summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/Makefile.in2
-rw-r--r--source3/groupdb/mapping.c98
-rw-r--r--source3/groupdb/mapping.h33
-rw-r--r--source3/groupdb/mapping_ldb.c98
-rw-r--r--source3/groupdb/mapping_tdb.c97
-rw-r--r--source3/utils/net_groupmap.c2
-rw-r--r--source3/utils/net_sam.c2
7 files changed, 196 insertions, 136 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in
index a965261378..f723868763 100644
--- a/source3/Makefile.in
+++ b/source3/Makefile.in
@@ -428,7 +428,7 @@ CP850_OBJ = modules/CP850.o
CP437_OBJ = modules/CP437.o
CHARSET_MACOSXFS_OBJ = modules/charset_macosxfs.o
-GROUPDB_OBJ = groupdb/mapping.o groupdb/mapping_tdb.o
+GROUPDB_OBJ = groupdb/mapping.o groupdb/mapping_tdb.o groupdb/mapping_ldb.o
PROFILE_OBJ = profile/profile.o
PROFILES_OBJ = utils/profiles.o \
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c
index 514b44f5b4..9ead1c6317 100644
--- a/source3/groupdb/mapping.c
+++ b/source3/groupdb/mapping.c
@@ -24,6 +24,37 @@
#include "includes.h"
#include "groupdb/mapping.h"
+static const struct mapping_backend *backend;
+
+/*
+ initialise a group mapping backend
+ */
+static BOOL init_group_mapping(void)
+{
+ const char *backend_string;
+
+ if (backend != NULL) {
+ /* already initialised */
+ return True;
+ }
+
+ /* default to using the ldb backend. This parameter should
+ disappear in future versions of Samba3, but for now it
+ provides a safety net in case any major problems are
+ discovered with ldb after the release */
+ backend_string = lp_parm_const_string(-1, "groupdb", "backend", "ldb");
+
+ if (strcmp(backend_string, "ldb") == 0) {
+ backend = groupdb_ldb_init();
+ } else if (strcmp(backend_string, "tdb") == 0) {
+ backend = groupdb_tdb_init();
+ } else {
+ DEBUG(0,("Unknown groupdb backend '%s'\n", backend_string));
+ smb_panic("Unknown groupdb backend\n");
+ }
+ return backend != NULL;
+}
+
/****************************************************************************
initialise first time the mapping list
****************************************************************************/
@@ -58,7 +89,7 @@ static NTSTATUS alias_memberships(const DOM_SID *members, size_t num_members,
*sids = NULL;
for (i=0; i<num_members; i++) {
- NTSTATUS status = one_alias_membership(&members[i], sids, num);
+ NTSTATUS status = backend->one_alias_membership(&members[i], sids, num);
if (!NT_STATUS_IS_OK(status))
return status;
}
@@ -304,42 +335,66 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user)
NTSTATUS pdb_default_getgrsid(struct pdb_methods *methods, GROUP_MAP *map,
DOM_SID sid)
{
- return get_group_map_from_sid(sid, map) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->get_group_map_from_sid(sid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrgid(struct pdb_methods *methods, GROUP_MAP *map,
gid_t gid)
{
- return get_group_map_from_gid(gid, map) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->get_group_map_from_gid(gid, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_getgrnam(struct pdb_methods *methods, GROUP_MAP *map,
const char *name)
{
- return get_group_map_from_ntname(name, map) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->get_group_map_from_ntname(name, map) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_add_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
- return add_mapping_entry(map, TDB_INSERT) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->add_mapping_entry(map, TDB_INSERT) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_update_group_mapping_entry(struct pdb_methods *methods,
GROUP_MAP *map)
{
- return add_mapping_entry(map, TDB_REPLACE) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->add_mapping_entry(map, TDB_REPLACE) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
NTSTATUS pdb_default_delete_group_mapping_entry(struct pdb_methods *methods,
DOM_SID sid)
{
- return group_map_remove(&sid) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->group_map_remove(&sid) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
@@ -348,7 +403,11 @@ NTSTATUS pdb_default_enum_group_mapping(struct pdb_methods *methods,
GROUP_MAP **pp_rmap, size_t *p_num_entries,
BOOL unix_only)
{
- return enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ?
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->enum_group_mapping(sid, sid_name_use, pp_rmap, p_num_entries, unix_only) ?
