summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/nsswitch/wbinfo.c50
-rw-r--r--source3/nsswitch/winbindd_group.c12
-rw-r--r--source3/nsswitch/winbindd_misc.c12
-rw-r--r--source3/nsswitch/winbindd_nss.h1
-rw-r--r--source3/nsswitch/winbindd_user.c14
5 files changed, 71 insertions, 18 deletions
diff --git a/source3/nsswitch/wbinfo.c b/source3/nsswitch/wbinfo.c
index fcd7d2d508..68948ec889 100644
--- a/source3/nsswitch/wbinfo.c
+++ b/source3/nsswitch/wbinfo.c
@@ -219,15 +219,20 @@ static BOOL wbinfo_list_domains(void)
/* show sequence numbers */
-static BOOL wbinfo_show_sequence(void)
+static BOOL wbinfo_show_sequence(const char *domain)
{
+ struct winbindd_request request;
struct winbindd_response response;
ZERO_STRUCT(response);
+ ZERO_STRUCT(request);
+
+ if ( domain )
+ fstrcpy( request.domain_name, domain );
/* Send request */
- if (winbindd_request(WINBINDD_SHOW_SEQUENCE, NULL, &response) !=
+ if (winbindd_request(WINBINDD_SHOW_SEQUENCE, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -682,17 +687,22 @@ static BOOL wbinfo_remove_user_from_group(char *string)
/* Print domain users */
-static BOOL print_domain_users(void)
+static BOOL print_domain_users(const char *domain)
{
+ struct winbindd_request request;
struct winbindd_response response;
const char *extra_data;
fstring name;
/* Send request to winbind daemon */
+ ZERO_STRUCT(request);
ZERO_STRUCT(response);
+
+ if (domain)
+ fstrcpy( request.domain_name, domain );
- if (winbindd_request(WINBINDD_LIST_USERS, NULL, &response) !=
+ if (winbindd_request(WINBINDD_LIST_USERS, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -713,15 +723,20 @@ static BOOL print_domain_users(void)
/* Print domain groups */
-static BOOL print_domain_groups(void)
+static BOOL print_domain_groups(const char *domain)
{
+ struct winbindd_request request;
struct winbindd_response response;
const char *extra_data;
fstring name;
+ ZERO_STRUCT(request);
ZERO_STRUCT(response);
- if (winbindd_request(WINBINDD_LIST_GROUPS, NULL, &response) !=
+ if (domain)
+ fstrcpy( request.domain_name, domain );
+
+ if (winbindd_request(WINBINDD_LIST_GROUPS, &request, &response) !=
NSS_STATUS_SUCCESS)
return False;
@@ -845,6 +860,7 @@ static BOOL wbinfo_ping(void)
enum {
OPT_SET_AUTH_USER = 1000,
OPT_GET_AUTH_USER,
+ OPT_DOMAIN_NAME,
OPT_SEQUENCE
};
@@ -854,8 +870,8 @@ int main(int argc, char **argv)
poptContext pc;
static char *string_arg;
+ static char *opt_domain_name;
static int int_arg;
- BOOL got_command = False;
int result = 1;
struct poptOption long_options[] = {
@@ -864,8 +880,8 @@ int main(int argc, char **argv)
/* longName, shortName, argInfo, argPtr, value, descrip,
argDesc */
- { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users"},
- { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups" },
+ { "domain-users", 'u', POPT_ARG_NONE, 0, 'u', "Lists all domain users", "domain"},
+ { "domain-groups", 'g', POPT_ARG_NONE, 0, 'g', "Lists all domain groups", "domain" },
{ "WINS-by-name", 'N', POPT_ARG_STRING, &string_arg, 'N', "Converts NetBIOS name to IP", "NETBIOS-NAME" },
{ "WINS-by-ip", 'I', POPT_ARG_STRING, &string_arg, 'I', "Converts IP address to NetBIOS name", "IP" },
{ "name-to-sid", 'n', POPT_ARG_STRING, &string_arg, 'n', "Converts name to sid", "NAME" },
@@ -888,6 +904,7 @@ int main(int argc, char **argv)
{ "set-auth-user", 0, POPT_ARG_STRING, &string_arg, OPT_SET_AUTH_USER, "Store user and password used by winbindd (root only)", "user%password" },
{ "get-auth-user", 0, POPT_ARG_NONE, NULL, OPT_GET_AUTH_USER, "Retrieve user and password used by winbindd (root only)", NULL },
{ "ping", 'p', POPT_ARG_NONE, 0, 'p', "Ping winbindd to see if it is alive" },
+ { "domain", 0, POPT_ARG_STRING, &opt_domain_name, OPT_DOMAIN_NAME, "Define to the domain to restrict operatio", "domain" },
POPT_COMMON_VERSION
POPT_TABLEEND
};
@@ -917,11 +934,7 @@ int main(int argc, char **argv)
}
while((opt = poptGetNextOpt(pc)) != -1) {
- if (got_command) {
- d_fprintf(stderr, "No more than one command may be specified at once.\n");
- exit(1);
- }
- got_command = True;
+ /* get the generic configuration parameters like --domain */
}
poptFreeContext(pc);
@@ -932,13 +945,13 @@ int main(int argc, char **argv)
while((opt = poptGetNextOpt(pc)) != -1) {
switch (opt) {
case 'u':
- if (!print_domain_users()) {
+ if (!print_domain_users(opt_domain_name)) {
d_printf("Error looking up domain users\n");
goto done;
}
break;
case 'g':
- if (!print_domain_groups()) {
+ if (!print_domain_groups(opt_domain_name)) {
