diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/lib/ldb/common/ldb_modules.c | 11 | ||||
-rw-r--r-- | source4/lib/ldb/config.mk | 3 | ||||
-rw-r--r-- | source4/lib/ldb/ldb_map/ldb_map.c | 11 | ||||
-rw-r--r-- | source4/lib/ldb/samba/samba3sam.c (renamed from source4/lib/samba3/ldb_samba3.c) | 6 | ||||
-rw-r--r-- | source4/lib/ldb/tests/samba3.ldif | 203 | ||||
-rwxr-xr-x | source4/lib/ldb/tests/test-samba3sam.sh | 8 | ||||
-rw-r--r-- | source4/lib/ldb/tools/cmdline.c | 5 | ||||
-rw-r--r-- | source4/lib/samba3/config.mk | 1 | ||||
-rw-r--r-- | source4/param/loadparm.c | 140 |
9 files changed, 242 insertions, 146 deletions
diff --git a/source4/lib/ldb/common/ldb_modules.c b/source4/lib/ldb/common/ldb_modules.c index ab743d1b49..20e8ad061e 100644 --- a/source4/lib/ldb/common/ldb_modules.c +++ b/source4/lib/ldb/common/ldb_modules.c @@ -226,6 +226,17 @@ int ldb_load_modules(struct ldb_context *ldb, const char *options[]) DLIST_ADD(ldb->modules, current); continue; } + + if (strcmp(modules[i], "samba3sam") == 0) { + current = ldb_samba3sam_module_init(ldb, options); + if (!current) { + ldb_debug(ldb, LDB_DEBUG_FATAL, "function 'init_module' in %s fails\n", modules[i]); + return -1; + } + DLIST_ADD(ldb->modules, current); + continue; + } + #endif ldb_debug(ldb, LDB_DEBUG_WARNING, "WARNING: Module [%s] not found\n", modules[i]); diff --git a/source4/lib/ldb/config.mk b/source4/lib/ldb/config.mk index 76059b3b60..23a99e367b 100644 --- a/source4/lib/ldb/config.mk +++ b/source4/lib/ldb/config.mk @@ -115,7 +115,8 @@ REQUIRED_SUBSYSTEMS = \ # Start SUBSYSTEM LDBSAMBA [SUBSYSTEM::LDBSAMBA] OBJ_FILES = \ - lib/ldb/samba/ldif_handlers.o + lib/ldb/samba/ldif_handlers.o \ + lib/ldb/samba/samba3sam.o # End SUBSYSTEM LDBSAMBA ################################################ diff --git a/source4/lib/ldb/ldb_map/ldb_map.c b/source4/lib/ldb/ldb_map/ldb_map.c index dea3c24e37..2082abe79a 100644 --- a/source4/lib/ldb/ldb_map/ldb_map.c +++ b/source4/lib/ldb/ldb_map/ldb_map.c @@ -126,6 +126,9 @@ static struct ldb_dn *map_remote_dn(struct ldb_module *module, const struct ldb_ struct ldb_dn *newdn; int i; + if (dn == NULL) + return NULL; + newdn = talloc_memdup(module, dn, sizeof(*dn)); if (!newdn) return NULL; @@ -183,6 +186,9 @@ static struct ldb_dn *map_local_dn(struct ldb_module *module, const struct ldb_d int i; struct ldb_parse_tree eqtree, *new_eqtree; + if (dn == NULL) + return NULL; + newdn = talloc_memdup(module, dn, sizeof(*dn)); if (!newdn) return NULL; @@ -252,8 +258,6 @@ static struct ldb_dn *map_local_dn(struct ldb_module *module, const struct ldb_d return newdn; } - - /* Loop over ldb_map_attribute array and add remote_names */ static const char **ldb_map_attrs(struct ldb_module *module, const char *const attrs[]) { @@ -261,6 +265,9 @@ static const char **ldb_map_attrs(struct ldb_module *module, const char *const a const char **ret; int ar_size = 0, last_element = 0; + if (attrs == NULL) + return NULL; + /* Start with good guess of number of elements */ for (i = 0; attrs[i]; i++); diff --git a/source4/lib/samba3/ldb_samba3.c b/source4/lib/ldb/samba/samba3sam.c index 68f5412c90..6c98ffc5c1 100644 --- a/source4/lib/samba3/ldb_samba3.c +++ b/source4/lib/ldb/samba/samba3sam.c @@ -1,5 +1,5 @@ /* - ldb database library - Samba3 compatibility backend + ldb database library - Samba3 SAM compatibility backend Copyright (C) Jelmer Vernooij 2005 @@ -189,9 +189,9 @@ const struct ldb_map_attribute samba3_attributes[] = /* the init function */ #ifdef HAVE_DLOPEN_DISABLED - struct ldb_module *init_module(struct ldb_context *ldb, const char *options[]) +struct ldb_module *init_module(struct ldb_context *ldb, const char *options[]) #else - struct ldb_module *ldb_samba3_module_init(struct ldb_context *ldb, const char *options[]) +struct ldb_module *ldb_samba3sam_module_init(struct ldb_context *ldb, const char *options[]) #endif { return ldb_map_init(ldb, &samba3_attributes, &samba3_objectclasses, options); diff --git a/source4/lib/ldb/tests/samba3.ldif b/source4/lib/ldb/tests/samba3.ldif new file mode 100644 index 0000000000..fb0a1386d4 --- /dev/null +++ b/source4/lib/ldb/tests/samba3.ldif @@ -0,0 +1,203 @@ +dn: dc=idealx,dc=org +objectClass: dcObject +objectclass: organization +o: idealx +dc: idealx + +dn: ou=Users,dc=idealx,dc=org +objectClass: organizationalUnit +ou: Users + +dn: ou=Groups,dc=idealx,dc=org +objectClass: organizationalUnit +ou: Groups + +dn: ou=Computers,dc=idealx,dc=org +objectClass: organizationalUnit +ou: Computers +dn: uid=Administrator,ou=Users,dc=idealx,dc=org +cn: Administrator +sn: Administrator +objectClass: inetOrgPerson +objectClass: sambaSAMAccount +objectClass: posixAccount +objectClass: shadowAccount +gidNumber: 512 +uid: Administrator +uidNumber: 0 +homeDirectory: /home/%U +sambaPwdLastSet: 0 +sambaLogonTime: 0 +sambaLogoffTime: 2147483647 +sambaKickoffTime: 2147483647 +sambaPwdCanChange: 0 +sambaPwdMustChange: 2147483647 +sambaHomePath: \\PDC-SMB3\home\%U +sambaHomeDrive: H: +sambaProfilePath: \\PDC-SMB3\profiles\%U\Administrator +sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-512 +sambaLMPassword: XXX +sambaNTPassword: XXX +sambaAcctFlags: [U ] +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2996 +loginShell: /bin/false +gecos: Netbios Domain Administrator + +dn: uid=nobody,ou=Users,dc=idealx,dc=org +cn: nobody +sn: nobody +objectClass: inetOrgPerson +objectClass: sambaSAMAccount +objectClass: posixAccount +objectClass: shadowAccount +gidNumber: 514 +uid: nobody +uidNumber: 999 +homeDirectory: /dev/null +sambaPwdLastSet: 0 +sambaLogonTime: 0 +sambaLogoffTime: 2147483647 +sambaKickoffTime: 2147483647 +sambaPwdCanChange: 0 +sambaPwdMustChange: 2147483647 +sambaHomePath: \\PDC-SMB3\home\%U +sambaHomeDrive: H: +sambaProfilePath: \\PDC-SMB3\profiles\%U\nobody +sambaPrimaryGroupSID: S-1-5-21-4231626423-2410014848-2360679739-514 +sambaLMPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX +sambaNTPassword: NO PASSWORDXXXXXXXXXXXXXXXXXXXXX +sambaAcctFlags: [NU ] +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-2998 +loginShell: /bin/false + +dn: cn=Domain Admins,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 512 +cn: Domain Admins +memberUid: Administrator +description: Netbios Domain Administrators +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-512 +sambaGroupType: 2 +displayName: Domain Admins + +dn: cn=Domain Users,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 513 +cn: Domain Users +description: Netbios Domain Users +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-513 +sambaGroupType: 2 +displayName: Domain Users + +dn: cn=Domain Guests,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 514 +cn: Domain Guests +description: Netbios Domain Guests Users +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-514 +sambaGroupType: 2 +displayName: Domain Guests + +dn: cn=Print Operators,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 550 +cn: Print Operators +description: Netbios Domain Print Operators +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-550 +sambaGroupType: 2 +displayName: Print Operators + +dn: cn=Backup Operators,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 551 +cn: Backup Operators +description: Netbios Domain Members can bypass file security to back up files +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-551 +sambaGroupType: 2 +displayName: Backup Operators + +dn: cn=Replicator,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 552 +cn: Replicator +description: Netbios Domain Supports file replication in a sambaDomainName +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-552 +sambaGroupType: 2 +displayName: Replicator + +dn: cn=Domain Computers,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 553 +cn: Domain Computers +description: Netbios Domain Computers accounts +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-553 +sambaGroupType: 2 +displayName: Domain Computers + +dn: cn=Administrators,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 544 +cn: Administrators +description: Netbios Domain Members can fully administer the computer/sambaDomainName +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-544 +sambaGroupType: 2 +displayName: Administrators + +dn: cn=Users,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 545 +cn: Users +description: Netbios Domain Ordinary users +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-545 +sambaGroupType: 2 +displayName: users + +dn: cn=Guests,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 546 +cn: Guests +memberUid: nobody +description: Netbios Domain Users granted guest access to the