summaryrefslogtreecommitdiff
AgeCommit message (Collapse)AuthorFilesLines
2010-08-14s3:idmap_tdb2: remove filter_low_id and filter_high_id from idmap_tdb2_contextMichael Adam1-2/+0
Now these are taken from the idmap_domain struct.
2010-08-14s3:idmap_tdb2: don't parse config and fill filter_low_id and filter_high_idMichael Adam1-43/+1
into idmap_tdb2_context in idmap_tdb2_db_init(). Now these are taken from the idmap_domain struct instead.
2010-08-14s3:idmap_tdb2: honour the "idmap read only" flag in the tdb2 module.Michael Adam1-1/+1
Note that this will not prevent the idmap script from writing its mappings to the database, but no new unix ids will be allocated via the allocator and hence no new mappings will be autogenerated.
2010-08-14s3:idmap_tdb2: use range from idmap_domain in idmap_tdb2_allocate_idMichael Adam1-4/+1
2010-08-14s3:idmap_tdb2: use filter from idmap_domain rather than from idmap_tdb2_contextMichael Adam1-12/+6
2010-08-14s3:idmap_tdb2: pass idmap_domain (not idmap_tdb2_context) to ↵Michael Adam1-7/+5
idmap_tdb2_sid_to_id
2010-08-14s3:idmap_tdb2: pass idmap_domain instead of idmap_tdb2_context to ↵Michael Adam1-6/+7
idmap_tdb2_unixids_to_sids The reason for this will become apparent later: The ranges are being moved to the idmap_domain: They are universal.
2010-08-14s3:idmap_tdb2: also support idmap script for named domainsMichael Adam1-0/+5
this can be configured via "idmap config DOMAIN : script = foobar"
2010-08-14s3:idmap_tdb2: move the idmap script from idmap_tdb2_state to idmap_tdb2_contextMichael Adam1-15/+11
The state (aka idmap_tdb2_alloc_context) is being removed. The (global) idmap script was wrong there anyways. It belongs to the per-domain context.
2010-08-14s3:idmap_tdb2: remove use of idmap_tdb2_state from idmap_tdb2_allocate_idMichael Adam1-4/+8
idmap_tdb2_state should actually be called idmap_tdb2_alloc_context. This is being removed as the idmap and allocation is moved together. We use the idmap_tdb2_context * that is sitting in dom->private_data. This contains the same ranges as those in the state anyways. Later, when we can also allocate for named domains, this will become necessary anyways.
2010-08-14s3:idmap_tdb2: move definition of struct idmap_tdb2_context up.Michael Adam1-4/+5
2010-08-14s3:idmap_tdb2: open the db after loading the ranges in idmap_tdb2_db_init().Michael Adam1-3/+5
2010-08-14s3:idmap_tdb2: add allocation of new mappings to idmap_tdb2_sids_to_unixidsMichael Adam1-22/+173
This moves the new_mapping feature inside the tdb2 backend to make creations of mappings atomic. Note: The new internal function idmap_tdb2_get_new_id() that is used to allocate a new unix id is prepared to function for multiple explicitly configured idmap domains, but currently it does only work for the default domain. The extended allocation support requires extension of the data base format to store multiple counters (per domain). This will be added in a later step (TODO!).
2010-08-14s3:idmap_tdb2: re-implement allocated_id in idmap methods.Michael Adam1-0/+1
2010-08-14s3:idmap: add idmap_unix_id_is_in_range() for checking an id against an ↵Michael Adam2-0/+20
idmap range
2010-08-14s3:idmap: don't check range for passdb idmap domainMichael Adam1-21/+30
2010-08-14s3:idmap: parse ranges and "read only" in idmap_init_domain().Michael Adam1-0/+78
2010-08-14s3:idmap: add a read_only flag to the idmap_domain struct.Michael Adam1-0/+1
This will be used to mark "allocating backends" (tdb, tdb2, ldap) read-only.
2010-08-14s3:idmap: add low_id and high_id to the idmap_domain structMichael Adam1-0/+2
This global data will replace the backend-specific filter_low_id and filter_high_id. The presence of a range is generic to all idmap configs.
2010-08-14s3:docs: fix net manpage to reflect removal of net "idmap secret alloc" featureMichael Adam1-1/+1
2010-08-14s3:net: remove the "net idmap secret alloc" functionality.Michael Adam1-39/+18
This is now not available any more, since allocation is moved below the id mapping layer. The functionality could be reintroduced on a per domain basis as an e.g "net idmap secret <domain> alloc" command.
