diff options
Diffstat (limited to 'source3/utils/smbpasswd.c')
-rw-r--r-- | source3/utils/smbpasswd.c | 105 |
1 files changed, 58 insertions, 47 deletions
diff --git a/source3/utils/smbpasswd.c b/source3/utils/smbpasswd.c index 70bf551edb..a96fad0cdb 100644 --- a/source3/utils/smbpasswd.c +++ b/source3/utils/smbpasswd.c @@ -30,13 +30,20 @@ extern char *optarg; extern int optind; /* forced running in root-mode */ +static BOOL local_mode; static BOOL got_pass = False, got_username = False; +static int local_flags = 0; static BOOL stdin_passwd_get = False; static fstring user_name, user_password; +static char *new_domain = NULL; static char *new_passwd = NULL; +static char *old_passwd = NULL; static char *remote_machine = NULL; +static pstring configfile; +#ifdef WITH_LDAP_SAM static fstring ldap_secret; +#endif /********************************************************* Print command usage on stderr and die. @@ -64,7 +71,9 @@ static void usage(void) printf(" -i interdomain trust account\n"); printf(" -m machine trust account\n"); printf(" -n set no password\n"); +#ifdef WITH_LDAP_SAM printf(" -w ldap admin password\n"); +#endif printf(" -x delete user\n"); printf(" -R ORDER name resolve order\n"); @@ -79,55 +88,62 @@ static void set_line_buffering(FILE *f) /******************************************************************* Process command line options ******************************************************************/ -static int process_options(int argc, char **argv, int local_flags) +static void process_options(int argc, char **argv, BOOL amroot) { int ch; - pstring configfile; - pstrcpy(configfile, dyn_CONFIGFILE); - local_flags |= LOCAL_SET_PASSWORD; + if (amroot) + local_flags = LOCAL_SET_PASSWORD; ZERO_STRUCT(user_name); ZERO_STRUCT(user_password); user_name[0] = '\0'; - while ((ch = getopt(argc, argv, "c:axdehmnjr:sw:R:D:U:L")) != EOF) { + while ((ch = getopt(argc, argv, "c:axdehmnj:r:sw:R:D:U:L")) != EOF) { switch(ch) { case 'L': - local_flags |= LOCAL_AM_ROOT; + local_mode = amroot = True; + local_flags = LOCAL_SET_PASSWORD; break; case 'c': pstrcpy(configfile,optarg); break; case 'a': + if (!amroot) goto bad_args; local_flags |= LOCAL_ADD_USER; break; case 'x': + if (!amroot) goto bad_args; local_flags |= LOCAL_DELETE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'd': + if (!amroot) goto bad_args; local_flags |= LOCAL_DISABLE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'e': + if (!amroot) goto bad_args; local_flags |= LOCAL_ENABLE_USER; local_flags &= ~LOCAL_SET_PASSWORD; break; case 'm': + if (!amroot) goto bad_args; local_flags |= LOCAL_TRUST_ACCOUNT; break; case 'i': + if (!amroot) goto bad_args; local_flags |= LOCAL_INTERDOM_ACCOUNT; break; case 'j': + if (!amroot) goto bad_args; d_printf("See 'net rpc join' for this functionality\n"); exit(1); break; case 'n': + if (!amroot) goto bad_args; local_flags |= LOCAL_SET_NO_PASSWORD; - local_flags &= ~LOCAL_SET_PASSWORD; new_passwd = smb_xstrdup("NO PASSWORD"); break; case 'r': @@ -140,10 +156,17 @@ static int process_options(int argc, char **argv, int local_flags) stdin_passwd_get = True; break; case 'w': + if (!amroot) goto bad_args; +#ifdef WITH_LDAP_SAM local_flags |= LOCAL_SET_LDAP_ADMIN_PW; fstrcpy(ldap_secret, optarg); break; +#else + printf("-w not available unless configured --with-ldap\n"); + goto bad_args; +#endif case 'R': + if (!amroot) goto bad_args; lp_set_name_resolve_order(optarg); break; case 'D': @@ -167,6 +190,7 @@ static int process_options(int argc, char **argv, int local_flags) } case 'h': default: +bad_args: usage(); } } @@ -180,21 +204,17 @@ static int process_options(int argc, char **argv, int local_flags) fstrcpy(user_name, ""); break; case 1: - if (!