diff options
Diffstat (limited to 'source3/sam')
-rw-r--r-- | source3/sam/idmap.c | 93 | ||||
-rw-r--r-- | source3/sam/idmap_tdb.c | 54 | ||||
-rw-r--r-- | source3/sam/idmap_winbind.c | 108 |
3 files changed, 170 insertions, 85 deletions
diff --git a/source3/sam/idmap.c b/source3/sam/idmap.c index b18423a13b..0e55ca5141 100644 --- a/source3/sam/idmap.c +++ b/source3/sam/idmap.c @@ -17,8 +17,7 @@ You should have received a copy of the GNU General Public License along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.*/ #include "includes.h" @@ -34,14 +33,13 @@ static struct { } remote_idmap_functions[] = { - { "tdb", idmap_reg_tdb, NULL }, - /* { "ldap", idmap_reg_ldap, NULL },*/ + { "winbind", idmap_reg_winbind, NULL }, { NULL, NULL, NULL } }; -static struct idmap_methods *local_cache; -static struct idmap_methods *remote_repo; +static struct idmap_methods *local_map; +static struct idmap_methods *remote_map; static struct idmap_methods *get_methods(const char *name) { @@ -64,48 +62,33 @@ static struct idmap_methods *get_methods(const char *name) return ret; } -/* Load idmap backend functions */ -BOOL load_methods(void) +/* Initialize backend */ +BOOL idmap_init(const char *remote_backend) { - if (!local_cache) { - idmap_reg_tdb(&local_cache); + if (!local_map) { + idmap_reg_tdb(&local_map); + local_map->init("idmap.tdb"); } - if (!remote_repo && lp_idmap_backend()) { - DEBUG(3, ("load_methods: using '%s' as remote backend\n", lp_idmap_backend())); + if (!remote_map && remote_backend && *remote_backend != 0) { + DEBUG(3, ("load_methods: using '%s' as remote backend\n", remote_backend)); - remote_repo = get_methods(lp_idmap_backend()); - if (!remote_repo) { - DEBUG(0, ("load_methods: could not load remote backend '%s'\n", lp_idmap_backend())); + remote_map = get_methods(remote_backend); + if (!remote_map) { + DEBUG(0, ("load_methods: could not load remote backend '%s'\n", remote_backend)); return False; } + remote_map->init(""); } - idmap_init(); - return True; } -/* Initialize backend */ -NTSTATUS idmap_init(void) +NTSTATUS idmap_set_mapping(const DOM_SID *sid, unid_t id, int id_type) { NTSTATUS ret; - ret = remote_repo->init("idmap.tdb"); - if (NT_STATUS_IS_ERR(ret)) { - DEBUG(3, ("idmap_init: init failed!\n")); - } - - return ret; -} - -static NTSTATUS idmap_set_mapping(DOM_SID *sid, unid_t id, int id_type) -{ - NTSTATUS ret; - - if (!load_methods()) return NT_STATUS_UNSUCCESSFUL; - - ret = local_cache->set_mapping(sid, id, id_type); + ret = local_map->set_mapping(sid, id, id_type); if (NT_STATUS_IS_ERR(ret)) { DEBUG (0, ("idmap_set_mapping: Error, unable to modify local cache!\n")); return ret; @@ -113,8 +96,8 @@ static NTSTATUS idmap_set_mapping(DOM_SID *sid, unid_t id, int id_type) /* Being able to update the remote cache is seldomly right. Generally this is a forbidden operation. */ - if (!(id_type & ID_CACHE) && (remote_repo != NULL)) { - remote_repo->set_mapping(sid, id, id_type); + if (!(id_type & ID_CACHE) && (remote_map != NULL)) { + remote_map->set_mapping(sid, id, id_type); if (NT_STATUS_IS_ERR(ret)) { DEBUG (0, ("idmap_set_mapping: Error, unable to modify remote cache!\n")); } @@ -124,23 +107,22 @@ static NTSTATUS idmap_set_mapping(DOM_SID *sid, unid_t id, int id_type) } /* Get ID from SID */ -NTSTATUS idmap_get_id_from_sid(unid_t *id, int *id_type, DOM_SID *sid) +NTSTATUS idmap_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) { NTSTATUS ret; int loc_type; - if (!load_methods()) return NT_STATUS_UNSUCCESSFUL; - loc_type = *id_type; - if (remote_repo) { /* We have a central remote idmap */ + if (remote_map) { /* We have a central remote idmap */ loc_type |= ID_NOMAP; } - ret = local_cache->get_id_from_sid(id, &loc_type, sid); + ret = local_map->get_id_from_sid(id, &loc_type, sid); if (NT_STATUS_IS_ERR(ret)) { - if (remote_repo) { - ret = remote_repo->get_id_from_sid(id, id_type, sid); + if (remote_map) { + ret = remote_map->get_id_from_sid(id, id_type, sid); if (NT_STATUS_IS_ERR(ret)) { DEBUG(3, ("idmap_get_id_from_sid: error fetching id!