diff options
-rw-r--r-- | nsswitch/wbinfo.c | 39 |
1 files changed, 39 insertions, 0 deletions
diff --git a/nsswitch/wbinfo.c b/nsswitch/wbinfo.c index 7410a744f3..219ec24fba 100644 --- a/nsswitch/wbinfo.c +++ b/nsswitch/wbinfo.c @@ -754,6 +754,38 @@ static bool wbinfo_check_secret(const char *domain) return true; } +/* Change trust account password */ + +static bool wbinfo_change_secret(const char *domain) +{ + wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE; + struct wbcAuthErrorInfo *error = NULL; + const char *domain_name; + + if (domain) { + domain_name = domain; + } else { + domain_name = get_winbind_domain(); + } + + wbc_status = wbcChangeTrustCredentials(domain_name, &error); + + d_printf("changing the trust secret for domain %s via RPC calls %s\n", + domain_name, + WBC_ERROR_IS_OK(wbc_status) ? "succeeded" : "failed"); + + if (wbc_status == WBC_ERR_AUTH_ERROR) { + d_fprintf(stderr, "error code was %s (0x%x)\n", + error->nt_string, error->nt_status); + wbcFreeMemory(error); + } + if (!WBC_ERROR_IS_OK(wbc_status)) { + return false; + } + + return true; +} + /* Convert uid to sid */ static bool wbinfo_uid_to_sid(uid_t uid) @@ -1733,6 +1765,7 @@ int main(int argc, char **argv, char **envp) { "remove-uid-mapping", 0, POPT_ARG_STRING, &string_arg, OPT_REMOVE_UID_MAPPING, "Remove uid to sid mapping in idmap", "UID,SID" }, { "remove-gid-mapping", 0, POPT_ARG_STRING, &string_arg, OPT_REMOVE_GID_MAPPING, "Remove gid to sid mapping in idmap", "GID,SID" }, { "check-secret", 't', POPT_ARG_NONE, 0, 't', "Check shared secret" }, + { "change-secret", 'c', POPT_ARG_NONE, 0, 'c', "Change shared secret" }, { "trusted-domains", 'm', POPT_ARG_NONE, 0, 'm', "List trusted domains" }, { "all-domains", 0, POPT_ARG_NONE, 0, OPT_LIST_ALL_DOMAINS, "List all domains (trusted and own domain)" }, { "own-domain", 0, POPT_ARG_NONE, 0, OPT_LIST_OWN_DOMAIN, "List own domain" }, @@ -1963,6 +1996,12 @@ int main(int argc, char **argv, char **envp) goto done; } break; + case 'c': + if (!wbinfo_change_secret(opt_domain_name)) { + d_fprintf(stderr, "Could not change secret\n"); + goto done; + } + break; case 'm': if (!wbinfo_list_domains(false, verbose)) { d_fprintf(stderr, |