summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/pam_smbpass/pam_smb_acct.c1
-rw-r--r--source3/pam_smbpass/pam_smb_auth.c1
-rw-r--r--source3/pam_smbpass/pam_smb_passwd.c6
-rw-r--r--source3/passdb/pdb_interface.c6
-rw-r--r--source3/passdb/pdb_tdb.c14
-rw-r--r--source3/utils/pdbedit.c212
6 files changed, 215 insertions, 25 deletions
diff --git a/source3/pam_smbpass/pam_smb_acct.c b/source3/pam_smbpass/pam_smb_acct.c
index cf53e04d7e..8970ffa8ed 100644
--- a/source3/pam_smbpass/pam_smb_acct.c
+++ b/source3/pam_smbpass/pam_smb_acct.c
@@ -51,6 +51,7 @@ int pam_sm_acct_mgmt( pam_handle_t *pamh, int flags,
extern BOOL in_client;
/* Samba initialization. */
+ load_case_tables();
setup_logging( "pam_smbpass", False );
in_client = True;
diff --git a/source3/pam_smbpass/pam_smb_auth.c b/source3/pam_smbpass/pam_smb_auth.c
index f7980e2bb2..15726aa855 100644
--- a/source3/pam_smbpass/pam_smb_auth.c
+++ b/source3/pam_smbpass/pam_smb_auth.c
@@ -75,6 +75,7 @@ int pam_sm_authenticate(pam_handle_t *pamh, int flags,
/* Samba initialization. */
+ load_case_tables();
setup_logging("pam_smbpass",False);
in_client = True;
diff --git a/source3/pam_smbpass/pam_smb_passwd.c b/source3/pam_smbpass/pam_smb_passwd.c
index 8eca1d6aa9..79bcfb6ff0 100644
--- a/source3/pam_smbpass/pam_smb_passwd.c
+++ b/source3/pam_smbpass/pam_smb_passwd.c
@@ -103,6 +103,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
char *pass_new;
/* Samba initialization. */
+ load_case_tables();
setup_logging( "pam_smbpass", False );
in_client = True;
@@ -128,7 +129,7 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
from a SIGPIPE it's not expecting */
oldsig_handler = CatchSignal(SIGPIPE, SIGNAL_CAST SIG_IGN);
- if (!initialize_password_db(True)) {
+ if (!initialize_password_db(False)) {
_log_err( LOG_ALERT, "Cannot access samba password database" );
CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
return PAM_AUTHINFO_UNAVAIL;
@@ -145,6 +146,9 @@ int pam_sm_chauthtok(pam_handle_t *pamh, int flags,
CatchSignal(SIGPIPE, SIGNAL_CAST oldsig_handler);
return PAM_USER_UNKNOWN;
}
+ if (on( SMB_DEBUG, ctrl )) {
+ _log_err( LOG_DEBUG, "Located account for %s", user );
+ }
if (flags & PAM_PRELIM_CHECK) {
/*
diff --git a/source3/passdb/pdb_interface.c b/source3/passdb/pdb_interface.c
index 82890fee2d..7ff0214c72 100644
--- a/source3/passdb/pdb_interface.c
+++ b/source3/passdb/pdb_interface.c
@@ -273,15 +273,15 @@ BOOL pdb_getsampwnam(struct samu *sam_acct, const char *username)
return False;
}
- if (csamuser != NULL) {
+ if ( csamuser ) {
TALLOC_FREE(csamuser);
- csamuser = NULL;
}
pdb_force_pw_initialization( sam_acct );
- if ( (csamuser = samu_new( NULL )) != NULL )
+ if ( (csamuser = samu_new( NULL )) != NULL ) {
pdb_copy_sam_account(csamuser, sam_acct);
+ }
return True;
}
diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c
index 0bab02343e..b7161ff589 100644
--- a/source3/passdb/pdb_tdb.c
+++ b/source3/passdb/pdb_tdb.c
@@ -1006,7 +1006,6 @@ static NTSTATUS tdbsam_getsampwent(struct pdb_methods *my_methods, struct samu *
static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, struct samu *user, const char *sname)
{
- NTSTATUS result;
TDB_DATA data, key;
fstring keystr;
fstring name;
@@ -1039,8 +1038,8 @@ static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, struct samu
DEBUG(5,("pdb_getsampwnam (TDB): error fetching database.\n"));
DEBUGADD(5, (" Error: %s\n", tdb_errorstr(tdbsam)));
DEBUGADD(5, (" Key: %s\n", keystr));
- result = NT_STATUS_NO_SUCH_USER;
- goto done;
+ tdbsam_close();
+ return NT_STATUS_NO_SUCH_USER;
}
/* unpack the buffer */
@@ -1048,17 +1047,16 @@ static NTSTATUS tdbsam_getsampwnam (struct pdb_methods *my_methods, struct samu
if (!init_sam_from_buffer(user, (unsigned char *)data.dptr, data.dsize)) {
DEBUG(0,("pdb_getsampwent: Bad struct samu entry returned from TDB!\n"));
SAFE_FREE(data.dptr);
- result = NT_STATUS_NO_MEMORY;
- goto done;
+ tdbsam_close();
+ return NT_STATUS_NO_MEMORY;
}
- result = NT_STATUS_OK;
+ /* success */
- done:
SAFE_FREE(data.dptr);
tdbsam_close();
- return result;
+ return NT_STATUS_OK;
}
/***************************************************************************
