summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
Diffstat (limited to 'source3')
-rw-r--r--source3/utils/net_idmap.c182
1 files changed, 130 insertions, 52 deletions
diff --git a/source3/utils/net_idmap.c b/source3/utils/net_idmap.c
index d145693a22..46014cab7c 100644
--- a/source3/utils/net_idmap.c
+++ b/source3/utils/net_idmap.c
@@ -90,29 +90,100 @@ static int net_idmap_dump(struct net_context *c, int argc, const char **argv)
Write entries from stdin to current local idmap
**********************************************************/
+static int net_idmap_store_id_mapping(struct db_context *db,
+ enum id_type type,
+ unsigned long idval,
+ const char *sid_string)
+{
+ NTSTATUS status;
+ char *idstr = NULL;
+
+ switch(type) {
+ case ID_TYPE_UID:
+ idstr = talloc_asprintf(talloc_tos(), "UID %lu", idval);
+ break;
+ case ID_TYPE_GID:
+ idstr = talloc_asprintf(talloc_tos(), "GID %lu", idval);
+ break;
+ default:
+ d_fprintf(stderr, "Invalid id mapping type: %d\n", type);
+ return -1;
+ }
+
+ status = dbwrap_store_bystring(db, idstr,
+ string_term_tdb_data(sid_string),
+ TDB_REPLACE);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Error storing ID -> SID: "
+ "%s\n", nt_errstr(status));
+ talloc_free(idstr);
+ return -1;
+ }
+ status = dbwrap_store_bystring(db, sid_string,
+ string_term_tdb_data(idstr),
+ TDB_REPLACE);
+ if (!NT_STATUS_IS_OK(status)) {
+ d_fprintf(stderr, "Error storing SID -> ID: "
+ "%s\n", nt_errstr(status));
+ talloc_free(idstr);
+ return -1;
+ }
+
+ return 0;
+}
+
static int net_idmap_restore(struct net_context *c, int argc, const char **argv)
{
- TALLOC_CTX *ctx;
- FILE *input;
+ TALLOC_CTX *mem_ctx;
+ FILE *input = NULL;
+ struct db_context *db;
+ char *dbfile = NULL;
+ int ret = 0;
if (c->display_usage) {
d_printf("%s\n%s",
_("Usage:"),
- _("net idmap restore [inputfile]\n"
+ _("net idmap restore [<inputfile>]\n"
" Restore ID mappings from file\n"
- " inputfile\tFile to load ID mappings from. If "
- "not given, load data from stdin.\n"));
+ " inputfile\tFile to load ID mappings from. If not "
+ "given, load data from stdin.\n"));
return 0;
}
- if (! winbind_ping()) {
- d_fprintf(stderr,
- _("To use net idmap Winbindd must be running.\n"));
- return -1;
+ mem_ctx = talloc_stackframe();
+
+ if (strequal(lp_idmap_backend(), "tdb")) {
+ dbfile = state_path("winbindd_idmap.tdb");
+ if (dbfile == NULL) {
+ d_fprintf(stderr, _("Out of memory!\n"));
+ return -1;
+ }
+ } else if (strequal(lp_idmap_backend(), "tdb2")) {
+ dbfile = lp_parm_talloc_string(-1, "tdb", "idmap2.tdb", NULL);
+ if (dbfile == NULL) {
+ dbfile = talloc_asprintf(mem_ctx, "%s/idmap2.tdb",
+ lp_private_dir());
+ }
+ } else {
+ char *backend, *args;
+
+ backend = talloc_strdup(mem_ctx, lp_idmap_backend());
+ args = strchr(backend, ':');
+ if (args != NULL) {
+ *args = '\0';
+ }
+
+ d_printf(_("Sorry, 'net idmap restore' is currently not "
+ "supported for idmap backend = %s.\n"
+ "Only tdb and tdb2 are supported.\n"),
+ backend);
+
+ ret = -1;
+ goto done;
}
- ctx = talloc_new(NULL);
- ALLOC_CHECK(ctx);
+ d_fprintf(stderr, _("restoring id mapping to %s data base in '%s'\n"),
+ lp_idmap_backend(), dbfile);
if (argc == 1) {
input = fopen(argv[0], "r");
@@ -120,13 +191,24 @@ static int net_idmap_restore(struct net_context *c, int argc, const char **argv)
