summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/idmap.c78
1 files changed, 78 insertions, 0 deletions
diff --git a/source3/winbindd/idmap.c b/source3/winbindd/idmap.c
index c547262d81..c4d26d8646 100644
--- a/source3/winbindd/idmap.c
+++ b/source3/winbindd/idmap.c
@@ -229,6 +229,84 @@ static struct idmap_domain *idmap_init_domain(TALLOC_CTX *mem_ctx,
goto fail;
}
+ /*
+ * load ranges and read only information from the config
+ */
+ if (strequal(result->name, "*")) {
+ /*
+ * The default domain "*" is configured differently
+ * from named domains.
+ */
+ uid_t low_uid = 0;
+ uid_t high_uid = 0;
+ gid_t low_gid = 0;
+ gid_t high_gid = 0;
+
+ result->low_id = 0;
+ result->high_id = 0;
+
+ if (!lp_idmap_uid(&low_uid, &high_uid)) {
+ DEBUG(1, ("Error: 'idmap uid' not set!\n"));
+ goto fail;
+ }
+
+ result->low_id = low_uid;
+ result->high_id = high_uid;
+
+ if (!lp_idmap_gid(&low_gid, &high_gid)) {
+ DEBUG(1, ("Error: 'idmap gid' not set!\n"));
+ goto fail;
+ }
+
+ if ((low_gid != low_uid) || (high_gid != high_uid)) {
+ DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'"
+ " ranges do not agree -- building "
+ "intersection\n"));
+ result->low_id = MAX(result->low_id, low_gid);
+ result->high_id = MIN(result->high_id, high_gid);
+ }
+
+ result->read_only = lp_idmap_read_only();
+ } else {
+ char *config_option = NULL;
+ const char *range;
+
+ config_option = talloc_asprintf(result, "idmap config %s",
+ result->name);
+ if (config_option == NULL) {
+ DEBUG(0, ("Out of memory!\n"));
+ goto fail;
+ }
+
+ range = lp_parm_const_string(-1, config_option, "range", NULL);
+ if (range == NULL) {
+ DEBUG(1, ("Error: idmap range not specified for "
+ "domain %s\n", result ->name));
+ goto fail;
+ }
+
+ if (sscanf(range, "%u - %u", &result->low_id, &result->high_id)
+ != 2)
+ {
+ DEBUG(1, ("Error: invalid range '%s' specified for "
+ "domain %s\n", range, result->name));
+ goto fail;
+ }
+
+ result->read_only = lp_parm_bool(-1, config_option, "read only",
+ false);
+
+ talloc_free(config_option);
+ }
+
+ if (result->low_id > result->high_id) {
+ DEBUG(1, ("Error: invalid idmap range detected: "
+ "%lu - %lu\n",
+ (unsigned long)result->low_id,
+ (unsigned long)result->high_id));
+ goto fail;
+ }
+
result->methods = get_methods(modulename);
if (result->methods == NULL) {
DEBUG(3, ("idmap backend %s not found\n", modulename));