diff options
| -rw-r--r-- | source3/libsmb/samlogon_cache.c | 2 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_acct.c | 125 | ||||
| -rw-r--r-- | source3/nsswitch/winbindd_cache.c | 2 | ||||
| -rw-r--r-- | source3/passdb/privileges.c | 4 | ||||
| -rw-r--r-- | source3/printing/printing.c | 4 | ||||
| -rw-r--r-- | source3/printing/printing_db.c | 4 | ||||
| -rw-r--r-- | source3/registry/reg_db.c | 2 | ||||
| -rw-r--r-- | source3/tdb/tdbutil.c | 6 | ||||
| -rw-r--r-- | source3/torture/mangle_test.c | 4 |
9 files changed, 118 insertions, 35 deletions
diff --git a/source3/libsmb/samlogon_cache.c b/source3/libsmb/samlogon_cache.c index 7863ad7727..72c10007bf 100644 --- a/source3/libsmb/samlogon_cache.c +++ b/source3/libsmb/samlogon_cache.c @@ -143,7 +143,7 @@ BOOL netsamlogon_cache_store(TALLOC_CTX *mem_ctx, NET_USER_INFO_3 *user) data.dsize = prs_offset( &ps ); data.dptr = prs_data_p( &ps ); - if (tdb_store_by_string(netsamlogon_tdb, keystr, data, TDB_REPLACE) != -1) + if (tdb_store_bystring(netsamlogon_tdb, keystr, data, TDB_REPLACE) != -1) result = True; prs_mem_free( &ps ); diff --git a/source3/nsswitch/winbindd_acct.c b/source3/nsswitch/winbindd_acct.c index 7f4353c0ee..2a3a6eb2bb 100644 --- a/source3/nsswitch/winbindd_acct.c +++ b/source3/nsswitch/winbindd_acct.c @@ -361,7 +361,7 @@ WINBINDD_PW* wb_getpwnam( const char * name ) keystr = acct_userkey_byname( name ); - data = tdb_fetch_by_string( account_tdb, keystr ); + data = tdb_fetch_bystring( account_tdb, keystr ); pw = NULL; @@ -390,7 +390,7 @@ WINBINDD_PW* wb_getpwuid( const uid_t uid ) return NULL; } - data = tdb_fetch_by_string( account_tdb, acct_userkey_byuid(uid) ); + data = tdb_fetch_bystring( account_tdb, acct_userkey_byuid(uid) ); if ( !data.dptr ) { DEBUG(4,("wb_getpwuid: failed to locate uid == %d\n", uid)); return NULL; @@ -399,7 +399,7 @@ WINBINDD_PW* wb_getpwuid( const uid_t uid ) SAFE_FREE( data.dptr ); - data = tdb_fetch_by_string( account_tdb, keystr ); + data = tdb_fetch_bystring( account_tdb, keystr ); pw = NULL; @@ -444,7 +444,7 @@ BOOL wb_storepwnam( const WINBINDD_PW *pw ) data.dptr = str; data.dsize = strlen(str) + 1; - if ( (tdb_store_by_string(account_tdb, namekey, data, TDB_REPLACE)) == -1 ) { + if ( (tdb_store_bystring(account_tdb, namekey, data, TDB_REPLACE)) == -1 ) { DEBUG(0,("wb_storepwnam: Failed to store \"%s\"\n", str)); ret = -1; goto done; @@ -458,9 +458,9 @@ BOOL wb_storepwnam( const WINBINDD_PW *pw ) data.dptr = username; data.dsize = strlen(username) + 1; - if ( (tdb_store_by_string(account_tdb, uidkey, data, TDB_REPLACE)) == -1 ) { + if ( (tdb_store_bystring(account_tdb, uidkey, data, TDB_REPLACE)) == -1 ) { DEBUG(0,("wb_storepwnam: Failed to store uid key \"%s\"\n", str)); - tdb_delete_by_string(account_tdb, namekey); + tdb_delete_bystring(account_tdb, namekey); ret = -1; goto done; } @@ -490,7 +490,7 @@ WINBINDD_GR* wb_getgrnam( const char * name ) keystr = acct_groupkey_byname( name ); - data = tdb_fetch_by_string( account_tdb, keystr ); + data = tdb_fetch_bystring( account_tdb, keystr ); grp = NULL; @@ -519,7 +519,7 @@ WINBINDD_GR* wb_getgrgid( gid_t gid ) return NULL; } - data = tdb_fetch_by_string( account_tdb, acct_groupkey_bygid(gid) ); + data = tdb_fetch_bystring( account_tdb, acct_groupkey_bygid(gid) ); if ( !data.dptr ) { DEBUG(4,("wb_getgrgid: failed to locate gid == %d\n", gid)); return NULL; @@ -528,7 +528,7 @@ WINBINDD_GR* wb_getgrgid( gid_t gid ) SAFE_FREE( data.dptr ); - data = tdb_fetch_by_string( account_tdb, keystr ); + data = tdb_fetch_bystring( account_tdb, keystr ); grp = NULL; @@ -573,7 +573,7 @@ BOOL wb_storegrnam( const WINBINDD_GR *grp ) data.dptr = str; data.dsize = strlen(str) + 1; - if ( (tdb_store_by_string(account_tdb, namekey, data, TDB_REPLACE)) == -1 ) { + if ( (tdb_store_bystring(account_tdb, namekey, data, TDB_REPLACE)) == -1 ) { DEBUG(0,("wb_storegrnam: Failed to store \"%s\"\n", str)); ret = -1; goto done; @@ -587,9 +587,9 @@ BOOL wb_storegrnam( const WINBINDD_GR *grp ) data.dptr = groupname; data.dsize = strlen(groupname) + 1; - if ( (tdb_store_by_string(account_tdb, gidkey, data, TDB_REPLACE)) == -1 ) { + if ( (tdb_store_bystring(account_tdb, gidkey, data, TDB_REPLACE)) == -1 ) { DEBUG(0,("wb_storegrnam: Failed to store gid key \"%s\"\n", str)); - tdb_delete_by_string(account_tdb, namekey); + tdb_delete_bystring(account_tdb, namekey); ret = -1; goto done; } @@ -674,6 +674,43 @@ static void free_winbindd_gr( WINBINDD_GR *grp ) } /********************************************************************** +**********************************************************************/ + +static BOOL wb_delete_user( const char *name) +{ + char *namekey; + + if ( !account_tdb && !winbindd_accountdb_init() ) { + DEBUG(0,("wb_storepwnam: Failed to open winbindd account db\n")); + return False; + } + + namekey = acct_userkey_byname( name ); + + /* lock the main entry first */ + + if ( tdb_lock_bystring(account_tdb, namekey, 0) == -1 ) { + DEBUG(0,("wb_delete_user: Failed to lock %s\n", namekey)); + return False; + } + + + tdb_delete_bystring( account_tdb, namekey ); + tdb_unlock_bystring( account_tdb, namekey ); + + return True; +} + + +/********************************************************************** +**********************************************************************/ + +static BOOL wb_delete_group( const char *name) +{ + return False; +} + +/********************************************************************** Create a new "UNIX" user for the system given a username **********************************************************************/ @@ -698,7 +735,7 @@ enum winbindd_result winbindd_create_user(struct winbindd_cli_state *state) user = state->request.data.acct_mgt.username; group = state->request.data.acct_mgt.groupname; - DEBUG(3, ("[%5d]: create_user user=>(%s), group=>(%s)\n", + DEBUG(3, ("[%5d]: create_user: user=>(%s), group=>(%s)\n", state->pid, user, group)); if ( !*group ) @@ -767,7 +804,7 @@ enum winbindd_result winbindd_create_group(struct winbindd_cli_state *state) state->request.data.acct_mgt.groupname[sizeof(state->request.data.acct_mgt.groupname)-1]='\0'; group = state->request.data.acct_mgt.groupname; - DEBUG(3, ("[%5d]: create_group (%s)\n", state->pid, group)); + DEBUG(3, ("[%5d]: create_group: (%s)\n", state->pid, group)); /* get a new uid */ @@ -810,7 +847,7 @@ enum winbindd_result winbindd_add_user_to_group(struct winbindd_cli_state *state group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: add_user_to_group add %s to %s\n", state->pid, + DEBUG(3, ("[%5d]: add_user_to_group: add %s to %s\n", state->pid, user, group)); /* make sure it is a valid user */ @@ -858,7 +895,7 @@ enum winbindd_result winbindd_remove_user_from_group(struct winbindd_cli_state * group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: remove_user_to_group delete %s from %s\n", state->pid, + DEBUG(3, ("[%5d]: remove_user_to_group: delete %s from %s\n", state->pid, user, group)); /* don't worry about checking the username since we're removing it anyways */ @@ -901,7 +938,7 @@ enum winbindd_result winbindd_set_user_primary_group(struct winbindd_cli_state * group = state->request.data.acct_mgt.groupname; user = state->request.data.acct_mgt.username; - DEBUG(3, ("[%5d]: set_user_primary_group group %s for user %s\n", state->pid, + DEBUG(3, ("[%5d]: set_user_primary_grou:p group %s for user %s\n", state->pid, group, user)); /* make sure it is a valid user */ @@ -926,21 +963,67 @@ enum winbindd_result winbindd_set_user_primary_group(struct winbindd_cli_state * } /********************************************************************** - Set the primary group membership of a user + Delete a user from the winbindd account tdb. **********************************************************************/ enum winbindd_result winbindd_delete_user(struct winbindd_cli_state *state) { - return WINBINDD_ERROR; + WINBINDD_PW *pw; + char *user; + + if ( !state->privileged ) { + DEBUG(2, ("winbindd_delete_user: non-privileged access denied!