summaryrefslogtreecommitdiff
path: root/source3/winbindd
diff options
context:
space:
mode:
Diffstat (limited to 'source3/winbindd')
-rw-r--r--source3/winbindd/idmap_tdb.c5
-rw-r--r--source3/winbindd/winbindd.c227
-rw-r--r--source3/winbindd/winbindd_cache.c1
-rw-r--r--source3/winbindd/winbindd_cm.c9
-rw-r--r--source3/winbindd/winbindd_dual.c13
-rw-r--r--source3/winbindd/winbindd_group.c6
-rw-r--r--source3/winbindd/winbindd_proto.h5
-rw-r--r--source3/winbindd/winbindd_user.c26
8 files changed, 191 insertions, 101 deletions
diff --git a/source3/winbindd/idmap_tdb.c b/source3/winbindd/idmap_tdb.c
index 99821ae501..481ac1b9ad 100644
--- a/source3/winbindd/idmap_tdb.c
+++ b/source3/winbindd/idmap_tdb.c
@@ -28,6 +28,11 @@
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_IDMAP
+/* idmap version determines auto-conversion - this is the database
+ structure version specifier. */
+
+#define IDMAP_VERSION 2
+
/* High water mark keys */
#define HWM_GROUP "GROUP HWM"
#define HWM_USER "USER HWM"
diff --git a/source3/winbindd/winbindd.c b/source3/winbindd/winbindd.c
index fad27ea224..5720bfc517 100644
--- a/source3/winbindd/winbindd.c
+++ b/source3/winbindd/winbindd.c
@@ -173,36 +173,161 @@ static void terminate(bool is_parent)
exit(0);
}
-static SIG_ATOMIC_T do_sigterm = 0;
+static void winbindd_sig_term_handler(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ bool *is_parent = talloc_get_type_abort(private_data, bool);
+
+ DEBUG(0,("Got sig[%d] terminate (is_parent=%d)\n",
+ signum, (int)*is_parent));
+ terminate(*is_parent);
+}
-static void termination_handler(int signum)
+bool winbindd_setup_sig_term_handler(bool parent)
{
- do_sigterm = 1;
- sys_select_signal(signum);
+ struct tevent_signal *se;
+ bool *is_parent;
+
+ is_parent = talloc(winbind_event_context(), bool);
+ if (!is_parent) {
+ return false;
+ }
+
+ *is_parent = parent;
+
+ se = tevent_add_signal(winbind_event_context(),
+ is_parent,
+ SIGTERM, 0,
+ winbindd_sig_term_handler,
+ is_parent);
+ if (!se) {
+ DEBUG(0,("failed to setup SIGTERM handler"));
+ talloc_free(is_parent);
+ return false;
+ }
+
+ se = tevent_add_signal(winbind_event_context(),
+ is_parent,
+ SIGINT, 0,
+ winbindd_sig_term_handler,
+ is_parent);
+ if (!se) {
+ DEBUG(0,("failed to setup SIGINT handler"));
+ talloc_free(is_parent);
+ return false;
+ }
+
+ se = tevent_add_signal(winbind_event_context(),
+ is_parent,
+ SIGQUIT, 0,
+ winbindd_sig_term_handler,
+ is_parent);
+ if (!se) {
+ DEBUG(0,("failed to setup SIGINT handler"));
+ talloc_free(is_parent);
+ return false;
+ }
+
+ return true;
}
-static SIG_ATOMIC_T do_sigusr2 = 0;
+static void winbindd_sig_hup_handler(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ const char *file = (const char *)private_data;
+
+ DEBUG(1,("Reloading services after SIGHUP\n"));
+ flush_caches();
+ reload_services_file(file);
+}
-static void sigusr2_handler(int signum)
+bool winbindd_setup_sig_hup_handler(const char *lfile)
{
- do_sigusr2 = 1;
- sys_select_signal(SIGUSR2);
+ struct tevent_signal *se;
+ char *file = NULL;
+
+ if (lfile) {
+ file = talloc_strdup(winbind_event_context(),
+ lfile);
+ if (!file) {
+ return false;
+ }
+ }
+
+ se = tevent_add_signal(winbind_event_context(),
+ winbind_event_context(),
+ SIGHUP, 0,
+ winbindd_sig_hup_handler,
+ file);
+ if (!se) {
+ return false;
+ }
+
+ return true;
}
-static SIG_ATOMIC_T do_sighup = 0;
+static void winbindd_sig_chld_handler(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ pid_t pid;
