diff options
Diffstat (limited to 'source3/utils/net_sam.c')
-rw-r--r-- | source3/utils/net_sam.c | 111 |
1 files changed, 58 insertions, 53 deletions
diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c index 467e441f60..4ebd8a9e69 100644 --- a/source3/utils/net_sam.c +++ b/source3/utils/net_sam.c @@ -299,7 +299,7 @@ static int net_sam_set_pwdmustchangenow(struct net_context *c, int argc, static int net_sam_set_comment(struct net_context *c, int argc, const char **argv) { - GROUP_MAP map; + GROUP_MAP *map; struct dom_sid sid; enum lsa_SidType type; const char *dom, *name; @@ -330,14 +330,24 @@ static int net_sam_set_comment(struct net_context *c, int argc, return -1; } - if (!pdb_getgrsid(&map, sid)) { + map = talloc_zero(talloc_tos(), GROUP_MAP); + if (!map) { + d_fprintf(stderr, _("Out of memory!\n")); + return -1; + } + + if (!pdb_getgrsid(map, sid)) { d_fprintf(stderr, _("Could not load group %s\n"), argv[0]); return -1; } - fstrcpy(map.comment, argv[1]); + map->comment = talloc_strdup(map, argv[1]); + if (!map->comment) { + d_fprintf(stderr, _("Out of memory!\n")); + return -1; + } - status = pdb_update_group_mapping_entry(&map); + status = pdb_update_group_mapping_entry(map); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, _("Updating group mapping entry failed with " @@ -348,6 +358,7 @@ static int net_sam_set_comment(struct net_context *c, int argc, d_printf("Updated comment of group %s\\%s to %s\n", dom, name, argv[1]); + TALLOC_FREE(map); return 0; } @@ -807,39 +818,33 @@ static int net_sam_rights(struct net_context *c, int argc, const char **argv) * Map a unix group to a domain group */ -static NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) +static NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *map) { - NTSTATUS status; - GROUP_MAP map; - const char *grpname, *dom, *name; + const char *dom, *name; uint32 rid; - if (pdb_getgrgid(&map, grp->gr_gid)) { + if (pdb_getgrgid(map, grp->gr_gid)) { return NT_STATUS_GROUP_EXISTS; } - map.gid = grp->gr_gid; - grpname = grp->gr_name; + map->gid = grp->gr_gid; - if (lookup_name(talloc_tos(), grpname, LOOKUP_NAME_LOCAL, + if (lookup_name(talloc_tos(), grp->gr_name, LOOKUP_NAME_LOCAL, &dom, &name, NULL, NULL)) { - const char *tmp = talloc_asprintf( - talloc_tos(), "Unix Group %s", grp->gr_name); + map->nt_name = talloc_asprintf(map, "Unix Group %s", + grp->gr_name); DEBUG(5, ("%s exists as %s\\%s, retrying as \"%s\"\n", - grpname, dom, name, tmp)); - grpname = tmp; + grp->gr_name, dom, name, map->nt_name)); } - if (lookup_name(talloc_tos(), grpname, LOOKUP_NAME_LOCAL, + if (lookup_name(talloc_tos(), grp->gr_name, LOOKUP_NAME_LOCAL, NULL, NULL, NULL, NULL)) { DEBUG(3, ("\"%s\" exists, can't map it\n", grp->gr_name)); return NT_STATUS_GROUP_EXISTS; } - fstrcpy(map.nt_name, grpname); - if (pdb_capabilities() & PDB_CAP_STORE_RIDS) { if (!pdb_new_rid(&rid)) { DEBUG(3, ("Could not get a new RID for %s\n", @@ -850,22 +855,17 @@ static NTSTATUS map_unix_group(const struct group *grp, GROUP_MAP *pmap) rid = algorithmic_pdb_gid_to_group_rid( grp->gr_gid ); } - sid_compose(&map.sid, get_global_sam_sid(), rid); - map.sid_name_use = SID_NAME_DOM_GRP; - fstrcpy(map.comment, talloc_asprintf(talloc_tos(), "Unix Group %s", - grp->gr_name)); + sid_compose(&map->sid, get_global_sam_sid(), rid); + map->sid_name_use = SID_NAME_DOM_GRP; + map->comment = talloc_asprintf(map, "Unix Group %s", grp->gr_name); - status = pdb_add_group_mapping_entry(&map); - if (NT_STATUS_IS_OK(status)) { - *pmap = map; - } - return status; + return pdb_add_group_mapping_entry(map); } static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **argv) { NTSTATUS status; - GROUP_MAP map; + GROUP_MAP *map; struct group *grp; if (argc != 1 || c->display_usage) { @@ -881,7 +881,13 @@ static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **ar return -1; } - status = map_unix_group(grp, &map); + map = talloc_zero(talloc_tos(), GROUP_MAP); + if (!map) { + d_fprintf(stderr, _("Out of memory!