NT_STATUS_OK : NT_STATUS_UNSUCCESSFUL;
}
@@ -461,20 +520,32 @@ NTSTATUS pdb_default_set_aliasinfo(struct pdb_methods *methods,
NTSTATUS pdb_default_add_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, const DOM_SID *member)
{
- return add_aliasmem(alias, member);
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->add_aliasmem(alias, member);
}
NTSTATUS pdb_default_del_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, const DOM_SID *member)
{
- return del_aliasmem(alias, member);
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->del_aliasmem(alias, member);
}
NTSTATUS pdb_default_enum_aliasmem(struct pdb_methods *methods,
const DOM_SID *alias, DOM_SID **pp_members,
size_t *p_num_members)
{
- return enum_aliasmem(alias, pp_members, p_num_members);
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+ return backend->enum_aliasmem(alias, pp_members, p_num_members);
}
NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
@@ -489,6 +560,11 @@ NTSTATUS pdb_default_alias_memberships(struct pdb_methods *methods,
size_t i, num_alias_sids;
NTSTATUS result;
+ if (!init_group_mapping()) {
+ DEBUG(0,("failed to initialize group mapping\n"));
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
alias_sids = NULL;
num_alias_sids = 0;
diff --git a/source3/groupdb/mapping.h b/source3/groupdb/mapping.h
index 9daaa7fdd7..29e8ad5ffa 100644
--- a/source3/groupdb/mapping.h
+++ b/source3/groupdb/mapping.h
@@ -10,17 +10,22 @@
*/
#define MEMBEROF_PREFIX "MEMBEROF/"
-/* internal prototypes */
-BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only);
-BOOL group_map_remove(const DOM_SID *sid);
-BOOL init_group_mapping(void);
-NTSTATUS one_alias_membership(const DOM_SID *member,
- DOM_SID **sids, size_t *num);
-BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map);
-BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map);
-BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map);
-BOOL add_mapping_entry(GROUP_MAP *map, int flag);
-NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member);
-NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member);
-NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num);
+/*
+ groupdb mapping backend abstraction
+ */
+struct mapping_backend {
+ BOOL (*init_group_mapping)(void);
+ BOOL (*add_mapping_entry)(GROUP_MAP *map, int flag);
+ BOOL (*get_group_map_from_sid)(DOM_SID sid, GROUP_MAP *map);
+ BOOL (*get_group_map_from_gid)(gid_t gid, GROUP_MAP *map);
+ BOOL (*get_group_map_from_ntname)(const char *name, GROUP_MAP *map);
+ BOOL (*group_map_remove)(const DOM_SID *sid);
+ BOOL (*enum_group_mapping)(const DOM_SID *domsid, enum lsa_SidType sid_name_use,
+ GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only);
+ NTSTATUS (*one_alias_membership)(const DOM_SID *member,
+ DOM_SID **sids, size_t *num);
+ NTSTATUS (*add_aliasmem)(const DOM_SID *alias, const DOM_SID *member);
+ NTSTATUS (*del_aliasmem)(const DOM_SID *alias, const DOM_SID *member);
+ NTSTATUS (*enum_aliasmem)(const DOM_SID *alias, DOM_SID **sids, size_t *num);
+};
diff --git a/source3/groupdb/mapping_ldb.c b/source3/groupdb/mapping_ldb.c
index a743c2456e..8eafc2532b 100644
--- a/source3/groupdb/mapping_ldb.c
+++ b/source3/groupdb/mapping_ldb.c
@@ -34,7 +34,7 @@ static BOOL mapping_upgrade(const char *tdb_path);
/*
connect to the group mapping ldb
*/
- BOOL init_group_mapping(void)
+static BOOL init_group_mapping(void)
{
BOOL existed;
const char *init_ldif[] =
@@ -128,16 +128,12 @@ static struct ldb_dn *mapping_dn(TALLOC_CTX *mem_ctx, const DOM_SID *sid)
/*
add a group mapping entry
*/
- BOOL add_mapping_entry(GROUP_MAP *map, int flag)
+static BOOL add_mapping_entry(GROUP_MAP *map, int flag)
{
struct ldb_message *msg;
int ret, i;
fstring string_sid;
- if (!init_group_mapping()) {
- return False;
- }
-
msg = ldb_msg_new(ldb);
if (msg == NULL) {
return False;
@@ -204,16 +200,12 @@ static BOOL msg_to_group_map(struct ldb_message *msg, GROUP_MAP *map)
/*
return a group map entry for a given sid
*/
- BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
int ret;
struct ldb_dn *dn;
struct ldb_result *res=NULL;
- if (!init_group_mapping()) {
- return False;
- }
-
dn = mapping_dn(ldb, &sid);
if (dn == NULL) goto failed;
@@ -236,16 +228,12 @@ failed:
/*
return a group map entry for a given gid
*/
- BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
+static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
{
int ret;
char *expr;
struct ldb_result *res=NULL;
- if (!init_group_mapping()) {
- return False;
- }
-
expr = talloc_asprintf(ldb, "(&(gidNumber=%u)(objectClass=groupMap))",
(unsigned)gid);
if (expr == NULL) goto failed;
@@ -267,16 +255,12 @@ failed:
/*
Return the sid and the type of the unix group.
