diff options
-rw-r--r-- | source3/nsswitch/wbinfo.c | 50 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_group.c | 12 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_misc.c | 12 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_nss.h | 1 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_user.c | 14 |
5 files changed, 71 insertions, 18 deletions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c index fcd7d2d508..68948ec889 100644 --- a/source3/nsswitch/wbinfo.c +++ b/source3/nsswitch/wbinfo.c @@ -219,15 +219,20 @@ static BOOL wbinfo_list_domains(void) /* show sequence numbers */ -static BOOL wbinfo_show_sequence(void) +static BOOL wbinfo_show_sequence(const char *domain) { + struct winbindd_request request; struct winbindd_response response; ZERO_STRUCT(response); + ZERO_STRUCT(request); + + if ( domain ) + fstrcpy( request.domain_name, domain ); /* Send request */ - if (winbindd_request(WINBINDD_SHOW_SEQUENCE, NULL, &response) != + if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -682,17 +687,22 @@ static BOOL wbinfo_remove_user_from_group(char *string) /* Print domain users */ -static BOOL print_domain_users(void) +static BOOL print_domain_users(const char *domain) { + struct winbindd_request request; struct winbindd_response response; const char *extra_data; fstring name; /* Send request to winbind daemon */ + ZERO_STRUCT(request); ZERO_STRUCT(response); + + if (domain) + fstrcpy( request.domain_name, domain ); - if (winbindd_request(WINBINDD_LIST_USERS, NULL, &response) != + if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -713,15 +723,20 @@ static BOOL print_domain_users(void) /* Print domain groups */ -static BOOL print_domain_groups(void) +static BOOL print_domain_groups(const char *domain) { + struct winbindd_request request; struct winbindd_response response; const char *extra_data; fstring name; + ZERO_STRUCT(request); ZERO_STRUCT(response); - if (winbindd_request(WINBINDD_LIST_GROUPS, NULL, &response) != + if (domain) + fstrcpy( request.domain_name, domain ); + + if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) != NSS_STATUS_SUCCESS) return False; @@ -845,6 +860,7 @@ static BOOL wbinfo_ping(void) enum { OPT_SET_AUTH_USER = 1000, OPT_GET_AUTH_USER, + OPT_DOMAIN_NAME, OPT_SEQUENCE }; @@ -854,8 +870,8 @@ int main(int argc, char **argv) poptContext pc; static char *string_arg; + static char *opt_domain_name; static int int_arg; - BOOL got_command = False; int result = 1; struct poptOption long_options[] = { @@ -864,8 +880,8 @@ int main(int argc, char **argv) /* longName, shortName, argInfo, argPtr, value, descrip, argDesc */ - { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users"}, - { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups" }, + { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"}, + { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups", "domain" }, { "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP", "NETBIOS-NAME" }, { "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name", "IP" }, { "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" }, @@ -888,6 +904,7 @@ int main(int argc, char **argv) { "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" }, { "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL }, { "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" }, + { "domain", 0, POPT_ARG_STRING, &opt_domain_name, OPT_DOMAIN_NAME, "Define to the domain to restrict operatio", "domain" }, POPT_COMMON_VERSION POPT_TABLEEND }; @@ -917,11 +934,7 @@ int main(int argc, char **argv) } while((opt = poptGetNextOpt(pc)) != -1) { - if (got_command) { - d_fprintf(stderr, "No more than one command may be specified at once.