\n")); + return WINBINDD_ERROR; + } + + /* Ensure null termination */ + state->request.data.acct_mgt.username[sizeof(state->request.data.acct_mgt.username)-1]='\0'; + user = state->request.data.acct_mgt.username; + + DEBUG(3, ("[%5d]: delete_user: %s\n", state->pid, user)); + + /* make sure it is a valid user */ + + if ( !(pw = wb_getpwnam( user )) ) { + DEBUG(4,("winbindd_delete_user: Cannot delete a non-existent user\n")); + return WINBINDD_ERROR; + } + + + return ( wb_delete_user(user) ? WINBINDD_OK : WINBINDD_ERROR ); } /********************************************************************** - Set the primary group membership of a user + Delete a group from winbindd's account tdb. **********************************************************************/ enum winbindd_result winbindd_delete_group(struct winbindd_cli_state *state) { - return WINBINDD_ERROR; + WINBINDD_GR *grp; + char *group; + + if ( !state->privileged ) { + DEBUG(2, ("winbindd_delete_group: non-privileged access denied!\n")); + return WINBINDD_ERROR; + } + + /* Ensure null termination */ + state->request.data.acct_mgt.username[sizeof(state->request.data.acct_mgt.groupname)-1]='\0'; + group = state->request.data.acct_mgt.groupname; + + DEBUG(3, ("[%5d]: delete_group: %s\n", state->pid, group)); + + /* make sure it is a valid group */ + + if ( !(grp = wb_getgrnam( group )) ) { + DEBUG(4,("winbindd_delete_user: Cannot delete a non-existent group\n")); + return WINBINDD_ERROR; + } + + free_winbindd_gr( grp ); + + return ( wb_delete_group(group) ? WINBINDD_OK : WINBINDD_ERROR ); } + diff --git a/source3/nsswitch/winbindd_cache.c b/source3/nsswitch/winbindd_cache.c index 9163c97c95..2da2a9e641 100644 --- a/source3/nsswitch/winbindd_cache.c +++ b/source3/nsswitch/winbindd_cache.c @@ -258,7 +258,7 @@ static NTSTATUS fetch_cache_seqnum( struct winbindd_domain *domain, time_t now ) snprintf( key, sizeof(key), "SEQNUM/%s", domain->name ); - data = tdb_fetch_by_string( wcache->tdb, key ); + data = tdb_fetch_bystring( wcache->tdb, key ); if ( !data.dptr || data.dsize!=8 ) { DEBUG(10,("fetch_cache_seqnum: invalid data size key [%s]\n", key )); return NT_STATUS_UNSUCCESSFUL; diff --git a/source3/passdb/privileges.c b/source3/passdb/privileges.c index 688053674b..624817e32e 100644 --- a/source3/passdb/privileges.c +++ b/source3/passdb/privileges.c @@ -107,7 +107,7 @@ NTSTATUS privilege_enum_account_with_right(const char *right, return NT_STATUS_INTERNAL_ERROR; } - data = tdb_fetch_by_string(tdb, right); + data = tdb_fetch_bystring(tdb, right); if (!data.dptr) { *count = 0; *sids = NULL; @@ -168,7 +168,7 @@ static NTSTATUS privilege_set_accounts_with_right(const char *right, data.dsize = PTR_DIFF(p, data.dptr); - if (tdb_store_by_string(tdb, right, data, TDB_REPLACE) != 0) { + if (tdb_store_bystring(tdb, right, data, TDB_REPLACE) != 0) { free(data.dptr); return NT_STATUS_INTERNAL_ERROR; } diff --git a/source3/printing/printing.c b/source3/printing/printing.c index 79f8571e31..1a7066f906 100644 --- a/source3/printing/printing.c +++ b/source3/printing/printing.c @@ -1180,7 +1180,7 @@ BOOL print_notify_register_pid(int snum) } /* Store back the record. */ - if (tdb_store_by_string(tdb, NOTIFY_PID_LIST_KEY, data, TDB_REPLACE) == -1) { + if (tdb_store_bystring(tdb, NOTIFY_PID_LIST_KEY, data, TDB_REPLACE) == -1) { DEBUG(0,("print_notify_register_pid: Failed to update pid \ list for printer %s\n", printername)); goto