diff --git a/source3/utils/pdbedit.c b/source3/utils/pdbedit.c
index d34c23193c..7d95d15bf2 100644
--- a/source3/utils/pdbedit.c
+++ b/source3/utils/pdbedit.c
@@ -55,6 +55,108 @@
#define MASK_USER_GOOD 0x00405FE0
/*********************************************************
+ Add all currently available users to another db
+ ********************************************************/
+
+static int export_database (struct pdb_methods *in,
+ struct pdb_methods *out,
+ const char *username)
+{
+ struct samu *user = NULL;
+ NTSTATUS status;
+
+ DEBUG(3, ("export_database: username=\"%s\"\n", username ? username : "(NULL)"));
+
+ status = in->setsampwent(in, 0, 0);
+ if ( NT_STATUS_IS_ERR(status) ) {
+ fprintf(stderr, "Unable to set account database iterator for %s!\n",
+ in->name);
+ return 1;
+ }
+
+ if ( ( user = samu_new( NULL ) ) == NULL ) {
+ fprintf(stderr, "export_database: Memory allocation failure!\n");
+ return 1;
+ }
+
+ while ( NT_STATUS_IS_OK(in->getsampwent(in, user)) )
+ {
+ DEBUG(4, ("Processing account %s\n", user->username));
+
+ /* If we don't have a specific user or if we do and
+ the login name matches */
+
+ if ( !username || (strcmp(username, user->username) == 0)) {
+ struct samu *account;
+
+ if ( (account = samu_new( NULL )) == NULL ) {
+ fprintf(stderr, "export_database: Memory allocation failure!\n");
+ TALLOC_FREE( user );
+ in->endsampwent( in );
+ return 1;
+ }
+
+ printf("Importing accout for %s...", user->username);
+ if ( !NT_STATUS_IS_OK(out->getsampwnam( out, account, user->username )) ) {
+ status = out->add_sam_account(out, user);
+ } else {
+ status = out->update_sam_account( out, user );
+ }
+
+ if ( NT_STATUS_IS_OK(status) ) {
+ printf( "ok\n");
+ } else {
+ printf( "failed\n");
+ }
+
+ TALLOC_FREE( account );
+ }
+
+ /* clean up and get ready for another run */
+
+ TALLOC_FREE( user );
+
+ if ( ( user = samu_new( NULL ) ) == NULL ) {
+ fprintf(stderr, "export_database: Memory allocation failure!\n");
+ return 1;
+ }
+ }
+
+ TALLOC_FREE( user );
+
+ in->endsampwent(in);
+
+ return 0;
+}
+
+/*********************************************************
+ Add all currently available group mappings to another db
+ ********************************************************/
+
+static int export_groups (struct pdb_methods *in, struct pdb_methods *out)
+{
+ GROUP_MAP *maps = NULL;
+ size_t i, entries = 0;
+ NTSTATUS status;
+
+ status = in->enum_group_mapping(in, get_global_sam_sid(),
+ SID_NAME_DOM_GRP, &maps, &entries, False);
+
+ if ( NT_STATUS_IS_ERR(status) ) {
+ fprintf(stderr, "Unable to enumerate group map entries.\n");
+ return 1;
+ }
+
+ for (i=0; i<entries; i++) {
+ out->add_group_mapping_entry(out, &(maps[i]));
+ }
+
+ SAFE_FREE( maps );
+
+ return 0;
+}
+
+/*********************************************************
Reset account policies to their default values and remove marker
********************************************************/
@@ -82,6 +184,45 @@ static int reinit_account_policies (void)
return 0;
}
+
+/*********************************************************
+ Add all currently available account policy from tdb to one backend
+ ********************************************************/
+
+static int export_account_policies (struct pdb_methods *in, struct pdb_methods *out)
+{
+ int i;
+
+ if (!account_policy_migrated(True)) {
+ fprintf(stderr, "Unable to set account policy marker in tdb\n");
+ return -1;
+ }
+
+ for ( i=1; decode_account_policy_name(i) != NULL; i++ ) {
+ uint32 policy_value;
+ NTSTATUS status;
+
+ status = in->get_account_policy(in, i, &policy_value);
+
+ if ( NT_STATUS_IS_ERR(status) ) {
+ fprintf(stderr, "Unable to get account policy from %s\n", in->name);
+ remove_account_policy_migrated();
+ return -1;
+ }
+
+ status = out->set_account_policy(out, i, policy_value);
+
+ if ( NT_STATUS_IS_ERR(status) ) {
+ fprintf(stderr, "Unable to migrate account policy to %s\n", out->name);
+ remove_account_policy_migrated();
+ return -1;
+ }
+ }
+
+ return 0;
+}
+
+
/*********************************************************
Print info from sam structure