*/
- BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
+static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
{
int ret;
char *expr;
struct ldb_result *res=NULL;
- if (!init_group_mapping()) {
- return False;
- }
-
expr = talloc_asprintf(ldb, "(&(ntName=%s)(objectClass=groupMap))", name);
if (expr == NULL) goto failed;
@@ -297,15 +281,11 @@ failed:
/*
Remove a group mapping entry.
*/
- BOOL group_map_remove(const DOM_SID *sid)
+static BOOL group_map_remove(const DOM_SID *sid)
{
struct ldb_dn *dn;
int ret;
- if (!init_group_mapping()) {
- return False;
- }
-
dn = mapping_dn(ldb, sid);
if (dn == NULL) {
return False;
@@ -320,9 +300,9 @@ failed:
/*
Enumerate the group mappings for a domain
*/
- BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use,
- GROUP_MAP **pp_rmap,
- size_t *p_num_entries, BOOL unix_only)
+static BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use,
+ GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only)
{
int i, ret;
char *expr;
@@ -331,10 +311,6 @@ failed:
struct ldb_dn *basedn=NULL;
TALLOC_CTX *tmp_ctx;
- if (!init_group_mapping()) {
- return False;
- }
-
tmp_ctx = talloc_new(ldb);
if (tmp_ctx == NULL) goto failed;
@@ -383,8 +359,8 @@ failed:
This operation happens on session setup, so it should better be fast. We
store a list of aliases a SID is member of hanging off MEMBEROF/SID.
*/
- NTSTATUS one_alias_membership(const DOM_SID *member,
- DOM_SID **sids, size_t *num)
+static NTSTATUS one_alias_membership(const DOM_SID *member,
+ DOM_SID **sids, size_t *num)
{
const char *attrs[] = {
"sid",
@@ -397,10 +373,6 @@ failed:
fstring string_sid;
NTSTATUS status = NT_STATUS_INTERNAL_DB_CORRUPTION;
- if (!init_group_mapping()) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
if (!sid_to_string(string_sid, member)) {
return NT_STATUS_INVALID_PARAMETER;
}
@@ -451,10 +423,6 @@ static NTSTATUS modify_aliasmem(const DOM_SID *alias, const DOM_SID *member,
TALLOC_CTX *tmp_ctx;
GROUP_MAP map;
- if (!init_group_mapping()) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
if (!get_group_map_from_sid(*alias, &map)) {
sid_to_string(string_sid, alias);
return NT_STATUS_NO_SUCH_ALIAS;
@@ -500,12 +468,12 @@ static NTSTATUS modify_aliasmem(const DOM_SID *alias, const DOM_SID *member,
return (ret == LDB_SUCCESS ? NT_STATUS_OK : NT_STATUS_ACCESS_DENIED);
}
- NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
return modify_aliasmem(alias, member, LDB_FLAG_MOD_ADD);
}
- NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
return modify_aliasmem(alias, member, LDB_FLAG_MOD_DELETE);
}
@@ -514,7 +482,7 @@ static NTSTATUS modify_aliasmem(const DOM_SID *alias, const DOM_SID *member,
/*
enumerate sids that have the given alias set in member
*/
- NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
+static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
{
const char *attrs[] = {
"member",
@@ -525,10 +493,6 @@ static NTSTATUS modify_aliasmem(const DOM_SID *alias, const DOM_SID *member,
struct ldb_dn *dn;
struct ldb_message_element *el;
- if (!init_group_mapping()) {
- return NT_STATUS_ACCESS_DENIED;
- }
-
*sids = NULL;
*num = 0;
@@ -576,7 +540,7 @@ static int upgrade_map_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key,
int ret;
GROUP_MAP map;
- if (strncmp(key.dptr, GROUP_PREFIX,
+ if (strncmp((char *)key.dptr, GROUP_PREFIX,
MIN(key.dsize, strlen(GROUP_PREFIX))) != 0) {
return 0;
}
@@ -610,11 +574,11 @@ static int upgrade_map_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key,
static int upgrade_alias_record(TDB_CONTEXT *tdb_ctx, TDB_DATA key,
TDB_DATA data, void *state)
{
- const char *p = data.dptr;
+ const char *p = (const char *)data.dptr;
fstring string_sid;
DOM_SID member;
- if (strncmp(key.dptr, MEMBEROF_PREFIX,
+ if (strncmp((char *)key.dptr, MEMBEROF_PREFIX,
MIN(key.dsize, strlen(MEMBEROF_PREFIX))) != 0) {
return 0;
}
@@ -684,3 +648,31 @@ failed:
if (tdb) tdb_close(tdb);
return False;
}
+
+
+
+static const struct mapping_backend ldb_backend = {
+ .add_mapping_entry = add_mapping_entry,
+ .get_group_map_from_sid = get_group_map_from_sid,
+ .get_group_map_from_gid = get_group_map_from_gid,
+ .get_group_map_from_ntname = get_group_map_from_ntname,
+ .group_map_remove = group_map_remove,
+ .enum_group_mapping = enum_group_mapping,
+ .one_alias_membership = one_alias_membership,
+ .add_aliasmem = add_aliasmem,
+ .del_aliasmem = del_aliasmem,
+ .enum_aliasmem = enum_aliasmem
+};
+
+/*
+ initialise the ldb mapping backend
+ */
+const struct mapping_backend *groupdb_ldb_init(void)
+{
+ if (!init_group_mapping()) {
+ DEBUG(0,("Failed to initialise ldb mapping backend\n"));
+ return NULL;
+ }
+
+ return &ldb_backend;
+}
diff --git a/source3/groupdb/mapping_tdb.c b/source3/groupdb/mapping_tdb.c
index 2461ece1d6..7ea7ec498c 100644
--- a/source3/groupdb/mapping_tdb.c
+++ b/source3/groupdb/mapping_tdb.c
@@ -26,10 +26,14 @@
static TDB_CONTEXT *tdb; /* used for driver files */
+static BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
+ size_t *p_num_entries, BOOL unix_only);
+static BOOL group_map_remove(const DOM_SID *sid);
+
/****************************************************************************
Open the group mapping tdb.
****************************************************************************/
- BOOL init_group_mapping(void)
+static BOOL init_group_mapping(void)
{
const char *vstring = "INFO/version";
int32 vers_id;
@@ -85,18 +89,13 @@ static TDB_CONTEXT *tdb; /* used for driver files */
/****************************************************************************
****************************************************************************/
- BOOL add_mapping_entry(GROUP_MAP *map, int flag)
+static BOOL add_mapping_entry(GROUP_MAP *map, int flag)
{
TDB_DATA dbuf;
pstring key, buf;
fstring string_sid="";
int len;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return(False);
- }
-
sid_to_string(string_sid, &map->sid);
len = tdb_pack((uint8 *)buf, sizeof(buf), "ddff",
@@ -119,18 +118,13 @@ static TDB_CONTEXT *tdb; /* used for driver files */
Return the sid and the type of the unix group.
****************************************************************************/
- BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
+static BOOL get_group_map_from_sid(DOM_SID sid, GROUP_MAP *map)
{
TDB_DATA dbuf;
pstring key;
fstring string_sid;
int ret = 0;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return(False);
- }
-
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, &sid);
@@ -159,17 +153,12 @@ static TDB_CONTEXT *tdb; /* used for driver files */
Return the sid and the type of the unix group.
****************************************************************************/
- BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
+static BOOL get_group_map_from_gid(gid_t gid, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf, newkey;
fstring string_sid;
int ret;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return(False);
- }
-
/* we need to enumerate the TDB to find the GID */
for (kbuf = tdb_firstkey(tdb);
@@ -209,17 +198,12 @@ static TDB_CONTEXT *tdb; /* used for driver files */
Return the sid and the type of the unix group.
****************************************************************************/
- BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
+static BOOL get_group_map_from_ntname(const char *name, GROUP_MAP *map)
{
TDB_DATA kbuf, dbuf, newkey;
fstring string_sid;
int ret;
- if(!init_group_mapping()) {
- DEBUG(0,("get_group_map_from_ntname:failed to initialize group mapping\n"));
- return(False);
- }
-
/* we need to enumerate the TDB to find the name */
for (kbuf = tdb_firstkey(tdb);
@@ -259,17 +243,12 @@ static TDB_CONTEXT *tdb; /* used for driver files */
Remove a group mapping entry.