2010-08-14s3:docs: add documentation for new "idmap read only" parameterMichael Adam1-0/+21
2010-08-14s3:loadparm: add new boolean parameter "idmap read only"Michael Adam2-0/+13
This will be used to be able to put the default idmap config read only. This can make sense for instance with the tdb2 idmap backend and using the idmap script feature.
2010-08-14s3:docs: remove documentation of removed parameter "idmap alloc backend"Michael Adam1-33/+0
2010-08-14s3:loadparm: remove parameter "idmap alloc backend"Michael Adam2-12/+0
2010-08-14s3:idmap: remove unused definition of idmap_alloc_methods.Michael Adam1-11/+0
Allocation is now completely handled in the allocating backends.
2010-08-14s3:idmap: remove idmap_alloc_context from idmap.cMichael Adam1-14/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary. No list of alloc backends is maintained any more in the top level.
2010-08-14s3:idmap: remove the alloc methods list from idmap.cMichael Adam1-12/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary. No list of alloc backends is maintained any more in the top level.
2010-08-14s3:idmap: remove unused get_alloc_methods().Michael Adam1-13/+0
2010-08-14s3:idmap: remove unused smb_register_idmap_alloc().Michael Adam2-51/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary.
2010-08-14s3:idmap_ldap: remove unused idmap_ldap_alloc_methods.Michael Adam1-7/+0
2010-08-14s3:idmap_ldap: remoce unused idmap_alloc_ldap_initMichael Adam1-6/+0
2010-08-14s3:idmap_ldap: don't call idmap_alloc_ldap_init in idmap_ldap_initMichael Adam1-8/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary.
2010-08-14s3:idmap_tdb: remove unused idmap_alloc_methodsMichael Adam1-7/+0
2010-08-14s3:idmap_tdb: remove unused idmap_alloc_tdb_init()Michael Adam1-5/+0
2010-08-14s3:idmap_tdb: don't call idmap_alloc_tdb_init in idmap_tdb_initMichael Adam1-7/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary.
2010-08-14s3:idmap_tdb2: remove unused idmap_tdb2_alloc_init().Michael Adam1-12/+0
2010-08-14s3:idmap_tdb2: remove unused idmap_tdb2_alloc_close().Michael Adam1-9/+0
2010-08-14s3:idmap_tdb2: remove unused idmap_alloc_methods.Michael Adam1-6/+0
2010-08-14s3:idmap_tdb2: don't call smb_register_idmap_alloc() in idmap_tdb2_initMichael Adam1-9/+0
The registering of alloc backends is being removed. The idmap backends are responsible for initializing their alloc code on their own if necessary.
2010-08-14s3:idmap_tdb: make idmap_alloc_tdb_init() static.Michael Adam2-2/+1
2010-08-14s3:idmap: remove unused idmap_alloc_init().Michael Adam1-79/+0
2010-08-14s3:idmap: use allocate_id() from the idmap_methods in idmap_allocate_unixid()Michael Adam1-4/+12
The idmap alloc methods are being removed.
2010-08-14s3:idmap: add an allocate_id method to the idmap_methods struct.Michael Adam1-0/+3
The idmap_alloc_methods are being removed, but this single "alloc" method is still needed for the samba-wide Unix-ID allocator, which is used in group-mapping and ldapsam:editposix. This method should ultimately also disappear.
2010-08-14s3:idmap: factor out common code of idmap_allocate_uid|gid()Michael Adam1-10/+9
into new idmap_allocate_unixid().
2010-08-14s3:idmap: remove the set_mapping method from the idmap APIMichael Adam5-18/+0
2010-08-14s3:idmap: remove idmap_new_mapping() - now implemented in the backendsMichael Adam1-68/+0
2010-08-14s3:idmap: add a debug message to idmap_sid_to_gidMichael Adam1-0/+1
2010-08-14s3:idmap: add a debug message to idmap_sid_to_uidMichael Adam1-0/+1
2010-08-14s3:idmap: don't call idmap_new_mapping idmap_sid_to_gidMichael Adam1-25/+16
The setting of a new mapping is moved into the backend code to achieve atomicity and greater flexibility. Michael