+
+ while ((pid = sys_waitpid(-1, NULL, WNOHANG)) > 0) {
+ winbind_child_died(pid);
+ }
+}
-static void sighup_handler(int signum)
+static bool winbindd_setup_sig_chld_handler(void)
{
- do_sighup = 1;
- sys_select_signal(SIGHUP);
+ struct tevent_signal *se;
+
+ se = tevent_add_signal(winbind_event_context(),
+ winbind_event_context(),
+ SIGCHLD, 0,
+ winbindd_sig_chld_handler,
+ NULL);
+ if (!se) {
+ return false;
+ }
+
+ return true;
}
-static SIG_ATOMIC_T do_sigchld = 0;
+static void winbindd_sig_usr2_handler(struct tevent_context *ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ void *private_data)
+{
+ print_winbindd_status();
+}
-static void sigchld_handler(int signum)
+static bool winbindd_setup_sig_usr2_handler(void)
{
- do_sigchld = 1;
- sys_select_signal(SIGCHLD);
+ struct tevent_signal *se;
+
+ se = tevent_add_signal(winbind_event_context(),
+ winbind_event_context(),
+ SIGCHLD, 0,
+ winbindd_sig_usr2_handler,
+ NULL);
+ if (!se) {
+ return false;
+ }
+
+ return true;
}
/* React on 'smbcontrol winbindd reload-config' in the same way as on SIGHUP*/
@@ -224,7 +349,9 @@ static void msg_shutdown(struct messaging_context *msg,
struct server_id server_id,
DATA_BLOB *data)
{
- do_sigterm = 1;
+ /* only the parent waits for this message */
+ DEBUG(0,("Got shutdown message\n"));
+ terminate(true);
}
@@ -797,27 +924,6 @@ static bool remove_idle_client(void)
return False;
}
-/* check if HUP has been received and reload files */
-void winbind_check_sighup(const char *lfile)
-{
- if (do_sighup) {
-
- DEBUG(3, ("got SIGHUP\n"));
-
- flush_caches();
- reload_services_file(lfile);
-
- do_sighup = 0;
- }
-}
-
-/* check if TERM has been received */
-void winbind_check_sigterm(bool is_parent)
-{
- if (do_sigterm)
- terminate(is_parent);
-}
-
/* Process incoming clients on listen_sock. We use a tricky non-blocking,
non-forking, non-threaded model which allows us to handle many
simultaneous connections while remaining impervious to many denial of
@@ -979,26 +1085,6 @@ static void process_loop(void)
#if 0
winbindd_check_cache_size(time(NULL));
#endif
-
- /* Check signal handling things */
-
- winbind_check_sigterm(true);
- winbind_check_sighup(NULL);
-
- if (do_sigusr2) {
- print_winbindd_status();
- do_sigusr2 = 0;
- }
-
- if (do_sigchld) {
- pid_t pid;
-
- do_sigchld = 0;
-
- while ((pid = sys_waitpid(-1, NULL, WNOHANG)) > 0) {
- winbind_child_died(pid);
- }
- }
}
/* Main function */
@@ -1168,18 +1254,6 @@ int main(int argc, char **argv, char **envp)
BlockSignals(False, SIGHUP);
BlockSignals(False, SIGCHLD);
- /* Setup signal handlers */
-
- CatchSignal(SIGINT, termination_handler); /* Exit on these sigs */
- CatchSignal(SIGQUIT, termination_handler);
- CatchSignal(SIGTERM, termination_handler);
- CatchSignal(SIGCHLD, sigchld_handler);
-
- CatchSignal(SIGPIPE, SIG_IGN); /* Ignore sigpipe */
-
- CatchSignal(SIGUSR2, sigusr2_handler); /* Debugging sigs */
- CatchSignal(SIGHUP, sighup_handler);
-
if (!interactive)
become_daemon(Fork, no_process_group);
@@ -1207,6 +1281,19 @@ int main(int argc, char **argv, char **envp)
exit(1);
}
+ /* Setup signal handlers */
+
+ if (!winbindd_setup_sig_term_handler(true))
+ exit(1);
+ if (!winbindd_setup_sig_hup_handler(NULL))
+ exit(1);
+ if (!winbindd_setup_sig_chld_handler())
+ exit(1);
+ if (!winbindd_setup_sig_usr2_handler())
+ exit(1);
+
+ CatchSignal(SIGPIPE, SIG_IGN); /* Ignore sigpipe */
+
/*
* Ensure all cache and idmap caches are consistent
* and initialized before we startup.