d_printf("Error looking up domain groups\n");
goto done;
}
@@ -1007,7 +1020,7 @@ int main(int argc, char **argv)
}
break;
case OPT_SEQUENCE:
- if (!wbinfo_show_sequence()) {
+ if (!wbinfo_show_sequence(opt_domain_name)) {
d_printf("Could not show sequence numbers\n");
goto done;
}
@@ -1086,6 +1099,9 @@ int main(int argc, char **argv)
case OPT_GET_AUTH_USER:
wbinfo_get_auth_user();
break;
+ /* generic configuration options */
+ case OPT_DOMAIN_NAME:
+ break;
default:
d_fprintf(stderr, "Invalid option\n");
poptPrintHelp(pc, stderr, 0);
diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c
index 96c121685a..fba427536c 100644
--- a/source3/nsswitch/winbindd_group.c
+++ b/source3/nsswitch/winbindd_group.c
@@ -821,17 +821,29 @@ enum winbindd_result winbindd_list_groups(struct winbindd_cli_state *state)
{
uint32 total_entries = 0;
struct winbindd_domain *domain;
+ const char *which_domain;
char *extra_data = NULL;
char *ted = NULL;
unsigned int extra_data_len = 0, i;
DEBUG(3, ("[%5lu]: list groups\n", (unsigned long)state->pid));
+ /* Ensure null termination */
+ state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
+ which_domain = state->request.domain_name;
+
/* Enumerate over trusted domains */
for (domain = domain_list(); domain; domain = domain->next) {
struct getent_state groups;
+ /* if we have a domain name restricting the request and this
+ one in the list doesn't match, then just bypass the remainder
+ of the loop */
+
+ if ( *which_domain && !strequal(which_domain, domain->name) )
+ continue;
+
ZERO_STRUCT(groups);
/* Get list of sam groups */
diff --git a/source3/nsswitch/winbindd_misc.c b/source3/nsswitch/winbindd_misc.c
index 740b760b93..d2d50c52ac 100644
--- a/source3/nsswitch/winbindd_misc.c
+++ b/source3/nsswitch/winbindd_misc.c
@@ -148,9 +148,14 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state)
{
struct winbindd_domain *domain;
char *extra_data = NULL;
+ const char *which_domain;
DEBUG(3, ("[%5lu]: show sequence\n", (unsigned long)state->pid));
+ /* Ensure null termination */
+ state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
+ which_domain = state->request.domain_name;
+
extra_data = strdup("");
/* this makes for a very simple data format, and is easily parsable as well
@@ -158,6 +163,13 @@ enum winbindd_result winbindd_show_sequence(struct winbindd_cli_state *state)
for (domain = domain_list(); domain; domain = domain->next) {
char *s;
+ /* if we have a domain name restricting the request and this
+ one in the list doesn't match, then just bypass the remainder
+ of the loop */
+
+ if ( *which_domain && !strequal(which_domain, domain->name) )
+ continue;
+
domain->methods->sequence_number(domain, &domain->sequence_number);
if (DOM_SEQUENCE_NONE == (unsigned)domain->sequence_number) {
diff --git a/source3/nsswitch/winbindd_nss.h b/source3/nsswitch/winbindd_nss.h
index c4407bbe31..41fecd2816 100644
--- a/source3/nsswitch/winbindd_nss.h
+++ b/source3/nsswitch/winbindd_nss.h
@@ -157,6 +157,7 @@ struct winbindd_request {
enum winbindd_cmd cmd; /* Winbindd command to execute */
pid_t pid; /* pid of calling process */
uint32 flags; /* flags relavant to a given request */
+ fstring domain_name; /* name of domain for which the request applies */
union {
fstring winsreq; /* WINS request */
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c
index c0b0d94167..eab88c842e 100644
--- a/source3/nsswitch/winbindd_user.c
+++ b/source3/nsswitch/winbindd_user.c
@@ -575,6 +575,7 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state)
{
struct winbindd_domain *domain;
WINBIND_USERINFO *info;
+ const char *which_domain;
uint32 num_entries = 0, total_entries = 0;
char *ted, *extra_data = NULL;
int extra_data_len = 0;
@@ -586,13 +587,24 @@ enum winbindd_result winbindd_list_users(struct winbindd_cli_state *state)
if (!(mem_ctx = talloc_init("winbindd_list_users")))
return WINBINDD_ERROR;
+ /* Ensure null termination */
+ state->request.domain_name[sizeof(state->request.domain_name)-1]='\0';
+ which_domain = state->request.domain_name;
+
/* Enumerate over trusted domains */
for (domain = domain_list(); domain; domain = domain->next) {
NTSTATUS status;
struct winbindd_methods *methods;
unsigned int i;
-
+
+ /* if we have a domain name restricting the request and this
+ one in the list doesn't match, then just bypass the remainder
+ of the loop */
+
+ if ( *which_domain && !strequal(which_domain, domain->name) )
+ continue;
+
methods = domain->methods;
/* Query display info */