\n"); - exit(1); - } - got_command = True; + /* get the generic configuration parameters like --domain */ } poptFreeContext(pc); @@ -932,13 +945,13 @@ int main(int argc, char **argv) while((opt = poptGetNextOpt(pc)) != -1) { switch (opt) { case 'u': - if (!print_domain_users()) { + if (!print_domain_users(opt_domain_name)) { d_printf("Error looking up domain users\n"); goto done; } break; case 'g': - if (!print_domain_groups()) { + if (!print_domain_groups(opt_domain_name)) { d_printf("Error looking up domain groups\n"); goto done; } @@ -1007,7 +1020,7 @@ int main(int argc, char **argv) } break; case OPT_SEQUENCE: - if (!wbinfo_show_sequence()) { + if (!wbinfo_show_sequence(opt_domain_name)) { d_printf("Could not show sequence numbers\n"); goto done; } @@ -1086,6 +1099,9 @@ int main(int argc, char **argv) case OPT_GET_AUTH_USER: wbinfo_get_auth_user(); break; + /* generic configuration options */ + case OPT_DOMAIN_NAME: + break; default: d_fprintf(stderr, "Invalid option\n"); poptPrintHelp(pc, stderr, 0); diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index 96c121685a..fba427536c 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -821,17 +821,29 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state) { uint32 total_entries = 0; struct winbindd_domain *domain; + const char *which_domain; char *extra_data = NULL; char *ted = NULL; unsigned int extra_data_len = 0, i; DEBUG(3, ("[%5lu]: list groups\n", (unsigned long)state->pid)); + /* Ensure null termination */ + state->request.domain_name[sizeof(state->request.domain_name)-1]='\0'; + which_domain = state->request.domain_name; + /* Enumerate over trusted domains */ for (domain = domain_list(); domain; domain = domain->next) { struct getent_state groups; + /* if we have a domain name restricting the request and this + one in the list doesn't match, then just bypass the remainder + of the loop */ + + if ( *which_domain && !strequal(which_domain, domain->name) ) + continue; + ZERO_STRUCT(groups); /* Get list of sam groups */ diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c index 740b760b93..d2d50c52ac 100644 --- a/source3/nsswitch/winbindd_misc.c +++ b/source3/nsswitch/winbindd_misc.c @@ -148,9 +148,14 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) { struct winbindd_domain *domain; char *extra_data = NULL; + const char *which_domain; DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid)); + /* Ensure null termination */ + state->request.domain_name[sizeof(state->request.domain_name)-1]='\0'; + which_domain = state->request.domain_name; + extra_data = strdup(""); /* this makes for a very simple data format, and is easily parsable as well @@ -158,6 +163,13 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state) for (domain = domain_list(); domain; domain = domain->next) { char *s; + /* if we have a domain name restricting the request and this + one in the list doesn't match, then just bypass the remainder + of the loop */ + + if ( *which_domain && !strequal(which_domain, domain->name) ) + continue; + domain->methods->sequence_number(domain, &domain->sequence_number); if (DOM_SEQUENCE_NONE == (unsigned)domain->sequence_number) { diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h index c4407bbe31..41fecd2816 100644 --- a/source3/nsswitch/winbindd_nss.h +++ b/source3/nsswitch/winbindd_nss.h @@ -157,6 +157,7 @@ struct winbindd_request { enum winbindd_cmd cmd; /* Winbindd command to execute */ pid_t pid; /* pid of calling process */ uint32 flags; /* flags relavant to a given request */ + fstring domain_name; /* name of domain for which the request applies */ union { fstring winsreq; /* WINS request */ diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index c0b0d94167..eab88c842e 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -575,6 +575,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state) { struct winbindd_domain *domain; WINBIND_USERINFO *info; + const char *which_domain; uint32 num_entries = 0, total_entries = 0; char *ted, *extra_data = NULL; int extra_data_len = 0; @@ -586,13 +587,24 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state) if (!(mem_ctx = talloc_init("winbindd_list_users"))) return WINBINDD_ERROR; + /* Ensure null termination */ + state->request.domain_name[sizeof(state->request.domain_name)-1]='\0'; + which_domain = state->request.domain_name; + /* Enumerate over trusted domains */ for (domain = domain_list(); domain; domain = domain->next) { NTSTATUS status; struct winbindd_methods *methods; unsigned int i; - + + /* if we have a domain name restricting the request and this + one in the list doesn't match, then just bypass the remainder + of the loop */ + + if ( *which_domain && !strequal(which_domain, domain->name) ) + continue; + methods = domain->methods; /* Query display info */ |