diff --git a/source3/winbindd/winbindd_cache.c b/source3/winbindd/winbindd_cache.c
index a0df81eb6e..8326aba40a 100644
--- a/source3/winbindd/winbindd_cache.c
+++ b/source3/winbindd/winbindd_cache.c
@@ -25,6 +25,7 @@
#include "includes.h"
#include "winbindd.h"
+#include "tdb_validate.h"
#undef DBGC_CLASS
#define DBGC_CLASS DBGC_WINBIND
diff --git a/source3/winbindd/winbindd_cm.c b/source3/winbindd/winbindd_cm.c
index ab1218c560..35768fe7f2 100644
--- a/source3/winbindd/winbindd_cm.c
+++ b/source3/winbindd/winbindd_cm.c
@@ -961,15 +961,10 @@ static NTSTATUS cm_prepare_connection(const struct winbindd_domain *domain,
winbindd_set_locator_kdc_envs(domain);
- if (!cli_send_tconX(*cli, "IPC$", "IPC", "", 0)) {
-
- result = cli_nt_error(*cli);
+ result = cli_tcon_andx(*cli, "IPC$", "IPC", "", 0);
+ if (!NT_STATUS_IS_OK(result)) {
DEBUG(1,("failed tcon_X with %s\n", nt_errstr(result)));
-
- if (NT_STATUS_IS_OK(result))
- result = NT_STATUS_UNSUCCESSFUL;
-
goto done;
}
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c
index c320e96746..d40bab94ef 100644
--- a/source3/winbindd/winbindd_dual.c
+++ b/source3/winbindd/winbindd_dual.c
@@ -1160,6 +1160,12 @@ bool winbindd_reinit_after_fork(const char *logfilename)
reopen_logs();
}
+ if (!winbindd_setup_sig_term_handler(false))
+ return false;
+ if (!winbindd_setup_sig_hup_handler(override_logfile ? NULL :
+ logfilename))
+ return false;
+
/* Don't handle the same messages as our parent. */
messaging_deregister(winbind_messaging_context(),
MSG_SMB_CONF_UPDATED, NULL);
@@ -1354,7 +1360,7 @@ static bool fork_domain_child(struct winbindd_child *child)
}
if (child->domain && child->domain->primary &&
- !lp_use_kerberos_keytab() &&
+ !USE_KERBEROS_KEYTAB &&
lp_server_role() == ROLE_DOMAIN_MEMBER) {
struct timeval next_change;
@@ -1379,11 +1385,6 @@ static bool fork_domain_child(struct winbindd_child *child)
struct timeval now;
TALLOC_CTX *frame = talloc_stackframe();
- /* check for signals */
- winbind_check_sigterm(false);
- winbind_check_sighup(override_logfile ? NULL :
- child->logfilename);
-
if (run_events(winbind_event_context(), 0, NULL, NULL)) {
TALLOC_FREE(frame);
continue;
diff --git a/source3/winbindd/winbindd_group.c b/source3/winbindd/winbindd_group.c
index bc532bbce7..9d9b264124 100644
--- a/source3/winbindd/winbindd_group.c
+++ b/source3/winbindd/winbindd_group.c
@@ -1353,8 +1353,10 @@ void winbindd_getgrent(struct winbindd_cli_state *state)
sid_copy(&group_sid, &domain->sid);
sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid);
- if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain->name, &group_sid,
- &group_gid))) {
+ if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain->have_idmap_config
+ ? domain->name : "",
+ &group_sid, &group_gid)))
+ {
union unid_t id;
enum lsa_SidType type;
diff --git a/source3/winbindd/winbindd_proto.h b/source3/winbindd/winbindd_proto.h
