diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/lib/samba3/config.mk | 3 | ||||
-rw-r--r-- | source4/lib/samba3/policy.c | 67 | ||||
-rw-r--r-- | source4/lib/samba3/policy.h | 37 | ||||
-rw-r--r-- | source4/lib/samba3/samba3dump.c | 26 | ||||
-rw-r--r-- | source4/lib/tdb/include/tdbutil.h | 2 |
5 files changed, 134 insertions, 1 deletions
diff --git a/source4/lib/samba3/config.mk b/source4/lib/samba3/config.mk index 5045901b3b..ba6c1a8dbc 100644 --- a/source4/lib/samba3/config.mk +++ b/source4/lib/samba3/config.mk @@ -3,7 +3,8 @@ [SUBSYSTEM::LIBSAMBA3] INIT_OBJ_FILES = \ lib/samba3/smbpasswd.o \ - lib/samba3/tdbsam.o + lib/samba3/tdbsam.o \ + lib/samba3/policy.o # End SUBSYSTEM LIBSAMBA3 ################################################ diff --git a/source4/lib/samba3/policy.c b/source4/lib/samba3/policy.c new file mode 100644 index 0000000000..796e6eefac --- /dev/null +++ b/source4/lib/samba3/policy.c @@ -0,0 +1,67 @@ +/* + * Unix SMB/CIFS implementation. + * account policy storage + * Copyright (C) Jean François Micouleau 1998-2001. + * Copyright (C) Andrew Bartlett 2002 + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + +#include "includes.h" +#include "lib/tdb/include/tdbutil.h" +#include "lib/samba3/policy.h" +#include "system/filesys.h" + +#define DATABASE_VERSION 2 + +/**************************************************************************** + Open the account policy tdb. +****************************************************************************/ + +struct samba3_policy *samba3_read_account_policy(TALLOC_CTX *ctx, const char *fn) +{ + struct samba3_policy *ret; + const char *vstring = "INFO/version"; + uint32_t version; + + TDB_CONTEXT *tdb = tdb_open(fn, 0, TDB_DEFAULT, O_RDONLY, 0600); + if (!tdb) { + DEBUG(0,("Failed to open account policy database\n")); + return NULL; + } + + /* handle a Samba upgrade */ + if (!tdb_fetch_uint32(tdb, vstring, &version) || version != DATABASE_VERSION) { + tdb_store_uint32(tdb, vstring, DATABASE_VERSION); + } + + ret = talloc_zero(ctx, struct samba3_policy); + + tdb_fetch_uint32(tdb, "min password length", &ret->min_password_length); + tdb_fetch_uint32(tdb, "password history", &ret->password_history); + tdb_fetch_uint32(tdb, "user must logon to change pasword", &ret->user_must_logon_to_change_password); + tdb_fetch_uint32(tdb, "maximum password age", &ret->maximum_password_age); + tdb_fetch_uint32(tdb, "minimum password age", &ret->minimum_password_age); + tdb_fetch_uint32(tdb, "lockout duration", &ret->lockout_duration); + tdb_fetch_uint32(tdb, "reset count minutes", &ret->reset_count_minutes); + tdb_fetch_uint32(tdb, "bad lockout minutes", &ret->bad_lockout_minutes); + tdb_fetch_uint32(tdb, "disconnect time", &ret->disconnect_time); + tdb_fetch_uint32(tdb, "refuse machine password change", &ret->refuse_machine_password_change); + + tdb_close(tdb); + + return ret; +} + diff --git a/source4/lib/samba3/policy.h b/source4/lib/samba3/policy.h new file mode 100644 index 0000000000..b41f38a394 --- /dev/null +++ b/source4/lib/samba3/policy.h @@ -0,0 +1,37 @@ +/* + Unix SMB/CIFS implementation. + Copyright (C) Jelmer Vernooij 2005. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#ifndef _SAMBA3_POLICY_H /* _SAMBA3_POLICY_H */ +#define _SAMBA3_POLICY_H + +struct samba3_policy +{ + uint32_t min_password_length; + uint32_t password_history; + uint32_t user_must_logon_to_change_password; + uint32_t maximum_password_age; + uint32_t minimum_password_age; + uint32_t lockout_duration; + uint32_t reset_count_minutes; + uint32_t bad_lockout_minutes; + uint32_t disconnect_time; + uint32_t refuse_machine_password_change; +}; + +#endif /* _SAMBA3_POLICY_H */ diff --git a/source4/lib/samba3/samba3dump.c b/source4/lib/samba3/samba3dump.c index 4071ba1bf9..72052092ff 100644 --- a/source4/lib/samba3/samba3dump.c +++ b/source4/lib/samba3/samba3dump.c @@ -20,11 +20,34 @@ */ #include "includes.h" +#include "lib/samba3/policy.h" #include "lib/samba3/sam.h" #include "lib/cmdline/popt_common.h" static const char *libdir = "/var/lib/samba"; +static NTSTATUS print_policy(void) +{ + struct samba3_policy *ret; + char *policy_file; + TALLOC_CTX *mem_ctx = talloc_init(NULL); + + policy_file = talloc_asprintf(mem_ctx, "%s/account_policy.tdb", libdir); + + printf("Opening policy file %s\n", policy_file); + + ret = samba3_read_account_policy(mem_ctx, policy_file); + + if (ret == NULL) + return NT_STATUS_UNSUCCESSFUL; + + printf("Min password length: %d\n", ret->min_password_length); + + talloc_free(mem_ctx); + + return NT_STATUS_OK; +} + static NTSTATUS print_sam(void) { struct samba3_samaccount *accounts; @@ -39,8 +62,10 @@ static NTSTATUS print_sam(void) status = samba3_read_tdbsam(NULL, tdbsam_file, &accounts, &count); if (NT_STATUS_IS_ERR(status)) { fprintf(stderr, "Error reading tdbsam database %s\n", tdbsam_file); + SAFE_FREE(tdbsam_file); return status; } + SAFE_FREE(tdbsam_file); for (i = 0; i < count; i++) { printf("%d: %s\n", accounts[i].user_rid, accounts[i].username); @@ -68,6 +93,7 @@ int main(int argc, char **argv) } print_sam(); + print_policy(); poptFreeContext(pc); diff --git a/source4/lib/tdb/include/tdbutil.h b/source4/lib/tdb/include/tdbutil.h index 0d86ddc993..2f7c0ec234 100644 --- a/source4/lib/tdb/include/tdbutil.h +++ b/source4/lib/tdb/include/tdbutil.h @@ -38,7 +38,9 @@ int32_t tdb_change_int32_atomic(TDB_CONTEXT *tdb, const char *keystr, int32_t *o int tdb_lock_bystring(TDB_CONTEXT *tdb, const char *keyval); void tdb_unlock_bystring(TDB_CONTEXT *tdb, const char *keyval); int32_t tdb_fetch_int32(TDB_CONTEXT *tdb, const char *keystr); +BOOL tdb_store_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t value); int tdb_store_int32(TDB_CONTEXT *tdb, const char *keystr, int32_t v); +BOOL tdb_fetch_uint32(TDB_CONTEXT *tdb, const char *keystr, uint32_t *value); int tdb_traverse_delete_fn(TDB_CONTEXT *the_tdb, TDB_DATA key, TDB_DATA dbuf, void *state); int tdb_store_bystring(TDB_CONTEXT *tdb, const char *keystr, TDB_DATA data, int flags); |