**********************************************************/
@@ -175,7 +316,7 @@ static int print_user_info (struct pdb_methods *in, const char *username, BOOL v
struct samu *sam_pwent=NULL;
BOOL ret;
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
return -1;
}
@@ -207,7 +348,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd
}
check = True;
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
return 1;
}
@@ -217,7 +358,7 @@ static int print_users_list (struct pdb_methods *in, BOOL verbosity, BOOL smbpwd
print_sam_info (sam_pwent, verbosity, smbpwdstyle);
TALLOC_FREE(sam_pwent);
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
check = False;
}
}
@@ -242,7 +383,7 @@ static int fix_users_list (struct pdb_methods *in)
}
check = True;
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
return 1;
}
@@ -253,7 +394,7 @@ static int fix_users_list (struct pdb_methods *in)
printf("Update of user %s failed!\n", pdb_get_username(sam_pwent));
}
TALLOC_FREE(sam_pwent);
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
check = False;
}
if (!check) {
@@ -285,7 +426,7 @@ static int set_user_info (struct pdb_methods *in, const char *username,
struct samu *sam_pwent=NULL;
BOOL ret;
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
return 1;
}
@@ -405,7 +546,7 @@ static int new_user (struct pdb_methods *in, const char *username,
return -1;
}
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
DEBUG(0, ("Memory allocation failure!\n"));
return -1;
}
@@ -500,7 +641,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in)
if ((pwd = getpwnam_alloc(NULL, machineaccount))) {
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
fprintf(stderr, "Memory allocation error!\n");
TALLOC_FREE(pwd);
return -1;
@@ -514,7 +655,7 @@ static int new_machine (struct pdb_methods *in, const char *machine_in)
TALLOC_FREE(pwd);
} else {
- if ( !(sam_pwent = samu_new( NULL )) ) {
+ if ( (sam_pwent = samu_new( NULL )) == NULL ) {
fprintf(stderr, "Could not init sam from pw\n");
return -1;
}
@@ -543,7 +684,7 @@ static int delete_user_entry (struct pdb_methods *in, const char *username)
{
struct samu *samaccount = NULL;
- if ( !(samaccount = samu_new( NULL )) ) {
+ if ( (samaccount = samu_new( NULL )) == NULL ) {
return -1;
}
@@ -573,7 +714,7 @@ static int delete_machine_entry (struct pdb_methods *in, const char *machinename
if (name[strlen(name)-1] != '$')
fstrcat (name, "$");
- if ( !(samaccount = samu_new( NULL )) ) {
+ if ( (samaccount = samu_new( NULL )) == NULL ) {
return -1;
}
@@ -631,8 +772,7 @@ int main (int argc, char **argv)
static char *pwd_must_change_time = NULL;
static char *pwd_time_format = NULL;
static BOOL pw_from_stdin = False;
-
- struct pdb_methods *bdef = NULL;
+ struct pdb_methods *bin, *bout, *bdef;
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
@@ -672,6 +812,8 @@ int main (int argc, char **argv)
POPT_TABLEEND
};
+ bin = bout = bdef = NULL;
+
load_case_tables();
setup_logging("pdbedit", True);
@@ -790,6 +932,50 @@ int main (int argc, char **argv)
exit(0);
}
+ /* import and export operations */
+
+ if ( ((checkparms & BIT_IMPORT)
+ || (checkparms & BIT_EXPORT))
+ && !(checkparms & ~(BIT_IMPORT +BIT_EXPORT +BIT_USER)) )
+ {
+ NTSTATUS status;
+
+ bin = bout = bdef;
+
+ if (backend_in) {
+ status = make_pdb_method_name(&bin, backend_in);
+
+ if ( !NT_STATUS_IS_OK(status) ) {
+ fprintf(stderr, "Unable to initialize %s.\n", backend_in);
+ return 1;
+ }
+ }
+
+ if (backend_out) {
+ status = make_pdb_method_name(&bout, backend_out);
+
+ if ( !NT_STATUS_IS_OK(status) ) {
+ fprintf(stderr, "Unable to initialize %s.\n", backend_out);
+ return 1;
+ }
+ }
+
+ if (transfer_account_policies) {
+
+ if (!(checkparms & BIT_USER))
+ return export_account_policies(bin, bout);
+
+ } else if (transfer_groups) {
+
+ if (!(checkparms & BIT_USER))
+ return export_groups(bin, bout);
+
+ } else {
+ return export_database(bin, bout,
+ (checkparms & BIT_USER) ? user_name : NULL );
+ }
+ }
+
/* if BIT_USER is defined but nothing else then threat it as -l -u for compatibility */
/* fake up BIT_LIST if only BIT_USER is defined */
if ((checkparms & BIT_USER) && !(checkparms & ~BIT_USER)) {