computer/sambaDomainName +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-546 +sambaGroupType: 2 +displayName: Guests + +dn: cn=Power Users,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 547 +cn: Power Users +description: Netbios Domain Members can share directories and printers +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-547 +sambaGroupType: 2 +displayName: Power Users + +dn: cn=Account Operators,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 548 +cn: Account Operators +description: Netbios Domain Users to manipulate users accounts +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-548 +sambaGroupType: 2 +displayName: Account Operators + +dn: cn=Server Operators,ou=Groups,dc=idealx,dc=org +objectClass: posixGroup +objectClass: sambaGroupMapping +gidNumber: 549 +cn: Server Operators +description: Netbios Domain Server Operators +sambaSID: S-1-5-21-4231626423-2410014848-2360679739-549 +sambaGroupType: 2 +displayName: Server Operators diff --git a/source4/lib/ldb/tests/test-samba3sam.sh b/source4/lib/ldb/tests/test-samba3sam.sh new file mode 100755 index 0000000000..60d429e3b1 --- /dev/null +++ b/source4/lib/ldb/tests/test-samba3sam.sh @@ -0,0 +1,8 @@ +#!/bin/sh + +rm -f samba3.ldb + +$VALGRIND ldbadd -H tdb://samba3.ldb < samba3.ldif + +OPT="-o modules:samba3sam -H tdb://samba3.ldb " +$VALGRIND ldbsearch $OPT "(cn=Administrator)" diff --git a/source4/lib/ldb/tools/cmdline.c b/source4/lib/ldb/tools/cmdline.c index cde357a088..fb0292b7d9 100644 --- a/source4/lib/ldb/tools/cmdline.c +++ b/source4/lib/ldb/tools/cmdline.c @@ -124,13 +124,14 @@ struct ldb_cmdline *ldb_cmdline_process(struct ldb_context *ldb, int argc, const case 'o': options.options = talloc_realloc(ret, options.options, - const char *, num_options+2); + const char *, num_options+3); if (options.options == NULL) { ldb_oom(ldb); goto failed; } - options.options[num_options++] = poptGetOptArg(pc); + options.options[num_options] = poptGetOptArg(pc); options.options[num_options+1] = NULL; + num_options++; break; default: diff --git a/source4/lib/samba3/config.mk b/source4/lib/samba3/config.mk index eba694c2af..06b7e5e256 100644 --- a/source4/lib/samba3/config.mk +++ b/source4/lib/samba3/config.mk @@ -11,7 +11,6 @@ ADD_OBJ_FILES = \ lib/samba3/group.o \ lib/samba3/registry.o \ lib/samba3/secrets.o \ - lib/samba3/ldb_samba3.o \ lib/samba3/share_info.o \ lib/samba3/upgrade.o # End SUBSYSTEM LIBSAMBA3 diff --git a/source4/param/loadparm.c b/source4/param/loadparm.c index 3728881e33..3f6a22d404 100644 --- a/source4/param/loadparm.c +++ b/source4/param/loadparm.c @@ -137,9 +137,6 @@ typedef struct char **dcerpc_ep_servers; char **server_services; char *ntptr_providor; - char *szWinbindUID; - char *szWinbindGID; - char *szNonUnixAccountRange; char *szWinbindSeparator; char *swat_directory; BOOL tls_enabled; @@ -284,9 +281,6 @@ static int default_server_announce; /* prototypes for the special type handlers */ static BOOL handle_include(const char *pszParmValue, char **ptr); static BOOL handle_copy(const char *pszParmValue, char **ptr); -static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr); -static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr); -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr); static void set_server_role(void); static void set_default_server_announce_type(void); @@ -420,7 +414,6 @@ static struct parm_struct parm_table[] = { {"spoolss database", P_STRING, P_GLOBAL, &Globals.szSPOOLSS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"wins database", P_STRING, P_GLOBAL, &Globals.szWINS_URL, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passwd chat", P_STRING, P_GLOBAL, &Globals.szPasswdChat, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"password level", P_INTEGER, P_GLOBAL, &Globals.pwordlevel, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -555,12 +548,7 @@ static struct parm_struct parm_table[] = { {"msdfs root", P_BOOL, P_LOCAL, &sDefault.bMSDfsRoot, NULL, NULL, FLAG_SHARE}, {"host msdfs", P_BOOL, P_GLOBAL, &Globals.bHostMSDfs, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - - {"Winbind options", P_SEP, P_SEPARATOR}, - - {"winbind uid", P_STRING, P_GLOBAL, &Globals.szWinbindUID, handle_winbind_uid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind gid", P_STRING, P_GLOBAL, &Globals.szWinbindGID, handle_winbind_gid, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, + {"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER }, {NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0} }; @@ -680,7 +668,7 @@ static void init_globals(void) do_parameter("DomainLogons", "False", NULL); do_parameter("WINSsupport", "False", NULL); - do_parameter("WinbindSeparator", "\\", NULL); + do_parameter("winbind separator", "\\", NULL); do_parameter("client signing", "Yes", NULL); do_parameter("server signing", "auto", NULL); @@ -821,6 +809,7 @@ FN_GLOBAL_STRING(lp_smb_passwd_file, &Globals.szSMBPasswdFile) FN_GLOBAL_STRING(lp_sam_url, &Globals.szSAM_URL) FN_GLOBAL_STRING(lp_spoolss_url, &Globals.szSPOOLSS_URL) FN_GLOBAL_STRING(lp_wins_url, &Globals.szWINS_URL) +FN_GLOBAL_CONST_STRING(lp_winbind_separator, &Globals.szWinbindSeparator) FN_GLOBAL_STRING(lp_private_dir, &Globals.szPrivateDir) FN_GLOBAL_STRING(lp_serverstring, &Globals.szServerString) FN_GLOBAL_STRING(lp_lockdir, &Globals.szLockDir) @@ -845,9 +834,6 @@ FN_GLOBAL_STRING(lp_socket_address, &Globals.szSocketAddress) FN_GLOBAL_LIST(lp_netbios_aliases, &Globals.szNetbiosAliases) FN_GLOBAL_STRING(lp_panic_action, &Globals.szPanicAction) - -FN_GLOBAL_CONST_STRING(lp_winbind_separator, &Globals.szWinbindSeparator) - FN_GLOBAL_BOOL(lp_disable_netbios, &Globals.bDisableNetbios) FN_GLOBAL_BOOL(lp_wins_support, &Globals.bWINSsupport) FN_GLOBAL_BOOL(lp_local_master, &Globals.bLocalMaster) @@ -1685,126 +1671,6 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr) } /*************************************************************************** - Handle winbind/non unix account uid and gid allocation parameters. The format of these - parameters is: - - [global] - - winbind uid = 1000-1999 - winbind gid = 700-899 - - We only do simple parsing checks here. The strings are parsed into useful - structures in the winbind daemon code. - -***************************************************************************/ - -/* Some lp_ routines to return winbind [ug]id information */ - -static uid_t winbind_uid_low, winbind_uid_high; -static gid_t winbind_gid_low, winbind_gid_high; -static uint32_t non_unix_account_low, non_unix_account_high; - -BOOL lp_winbind_uid(uid_t *low, uid_t *high) -{ - if (winbind_uid_low == 0 || winbind_uid_high == 0) - return False; - - if (low) - *low = winbind_uid_low; - - if (high) - *high = winbind_uid_high; - - return True; -} - -BOOL lp_winbind_gid(gid_t *low, gid_t *high) -{ - if (winbind_gid_low == 0 || winbind_gid_high == 0) - return False; - - if (low) - *low = winbind_gid_low; - - if (high) - *high = winbind_gid_high; - - return True; -} - -BOOL lp_non_unix_account_range(uint32_t *low, uint32_t *high) -{ - if (non_unix_account_low == 0 || non_unix_account_high == 0) - return False; - - if (low) - *low = non_unix_account_low; - - if (high) - *high = non_unix_account_high; - - return True; -} - -/* Do some simple checks on "winbind [ug]id" parameter values */ - -static BOOL handle_winbind_uid(const char *pszParmValue, char **ptr) -{ - uint32_t low, high; - - if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low) - return False; - - /* Parse OK */ - - string_set(ptr, pszParmValue); - - winbind_uid_low = low; - winbind_uid_high = high; - - return True; -} - -static BOOL handle_winbind_gid(const char *pszParmValue, char **ptr) -{ - uint32_t low, high; - - if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low) - return False; - - /* Parse OK */ - - string_set(ptr, pszParmValue); - - winbind_gid_low = low; - winbind_gid_high = high; - - return True; -} - -/*************************************************************************** - Do some simple checks on "non unix account range" parameter values. -***************************************************************************/ - -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr) -{ - uint32_t low, high; - - if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low) - return False; - - /* Parse OK */ - - string_set(ptr, pszParmValue); - - non_unix_account_low = low; - non_unix_account_high = high; - - return True; -} - - -/*************************************************************************** Initialise a copymap. ***************************************************************************/ |