input = stdin;
}
+ db = db_open(mem_ctx, dbfile, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644);
+ if (db == NULL) {
+ d_fprintf(stderr, _("Could not open idmap db (%s): %s\n"),
+ dbfile, strerror(errno));
+ ret = -1;
+ goto done;
+ }
+
+ if (db->transaction_start(db) != 0) {
+ d_fprintf(stderr, _("Failed to start transaction.\n"));
+ ret = -1;
+ goto done;
+ }
+
while (!feof(input)) {
char line[128], sid_string[128];
int len;
- struct wbcDomainSid sid;
- enum id_type type = ID_TYPE_NOT_SPECIFIED;
unsigned long idval;
- wbcErr wbc_status;
if (fgets(line, 127, input) == NULL)
break;
@@ -136,62 +218,58 @@ static int net_idmap_restore(struct net_context *c, int argc, const char **argv)
if ( (len > 0) && (line[len-1] == '\n') )
line[len-1] = '\0';
- if (sscanf(line, "GID %lu %128s", &idval, sid_string) == 2) {
- type = ID_TYPE_GID;
- } else if (sscanf(line, "UID %lu %128s", &idval, sid_string) == 2) {
- type = ID_TYPE_UID;
+ if (sscanf(line, "GID %lu %128s", &idval, sid_string) == 2)
+ {
+ ret = net_idmap_store_id_mapping(db, ID_TYPE_GID,
+ idval, sid_string);
+ if (ret != 0) {
+ break;
+ }
+ } else if (sscanf(line, "UID %lu %128s", &idval, sid_string) == 2)
+ {
+ ret = net_idmap_store_id_mapping(db, ID_TYPE_UID,
+ idval, sid_string);
+ if (ret != 0) {
+ break;
+ }
} else if (sscanf(line, "USER HWM %lu", &idval) == 1) {
- /* set uid hwm */
- wbc_status = wbcSetUidHwm(idval);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- d_fprintf(stderr,
- _("Could not set USER HWM: %s\n"),
- wbcErrorString(wbc_status));
+ ret = dbwrap_store_int32(db, "USER HWM", idval);
+ if (ret != 0) {
+ d_fprintf(stderr, _("Could not store USER HWM.\n"));
+ break;
}
- continue;
} else if (sscanf(line, "GROUP HWM %lu", &idval) == 1) {
- /* set gid hwm */
- wbc_status = wbcSetGidHwm(idval);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
+ ret = dbwrap_store_int32(db, "GROUP HWM", idval);
+ if (ret != 0) {
d_fprintf(stderr,
- _("Could not set GROUP HWM: %s\n"),
- wbcErrorString(wbc_status));
+ _("Could not store GROUP HWM.\n"));
+ break;
}
- continue;
} else {
d_fprintf(stderr, _("ignoring invalid line [%s]\n"),
line);
continue;
}
+ }
- wbc_status = wbcStringToSid(sid_string, &sid);
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- d_fprintf(stderr, _("ignoring invalid sid [%s]: %s\n"),
- sid_string, wbcErrorString(wbc_status));
- continue;
- }
-
- if (type == ID_TYPE_UID) {
- wbc_status = wbcSetUidMapping(idval, &sid);
- } else {
- wbc_status = wbcSetGidMapping(idval, &sid);
+ if (ret == 0) {
+ if(db->transaction_commit(db) != 0) {
+ d_fprintf(stderr, _("Failed to commit transaction.\n"));
+ ret = -1;
}
- if (!WBC_ERROR_IS_OK(wbc_status)) {
- d_fprintf(stderr,
- _("Could not set mapping of %s %lu to sid %s: %s\n"),
- (type == ID_TYPE_GID) ? "GID" : "UID",
- idval, sid_string,
- wbcErrorString(wbc_status));
- continue;
+ } else {
+ if (db->transaction_cancel(db) != 0) {
+ d_fprintf(stderr, _("Failed to cancel transaction.\n"));
}
}
- if (input != stdin) {
+done:
+ if ((input != NULL) && (input != stdin)) {
fclose(input);
}
- talloc_free(ctx);
- return 0;
+ talloc_free(mem_ctx);
+ return ret;
}
/***********************************************************