****************************************************************************/
-BOOL group_map_remove(const DOM_SID *sid)
+static BOOL group_map_remove(const DOM_SID *sid)
{
TDB_DATA dbuf;
pstring key;
fstring string_sid;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return(False);
- }
-
/* the key is the SID, retrieving is direct */
sid_to_string(string_sid, sid);
@@ -291,7 +270,7 @@ BOOL group_map_remove(const DOM_SID *sid)
Enumerate the group mapping.
****************************************************************************/
-BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
+static BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GROUP_MAP **pp_rmap,
size_t *p_num_entries, BOOL unix_only)
{
TDB_DATA kbuf, dbuf, newkey;
@@ -303,11 +282,6 @@ BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GR
DOM_SID grpsid;
uint32 rid;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return(False);
- }
-
*p_num_entries=0;
*pp_rmap=NULL;
@@ -388,18 +362,13 @@ BOOL enum_group_mapping(const DOM_SID *domsid, enum lsa_SidType sid_name_use, GR
/* This operation happens on session setup, so it should better be fast. We
* store a list of aliases a SID is member of hanging off MEMBEROF/SID. */
- NTSTATUS one_alias_membership(const DOM_SID *member,
+static NTSTATUS one_alias_membership(const DOM_SID *member,
DOM_SID **sids, size_t *num)
{
fstring key, string_sid;
TDB_DATA dbuf;
const char *p;
- if (!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
-
sid_to_string(string_sid, member);
slprintf(key, sizeof(key), "%s%s", MEMBEROF_PREFIX, string_sid);
@@ -464,7 +433,7 @@ static BOOL is_aliasmem(const DOM_SID *alias, const DOM_SID *member)
}
- NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+static NTSTATUS add_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
GROUP_MAP map;
TDB_DATA dbuf;
@@ -473,11 +442,6 @@ static BOOL is_aliasmem(const DOM_SID *alias, const DOM_SID *member)
char *new_memberstring;
int result;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
-
if (!get_group_map_from_sid(*alias, &map))
return NT_STATUS_NO_SUCH_ALIAS;
@@ -570,16 +534,11 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data,
return 0;
}
- NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
+static NTSTATUS enum_aliasmem(const DOM_SID *alias, DOM_SID **sids, size_t *num)
{
GROUP_MAP map;
struct aliasmem_closure closure;
- if(!init_group_mapping()) {
- DEBUG(0,("failed to initialize group mapping\n"));
- return NT_STATUS_ACCESS_DENIED;
- }
-
if (!get_group_map_from_sid(*alias, &map))
return NT_STATUS_NO_SUCH_ALIAS;
@@ -598,7 +557,7 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data,
return NT_STATUS_OK;
}
- NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
+static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
NTSTATUS result;
DOM_SID *sids;
@@ -669,3 +628,29 @@ static int collect_aliasmem(TDB_CONTEXT *tdb_ctx, TDB_DATA key, TDB_DATA data,
return result;
}
+
+static const struct mapping_backend tdb_backend = {
+ .add_mapping_entry = add_mapping_entry,
+ .get_group_map_from_sid = get_group_map_from_sid,
+ .get_group_map_from_gid = get_group_map_from_gid,
+ .get_group_map_from_ntname = get_group_map_from_ntname,
+ .group_map_remove = group_map_remove,
+ .enum_group_mapping = enum_group_mapping,
+ .one_alias_membership = one_alias_membership,
+ .add_aliasmem = add_aliasmem,
+ .del_aliasmem = del_aliasmem,
+ .enum_aliasmem = enum_aliasmem
+};
+
+/*
+ initialise the tdb mapping backend
+ */
+const struct mapping_backend *groupdb_tdb_init(void)
+{
+ if (!init_group_mapping()) {
+ DEBUG(0,("Failed to initialise tdb mapping backend\n"));
+ return NULL;
+ }
+
+ return &tdb_backend;
+}
diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c
index ad1a141cfc..bb30a31c0b 100644
--- a/source3/utils/net_groupmap.c
+++ b/source3/utils/net_groupmap.c
@@ -725,7 +725,7 @@ static int net_groupmap_listmem(int argc, const char **argv)
printf("%s\n", sid_string_static(&(members[i])));
}
- SAFE_FREE(members);
+ TALLOC_FREE(members);
return 0;
}
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c
index dd979bdc6e..851c3e86de 100644
--- a/source3/utils/net_sam.c
+++ b/source3/utils/net_sam.c
@@ -958,6 +958,8 @@ static int net_sam_listmem(int argc, const char **argv)
sid_string_static(&members[i]));
}
}
+
+ TALLOC_FREE(members);
} else {
d_fprintf(stderr, "Can only list local group members so far.\n"
"%s is a %s\n", argv[0], sid_type_lookup(grouptype));