(local_flags & LOCAL_AM_ROOT)) { + if (!amroot) { new_passwd = argv[0]; - } else { - if (got_username) { - usage(); - } else { - fstrcpy(user_name, argv[0]); - } + break; } + if (got_username) + usage(); + fstrcpy(user_name, argv[0]); break; case 2: - if (!(local_flags & LOCAL_AM_ROOT) || got_username || got_pass) { + if (!amroot || got_username || got_pass) usage(); - } - fstrcpy(user_name, argv[0]); new_passwd = smb_xstrdup(argv[1]); break; @@ -202,13 +222,6 @@ static int process_options(int argc, char **argv, int local_flags) usage(); } - if (!lp_load(configfile,True,False,False)) { - fprintf(stderr, "Can't load %s - run testparm to debug it\n", - dyn_CONFIGFILE); - exit(1); - } - - return local_flags; } /************************************************************* @@ -316,6 +329,7 @@ static BOOL password_change(const char *remote_machine, char *user_name, return ret; } +#ifdef WITH_LDAP_SAM /******************************************************************* Store the LDAP admin password in secrets.tdb ******************************************************************/ @@ -329,18 +343,19 @@ static BOOL store_ldap_admin_pw (char* pw) return secrets_store_ldap_pw(lp_ldap_admin_dn(), pw); } +#endif /************************************************************* Handle password changing for root. *************************************************************/ -static int process_root(int local_flags) +static int process_root(void) { struct passwd *pwd; int result = 0; - char *old_passwd = NULL; +#ifdef WITH_LDAP_SAM if (local_flags & LOCAL_SET_LDAP_ADMIN_PW) { printf("Setting stored password for \"%s\" in secrets.tdb\n", @@ -349,6 +364,7 @@ static int process_root(int local_flags) DEBUG(0,("ERROR: Failed to store the ldap admin password!\n")); goto done; } +#endif /* * Ensure both add/delete user are not set @@ -367,9 +383,8 @@ static int process_root(int local_flags) load_interfaces(); } - if (!user_name[0] && (pwd = getpwuid_alloc(geteuid()))) { + if (!user_name[0] && (pwd = sys_getpwuid(geteuid()))) { fstrcpy(user_name, pwd->pw_name); - passwd_free(&pwd); } if (!user_name[0]) { @@ -493,22 +508,15 @@ static int process_root(int local_flags) Handle password changing for non-root. *************************************************************/ -static int process_nonroot(int local_flags) +static int process_nonroot(void) { struct passwd *pwd = NULL; int result = 0; - char *old_passwd = NULL; - - if (local_flags & ~(LOCAL_AM_ROOT | LOCAL_SET_PASSWORD)) { - /* Extra flags that we can't honor non-root */ - usage(); - } if (!user_name[0]) { - pwd = getpwuid_alloc(getuid()); + pwd = sys_getpwuid(getuid()); if (pwd) { fstrcpy(user_name,pwd->pw_name); - passwd_free(&pwd); } else { fprintf(stderr, "smbpasswd: you don't exist - go away\n"); exit(1); @@ -562,22 +570,25 @@ static int process_nonroot(int local_flags) **********************************************************/ int main(int argc, char **argv) { - int local_flags = 0; - + BOOL amroot = getuid() == 0; + + pstrcpy(configfile, dyn_CONFIGFILE); AllowDebugChange = False; #if defined(HAVE_SET_AUTH_PARAMETERS) set_auth_parameters(argc, argv); #endif /* HAVE_SET_AUTH_PARAMETERS */ - if (getuid() == 0) { - local_flags = LOCAL_AM_ROOT; - } - - local_flags = process_options(argc, argv, local_flags); + process_options(argc, argv, amroot); setup_logging("smbpasswd", True); + if (!lp_load(configfile,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + dyn_CONFIGFILE); + exit(1); + } + /* * Set the machine NETBIOS name if not already * set from the config file. @@ -597,10 +608,10 @@ int main(int argc, char **argv) exit(1); } - if (local_flags & LOCAL_AM_ROOT) { + if (local_mode || amroot) { secrets_init(); - return process_root(local_flags); + return process_root(); } - return process_nonroot(local_flags); + return process_nonroot(); } |