done; @@ -1270,7 +1270,7 @@ printer %s database\n", printername)); SAFE_FREE(data.dptr); /* Store back the record. */ - if (tdb_store_by_string(tdb, NOTIFY_PID_LIST_KEY, data, TDB_REPLACE) == -1) { + if (tdb_store_bystring(tdb, NOTIFY_PID_LIST_KEY, data, TDB_REPLACE) == -1) { DEBUG(0,("print_notify_register_pid: Failed to update pid \ list for printer %s\n", printername)); goto done; diff --git a/source3/printing/printing_db.c b/source3/printing/printing_db.c index 0aa8dfafa5..1c7ac71353 100644 --- a/source3/printing/printing_db.c +++ b/source3/printing/printing_db.c @@ -154,7 +154,7 @@ TDB_DATA get_printer_notify_pid_list(TDB_CONTEXT *tdb, const char *printer_name, ZERO_STRUCT(data); - data = tdb_fetch_by_string( tdb, NOTIFY_PID_LIST_KEY ); + data = tdb_fetch_bystring( tdb, NOTIFY_PID_LIST_KEY ); if (!data.dptr) { ZERO_STRUCT(data); @@ -163,7 +163,7 @@ TDB_DATA get_printer_notify_pid_list(TDB_CONTEXT *tdb, const char *printer_name, if (data.dsize % 8) { DEBUG(0,("get_printer_notify_pid_list: Size of record for printer %s not a multiple of 8 !\n", printer_name )); - tdb_delete_by_string(tdb, NOTIFY_PID_LIST_KEY ); + tdb_delete_bystring(tdb, NOTIFY_PID_LIST_KEY ); SAFE_FREE(data.dptr); ZERO_STRUCT(data); return data; diff --git a/source3/registry/reg_db.c b/source3/registry/reg_db.c index b0917c8f60..cd5ec18f02 100644 --- a/source3/registry/reg_db.c +++ b/source3/registry/reg_db.c @@ -250,7 +250,7 @@ int regdb_fetch_reg_keys( char* key, REGSUBKEY_CTR *ctr ) pstring_sub( path, "\\", "/" ); strupper_m( path ); - dbuf = tdb_fetch_by_string( tdb_reg, path ); + dbuf = tdb_fetch_bystring( tdb_reg, path ); buf = dbuf.dptr; buflen = dbuf.dsize; diff --git a/source3/tdb/tdbutil.c b/source3/tdb/tdbutil.c index 595062dc87..b01dacd0f5 100644 --- a/source3/tdb/tdbutil.c +++ b/source3/tdb/tdbutil.c @@ -266,7 +266,7 @@ BOOL tdb_store_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32 value) on failure. ****************************************************************************/ -int tdb_store_by_string(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags) +int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags) { TDB_DATA key = make_tdb_data(keystr, strlen(keystr)+1); @@ -278,7 +278,7 @@ int tdb_store_by_string(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int free() on the result dptr. ****************************************************************************/ -TDB_DATA tdb_fetch_by_string(TDB_CONTEXT *tdb, const char *keystr) +TDB_DATA tdb_fetch_bystring(TDB_CONTEXT *tdb, const char *keystr) { TDB_DATA key = make_tdb_data(keystr, strlen(keystr)+1); @@ -289,7 +289,7 @@ TDB_DATA tdb_fetch_by_string(TDB_CONTEXT *tdb, const char *keystr) Delete an entry using a null terminated string key. ****************************************************************************/ -int tdb_delete_by_string(TDB_CONTEXT *tdb, const char *keystr) +int tdb_delete_bystring(TDB_CONTEXT *tdb, const char *keystr) { TDB_DATA key = make_tdb_data(keystr, strlen(keystr)+1); diff --git a/source3/torture/mangle_test.c b/source3/torture/mangle_test.c index e4ccfc1b83..660d4d17af 100644 --- a/source3/torture/mangle_test.c +++ b/source3/torture/mangle_test.c @@ -82,7 +82,7 @@ static BOOL test_one(struct cli_state *cli, const char *name) } /* see if the short name is already in the tdb */ - data = tdb_fetch_by_string(tdb, shortname); + data = tdb_fetch_bystring(tdb, shortname); if (data.dptr) { /* maybe its a duplicate long name? */ if (strcasecmp(name, data.dptr) != 0) { @@ -98,7 +98,7 @@ static BOOL test_one(struct cli_state *cli, const char *name) /* store it for later */ namedata.dptr = name; namedata.dsize = strlen(name)+1; - tdb_store_by_string(tdb, shortname, namedata, TDB_REPLACE); + tdb_store_bystring(tdb, shortname, namedata, TDB_REPLACE); } return True; |