source3/torture/local-groupmap.c +++ b/source3/torture/local-groupmap.c @@ -212,16 +212,18 @@ BOOL run_local_groupmap(int dummy) string_to_sid(&sid, "S-1-5-32-545"); ZERO_STRUCT(map); - if (!pdb_getgrsid(&map, &sid)) { - d_fprintf(stderr, "(%s) pdb_getgrsid failed\n", - __location__); + status = pdb_getgrsid(&map, &sid); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "(%s) pdb_getgrsid failed: %s\n", + __location__, nt_errstr(status)); goto fail; } ZERO_STRUCT(map1); - if (!pdb_getgrgid(&map1, map.gid)) { - d_fprintf(stderr, "(%s) pdb_getgrgid failed\n", - __location__); + status = pdb_getgrgid(&map1, map.gid); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "(%s) pdb_getgrgid failed: %s\n", + __location__, nt_errstr(status)); goto fail; } @@ -232,9 +234,10 @@ BOOL run_local_groupmap(int dummy) } ZERO_STRUCT(map1); - if (!pdb_getgrnam(&map1, map.nt_name)) { - d_fprintf(stderr, "(%s) pdb_getgrnam failed\n", - __location__); + status = pdb_getgrnam(&map1, map.nt_name); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "(%s) pdb_getgrnam failed: %s\n", + __location__, nt_errstr(status)); goto fail; } @@ -252,9 +255,10 @@ BOOL run_local_groupmap(int dummy) GROUP_MAP map, map1; string_to_sid(&sid, "S-1-5-32-545"); - if (!pdb_getgrsid(&map, &sid)) { - d_fprintf(stderr, "(%s) did not find S-1-5-32-545\n", - __location__); + status = pdb_getgrsid(&map, &sid); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "(%s) did not find S-1-5-32-545: " + "%s\n", __location__, nt_errstr(status)); goto fail; } @@ -267,19 +271,19 @@ BOOL run_local_groupmap(int dummy) CHECK_STATUS(status, NT_STATUS_UNSUCCESSFUL); #endif - if (pdb_getgrsid(&map1, &sid)) { + if (NT_STATUS_IS_OK(pdb_getgrsid(&map1, &sid))) { d_fprintf(stderr, "(%s) getgrsid found deleted " "entry\n", __location__); goto fail; } - if (pdb_getgrgid(&map1, map.gid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, map.gid))) { d_fprintf(stderr, "(%s) getgrgid found deleted " "entry\n", __location__); goto fail; } - if (pdb_getgrnam(&map1, map.nt_name)) { + if (NT_STATUS_IS_OK(pdb_getgrnam(&map1, map.nt_name))) { d_fprintf(stderr, "(%s) getgrnam found deleted " "entry\n", __location__); goto fail; @@ -295,9 +299,10 @@ BOOL run_local_groupmap(int dummy) GROUP_MAP map, map1; string_to_sid(&sid, "S-1-5-32-544"); - if (!pdb_getgrsid(&map, &sid)) { - d_fprintf(stderr, "(%s) did not find S-1-5-32-544\n", - __location__); + status = pdb_getgrsid(&map, &sid); + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "(%s) did not find S-1-5-32-544: " + "%s\n", __location__, nt_errstr(status)); goto fail; } @@ -307,7 +312,7 @@ BOOL run_local_groupmap(int dummy) status = pdb_update_group_mapping_entry(&map); CHECK_STATUS(status, NT_STATUS_OK); - if (pdb_getgrgid(&map1, oldgid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map1, oldgid))) { d_fprintf(stderr, "(%s) getgrgid found outdated " "entry\n", __location__); goto fail; diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 3865382c92..10ea8cce2a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -66,7 +66,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) if (StrnCaseCmp( input, "S-", 2)) { /* Perhaps its the NT group name? */ - if (!pdb_getgrnam(&map, input)) { + if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) { printf("NT Group %s doesn't exist in mapping DB\n", input); return False; } else { @@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, &sid)) { + if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -265,7 +265,7 @@ static int net_groupmap_add(int argc, const char **argv) { GROUP_MAP map; - if (pdb_getgrgid(&map, gid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map, gid))) { d_printf("Unix group %s already mapped to SID %s\n", unixgrp, sid_string_static(&map.sid)); return -1; @@ -404,7 +404,7 @@ static int net_groupmap_modify(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, &sid)) { + if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -533,13 +533,13 @@ static int net_groupmap_set(int argc, const char **argv) } } - have_map = pdb_getgrnam(&map, ntgroup); + have_map = NT_STATUS_IS_OK(pdb_getgrnam(&map, ntgroup)); if (!have_map) { DOM_SID sid; have_map = ( (strncmp(ntgroup, "S-", 2) == 0) && string_to_sid(&sid, ntgroup) && - pdb_getgrsid(&map, &sid) ); + NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)) ); } if (!have_map) { diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index fe3c919d9a..09c6f4c775 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -588,7 +588,7 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) group_sid = *pdb_get_group_sid(sam_account); - if (!pdb_getgrsid(&map, &group_sid)) { + if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) { DEBUG(0, ("Primary group of %s has no mapping!\n", pdb_get_username(sam_account))); } else { @@ -630,7 +630,7 @@ static NTSTATUS fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) sid_append_rid(&group_sid, rid); sid_to_string(sid_string, &group_sid); - if (pdb_getgrsid(&map, &group_sid)) { + if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &group_sid))) { if ( map.gid != -1 ) grp = getgrgid(map.gid); insert = False; @@ -815,7 +815,7 @@ static NTSTATUS fetch_alias_info(uint32 rid, SAM_ALIAS_INFO *delta, sid_copy(&alias_sid, &dom_sid); sid_append_rid(&alias_sid, rid); - if (pdb_getgrsid(&map, &alias_sid)) { + if (NT_STATUS_IS_OK(pdb_getgrsid(&map, &alias_sid))) { grp = getgrgid(map.gid); insert = False; } diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index aed07553b6..16f7b1b25b 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -330,7 +330,7 @@ static int net_sam_set_comment(int argc, const char **argv) return -1; } - if (!pdb_getgrsid(&map, &sid)) { + if (!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { d_fprintf(stderr, "Could not load group %s\n", argv[0]); return -1; } @@ -882,7 +882,7 @@ static int net_sam_provision(int argc, const char **argv) sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_USERS); - if (!pdb_getgrsid(&gmap, &gsid)) { + if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) { LDAPMod **mods = NULL; char *dn; char *uname; @@ -935,7 +935,7 @@ domu_done: sid_compose(&gsid, get_global_sam_sid(), DOMAIN_GROUP_RID_ADMINS); - if (!pdb_getgrsid(&gmap, &gsid)) { + if (!NT_STATUS_IS_OK(pdb_getgrsid(&gmap, &gsid))) { LDAPMod **mods = NULL; char *dn; char *uname; @@ -1153,7 +1153,7 @@ doma_done: goto done; } - if (!pdb_getgrgid(&gmap, pwd->pw_gid)) { + if (!NT_STATUS_IS_OK(pdb_getgrgid(&gmap, pwd->pw_gid))) { LDAPMod **mods = NULL; char *dn; char *uname; |