\n")); + return -1; + } + + status = map_unix_group(grp, map); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, _("Mapping group %s failed with %s\n"), @@ -890,8 +896,9 @@ static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **ar } d_printf(_("Mapped unix group %s to SID %s\n"), argv[0], - sid_string_tos(&map.sid)); + sid_string_tos(&map->sid)); + TALLOC_FREE(map); return 0; } @@ -899,24 +906,17 @@ static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **ar * Remove a group mapping */ -static NTSTATUS unmap_unix_group(const struct group *grp, GROUP_MAP *pmap) +static NTSTATUS unmap_unix_group(const struct group *grp) { - GROUP_MAP map; - const char *grpname; struct dom_sid dom_sid; - map.gid = grp->gr_gid; - grpname = grp->gr_name; - - if (!lookup_name(talloc_tos(), grpname, LOOKUP_NAME_LOCAL, + if (!lookup_name(talloc_tos(), grp->gr_name, LOOKUP_NAME_LOCAL, NULL, NULL, NULL, NULL)) { DEBUG(3, ("\"%s\" does not exist, can't unmap it\n", grp->gr_name)); return NT_STATUS_NO_SUCH_GROUP; } - fstrcpy(map.nt_name, grpname); - - if (!pdb_gid_to_sid(map.gid, &dom_sid)) { + if (!pdb_gid_to_sid(grp->gr_gid, &dom_sid)) { return NT_STATUS_UNSUCCESSFUL; } @@ -926,7 +926,6 @@ static NTSTATUS unmap_unix_group(const struct group *grp, GROUP_MAP *pmap) static int net_sam_unmapunixgroup(struct net_context *c, int argc, const char **argv) { NTSTATUS status; - GROUP_MAP map; struct group *grp; if (argc != 1 || c->display_usage) { @@ -943,7 +942,7 @@ static int net_sam_unmapunixgroup(struct net_context *c, int argc, const char ** return -1; } - status = unmap_unix_group(grp, &map); + status = unmap_unix_group(grp); if (!NT_STATUS_IS_OK(status)) { d_fprintf(stderr, _("Unmapping group %s failed with %s.\n"), @@ -1583,7 +1582,7 @@ static int net_sam_provision(struct net_context *c, int argc, const char **argv) char *ldap_uri = NULL; char *p; struct smbldap_state *ls; - GROUP_MAP gmap; + GROUP_MAP *gmap = NULL; struct dom_sid gsid; gid_t domusers_gid = -1; gid_t domadmins_gid = -1; @@ -1653,7 +1652,13 @@ static int net_sam_provision(struct net_context *c, int argc, const char **argv) sid_compose(&gsid, get_global_sam_sid(), DOMAIN_RID_USERS); - if (!pdb_getgrsid(&gmap, gsid)) { + gmap = talloc_zero(tc, GROUP_MAP); + if (!gmap) { + d_printf(_("Out of memory!\n")); + goto failed; + } + + if (!pdb_getgrsid(gmap, gsid)) { LDAPMod **mods = NULL; char *dn; char *uname; @@ -1710,16 +1715,16 @@ static int net_sam_provision(struct net_context *c, int argc, const char **argv) } if (is_ipa) { - if (!pdb_getgrsid(&gmap, gsid)) { + if (!pdb_getgrsid(gmap, gsid)) { d_fprintf(stderr, _("Failed to read just " "created domain group.\n")); goto failed; } else { - domusers_gid = gmap.gid; + domusers_gid = gmap->gid; } } } else { - domusers_gid = gmap.gid; + domusers_gid = gmap->gid; d_printf(_("found!\n")); } @@ -1729,7 +1734,7 @@ domu_done: sid_compose(&gsid, get_global_sam_sid(), DOMAIN_RID_ADMINS); - if (!pdb_getgrsid(&gmap, gsid)) { + if (!pdb_getgrsid(gmap, gsid)) { LDAPMod **mods = NULL; char *dn; char *uname; @@ -1786,16 +1791,16 @@ domu_done: } if (is_ipa) { - if (!pdb_getgrsid(&gmap, gsid)) { + if (!pdb_getgrsid(gmap, gsid)) { d_fprintf(stderr, _("Failed to read just " "created domain group.\n")); goto failed; } else { - domadmins_gid = gmap.gid; + domadmins_gid = gmap->gid; } } } else { - domadmins_gid = gmap.gid; + domadmins_gid = gmap->gid; d_printf(_("found!\n")); } @@ -2039,7 +2044,7 @@ doma_done: goto done; } - if (!pdb_getgrgid(&gmap, pwd->pw_gid)) { + if (!pdb_getgrgid(gmap, pwd->pw_gid)) { LDAPMod **mods = NULL; char *dn; char *uname; |