index 594f8be942..977ee9c6b1 100644
--- a/source3/winbindd/winbindd_proto.h
+++ b/source3/winbindd/winbindd_proto.h
@@ -63,8 +63,8 @@ void setup_async_write(struct winbindd_fd_event *event, void *data, size_t lengt
void *private_data);
void request_error(struct winbindd_cli_state *state);
void request_ok(struct winbindd_cli_state *state);
-void winbind_check_sighup(const char *lfile);
-void winbind_check_sigterm(bool in_parent);
+bool winbindd_setup_sig_term_handler(bool parent);
+bool winbindd_setup_sig_hup_handler(const char *lfile);
int main(int argc, char **argv, char **envp);
/* The following definitions come from winbindd/winbindd_reqtrans.c */
@@ -498,7 +498,6 @@ void winbindd_lookupname(struct winbindd_cli_state *state);
void winbindd_lookuprids(struct winbindd_cli_state *state);
void winbindd_sid_to_uid(struct winbindd_cli_state *state);
void winbindd_sid_to_gid(struct winbindd_cli_state *state);
-void winbindd_sids_to_unixids(struct winbindd_cli_state *state);
void winbindd_set_mapping(struct winbindd_cli_state *state);
void winbindd_remove_mapping(struct winbindd_cli_state *state);
void winbindd_set_hwm(struct winbindd_cli_state *state);
diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c
index 5356e16a74..62fd4d7f07 100644
--- a/source3/winbindd/winbindd_user.c
+++ b/source3/winbindd/winbindd_user.c
@@ -80,9 +80,17 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
if (!pw || !dom_name || !user_name)
return False;
+ domain = find_domain_from_name_noinit(dom_name);
+ if (domain == NULL) {
+ DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s. "
+ "Disabling name alias support\n", dom_name));
+ nt_status = NT_STATUS_NO_SUCH_DOMAIN;
+ }
+
/* Resolve the uid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name, user_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_uid(domain->have_idmap_config ?
+ dom_name : "", user_sid,
&pw->pw_uid))) {
DEBUG(1, ("error getting user id for sid %s\n",
sid_string_dbg(user_sid)));
@@ -91,26 +99,18 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
/* Resolve the gid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name, group_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain->have_idmap_config ?
+ dom_name : "", group_sid,
&pw->pw_gid))) {
DEBUG(1, ("error getting group id for sid %s\n",
sid_string_dbg(group_sid)));
return False;
}
- strlower_m(user_name);
-
/* Username */
- domain = find_domain_from_name_noinit(dom_name);
- if (domain) {
- nt_status = normalize_name_map(ctx, domain, user_name,
- &mapped_name);
- } else {
- DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s. "
- "Disabling name alias support\n", dom_name));
- nt_status = NT_STATUS_NO_SUCH_DOMAIN;
- }
+ strlower_m(user_name);
+ nt_status = normalize_name_map(ctx, domain, user_name, &mapped_name);
/* Basic removal of whitespace */
if (NT_STATUS_IS_OK(nt_status)) {
generated by cgit (git 2.34.1) at 2024-11-08 11:59:14 +0000