diff options
Diffstat (limited to 'source3/utils')
-rw-r--r-- | source3/utils/net_idmap.c | 65 |
1 files changed, 65 insertions, 0 deletions
diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c index 2a060d2f49..7ac2a82f6e 100644 --- a/source3/utils/net_idmap.c +++ b/source3/utils/net_idmap.c @@ -284,6 +284,70 @@ int net_help_idmap(int argc, const char **argv) return -1; } +static int net_idmap_aclmapset(int argc, const char **argv) +{ + TALLOC_CTX *mem_ctx; + int result = -1; + DOM_SID src_sid, dst_sid; + char *src, *dst; + struct db_context *db; + struct db_record *rec; + NTSTATUS status; + + if (argc != 3) { + d_fprintf(stderr, "usage: net idmap aclmapset <tdb> " + "<src-sid> <dst-sid>\n"); + return -1; + } + + if (!(mem_ctx = talloc_init("net idmap aclmapset"))) { + d_fprintf(stderr, "talloc_init failed\n"); + return -1; + } + + if (!(db = db_open(mem_ctx, argv[0], 0, TDB_DEFAULT, + O_RDWR|O_CREAT, 0600))) { + d_fprintf(stderr, "db_open failed: %s\n", strerror(errno)); + goto fail; + } + + if (!string_to_sid(&src_sid, argv[1])) { + d_fprintf(stderr, "%s is not a valid sid\n", argv[1]); + goto fail; + } + + if (!string_to_sid(&dst_sid, argv[2])) { + d_fprintf(stderr, "%s is not a valid sid\n", argv[2]); + goto fail; + } + + if (!(src = sid_string_talloc(mem_ctx, &src_sid)) + || !(dst = sid_string_talloc(mem_ctx, &dst_sid))) { + d_fprintf(stderr, "talloc_strdup failed\n"); + goto fail; + } + + if (!(rec = db->fetch_locked( + db, mem_ctx, string_term_tdb_data(src)))) { + d_fprintf(stderr, "could not fetch db record\n"); + goto fail; + } + + status = rec->store(rec, string_term_tdb_data(dst), 0); + TALLOC_FREE(rec); + + if (!NT_STATUS_IS_OK(status)) { + d_fprintf(stderr, "could not store record: %s\n", + nt_errstr(status)); + goto fail; + } + + result = 0; +fail: + TALLOC_FREE(mem_ctx); + return result; +} + /*********************************************************** Look at the current idmap **********************************************************/ @@ -295,6 +359,7 @@ int net_idmap(int argc, const char **argv) {"setmap", net_idmap_set }, {"delete", net_idmap_delete}, {"secret", net_idmap_secret}, + {"aclmapset", net_idmap_aclmapset}, {"help", net_help_idmap}, {NULL, NULL} }; |