\n")); + return ret; } else { loc_type |= ID_CACHE; idmap_set_mapping(sid, *id, loc_type); @@ -159,18 +141,17 @@ NTSTATUS idmap_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) NTSTATUS ret; int loc_type; - if (!load_methods()) return NT_STATUS_UNSUCCESSFUL; - loc_type = id_type; - if (remote_repo) { + if (remote_map) { loc_type = id_type | ID_NOMAP; } - ret = local_cache->get_sid_from_id(sid, id, loc_type); + ret = local_map->get_sid_from_id(sid, id, loc_type); if (NT_STATUS_IS_ERR(ret)) { - if (remote_repo) { - ret = remote_repo->get_sid_from_id(sid, id, id_type); + if (remote_map) { + ret = remote_map->get_sid_from_id(sid, id, id_type); if (NT_STATUS_IS_ERR(ret)) { DEBUG(3, ("idmap_get_sid_from_id: unable to fetch sid!\n")); + return ret; } else { loc_type |= ID_CACHE; idmap_set_mapping(sid, id, loc_type); @@ -186,15 +167,13 @@ NTSTATUS idmap_close(void) { NTSTATUS ret; - if (!load_methods()) return NT_STATUS_UNSUCCESSFUL; - - ret = local_cache->close(); + ret = local_map->close(); if (NT_STATUS_IS_ERR(ret)) { DEBUG(3, ("idmap_close: failed to close local cache!\n")); } - if (remote_repo) { - ret = remote_repo->close(); + if (remote_map) { + ret = remote_map->close(); if (NT_STATUS_IS_ERR(ret)) { DEBUG(3, ("idmap_close: failed to close remote idmap repository!\n")); } @@ -206,9 +185,7 @@ NTSTATUS idmap_close(void) /* Dump backend status */ void idmap_status(void) { - if (load_methods()) { - local_cache->status(); - remote_repo->status(); - } + local_map->status(); + if (remote_map) remote_map->status(); } diff --git a/source3/sam/idmap_tdb.c b/source3/sam/idmap_tdb.c index 4af46ac8d3..72c602664c 100644 --- a/source3/sam/idmap_tdb.c +++ b/source3/sam/idmap_tdb.c @@ -37,7 +37,7 @@ /* Globals */ static TDB_CONTEXT *idmap_tdb; -struct idmap_state { +static struct idmap_state { /* User and group id pool */ @@ -183,7 +183,7 @@ static BOOL tdb_idmap_convert(const char *idmap_name) #endif /* Allocate either a user or group id from the pool */ -static NTSTATUS tdb_allocate_id(unid_t *id, int id_type) +static NTSTATUS db_allocate_id(unid_t *id, int id_type) { int hwm; @@ -229,7 +229,7 @@ static NTSTATUS tdb_allocate_id(unid_t *id, int id_type) } /* Get a sid from an id */ -static NTSTATUS tdb_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) +static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) { TDB_DATA key, data; fstring keystr; @@ -239,13 +239,13 @@ static NTSTATUS tdb_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) switch (id_type & ID_TYPEMASK) { case ID_USERID: - slprintf(keystr, sizeof(keystr), "UID %d", id.uid); - break; + slprintf(keystr, sizeof(keystr), "UID %d", id.uid); + break; case ID_GROUPID: - slprintf(keystr, sizeof(keystr), "GID %d", id.gid); - break; + slprintf(keystr, sizeof(keystr), "GID %d", id.gid); + break; default: - return NT_STATUS_UNSUCCESSFUL; + return NT_STATUS_UNSUCCESSFUL; } key.dptr = keystr; @@ -264,7 +264,7 @@ static NTSTATUS tdb_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) } /* Get an id from a sid */ -static NTSTATUS tdb_get_id_from_sid(unid_t *id, int *id_type, DOM_SID *sid) +static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, DOM_SID *sid) { TDB_DATA data, key; fstring keystr; @@ -288,7 +288,7 @@ static NTSTATUS tdb_get_id_from_sid(unid_t *id, int *id_type, DOM_SID *sid) /* Parse and return existing uid */ fstrcpy(scanstr, "UID %d"); - if (sscanf(data.dptr, scanstr, (*id).uid) == 1) { + if (sscanf(data.dptr, scanstr, &((*id).uid)) == 1) { /* uid ok? */ if (type == ID_EMPTY) { *id_type = ID_USERID; @@ -302,7 +302,7 @@ static NTSTATUS tdb_get_id_from_sid(unid_t *id, int *id_type, DOM_SID *sid) /* Parse and return existing gid */ fstrcpy(scanstr, "GID %d"); - if (sscanf(data.dptr, scanstr, (*id).gid) == 1) { + if (sscanf(data.dptr, scanstr, &((*id).gid)) == 1) { /* gid ok? */ if (type == ID_EMPTY) { *id_type = ID_GROUPID; @@ -318,7 +318,7 @@ idok: || (*id_type & ID_TYPEMASK) == ID_GROUPID)) { /* Allocate a new id for this sid */ - ret = tdb_allocate_id(id, *id_type); + ret = db_allocate_id(id, *id_type); if (NT_STATUS_IS_OK(ret)) { fstring keystr2; @@ -332,11 +332,11 @@ idok: data.dptr = keystr2; data.dsize = strlen(keystr2) + 1; - if (tdb_store(idmap_tdb, key, data, TDB_INSERT) == -1) { + if (tdb_store(idmap_tdb, key, data, TDB_REPLACE) == -1) { /* TODO: print tdb error !! */ return NT_STATUS_UNSUCCESSFUL; } - if (tdb_store(idmap_tdb, data, key, TDB_INSERT) == -1) { + if (tdb_store(idmap_tdb, data, key, TDB_REPLACE) == -1) { /* TODO: print tdb error !! */ return NT_STATUS_UNSUCCESSFUL; } @@ -344,11 +344,11 @@ idok: ret = NT_STATUS_OK; } } - + return ret; } -static NTSTATUS tdb_set_mapping(DOM_SID *sid, unid_t id, int id_type) +static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) { TDB_DATA ksid, kid; fstring ksidstr; @@ -387,7 +387,7 @@ static NTSTATUS tdb_set_mapping(DOM_SID *sid, unid_t id, int id_type) /***************************************************************************** Initialise idmap database. *****************************************************************************/ -static NTSTATUS tdb_idmap_init(const char *db_name) +static NTSTATUS db_idmap_init(const char *db_name) { /* Open tdb cache */ if (!(idmap_tdb = tdb_open_log(lock_path(db_name), 0, @@ -425,7 +425,7 @@ static NTSTATUS tdb_idmap_init(const char *db_name) } /* Close the tdb */ -static NTSTATUS tdb_idmap_close(void) +static NTSTATUS db_idmap_close(void) { if (idmap_tdb) { if (tdb_close(idmap_tdb) == 0) { @@ -449,7 +449,7 @@ static NTSTATUS tdb_idmap_close(void) #define DUMP_INFO 0 -static void tdb_idmap_status(void) +static void db_idmap_status(void) { int user_hwm, group_hwm; @@ -506,20 +506,20 @@ static void tdb_idmap_status(void) /* Display complete mapping of users and groups to rids */ } -struct idmap_methods tdb_idmap_methods = { +struct idmap_methods db_methods = { - tdb_idmap_init, - tdb_get_sid_from_id, - tdb_get_id_from_sid, - tdb_set_mapping, - tdb_idmap_close, - tdb_idmap_status + db_idmap_init, + db_get_sid_from_id, + db_get_id_from_sid, + db_set_mapping, + db_idmap_close, + db_idmap_status }; NTSTATUS idmap_reg_tdb(struct idmap_methods **meth) { - *meth = &tdb_idmap_methods; + *meth = &db_methods; return NT_STATUS_OK; } diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c new file mode 100644 index 0000000000..a5ba658674 --- /dev/null +++ b/source3/sam/idmap_winbind.c @@ -0,0 +1,108 @@ +/* + Unix SMB/CIFS implementation. + + idmap Winbind backend + + Copyright (C) Simo Sorce 2003 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +#undef DBGC_CLASS +#define DBGC_CLASS DBGC_IDMAP + +/* Get a sid from an id */ +static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) { + switch (id_type & ID_TYPEMASK) { + case ID_USERID: + if (winbind_uid_to_sid(sid, id.uid)) { + return NT_STATUS_OK; + } + break; + case ID_GROUPID: + if (winbind_gid_to_sid(sid, id.gid)) { + return NT_STATUS_OK; + } + break; + default: + return NT_STATUS_INVALID_PARAMETER; + } + + return NT_STATUS_UNSUCCESSFUL; +} + +/* Get an id from a sid */ +static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) { + switch (*id_type & ID_TYPEMASK) { + case ID_USERID: + if (winbind_sid_to_uid(&((*id).uid), sid)) { + return NT_STATUS_OK; + } + break; + case ID_GROUPID: + if (winbind_sid_to_gid(&((*id).gid), sid)) { + return NT_STATUS_OK; + } + break; + default: + if (winbind_sid_to_uid(&((*id).uid), sid) || + winbind_sid_to_gid(&((*id).gid), sid)) { + return NT_STATUS_OK; + } + } + + return NT_STATUS_UNSUCCESSFUL; +} + +static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) { + return NT_STATUS_UNSUCCESSFUL; +} + +/***************************************************************************** + Initialise idmap database. +*****************************************************************************/ +static NTSTATUS db_init(const char *db_name) { + return NT_STATUS_OK; +} + +/* Close the tdb */ +static NTSTATUS db_close(void) { + return NT_STATUS_OK; +} + +static void db_status(void) { + return; +} + +struct idmap_methods winbind_methods = { + + db_init, + db_get_sid_from_id, + db_get_id_from_sid, + db_set_mapping, + db_close, + db_status + +}; + +NTSTATUS idmap_reg_winbind(struct idmap_methods **meth) +{ + *meth = &winbind_methods; + + return NT_STATUS_OK; +} + |