summaryrefslogtreecommitdiff
path: root/source3/passdb/pdb_tdb.c
AgeCommit message (Collapse)AuthorFilesLines
2007-12-29Make pdb_tdb honour a private dir overridden in smb.conf.Michael Adam1-1/+1
One lp_private_dir() has to be used instead of get_dyn_PRIVATE_DIR() to determine the location of the passdb.tdb. I noticed this when running make test as a "normal user" from a build, where I had done "make install" as root before, and so the passdb.tdb could not be accessed during the startup phase "CREATE TEST ENVIRONMENT IN ./st ..." in selftest.sh. Michael (This used to be commit 1f96389afa7250af7393489fb538b8aed93d815c)
2007-12-29passdb.tdb is located in the private directoryVolker Lendecke1-1/+2
Jerry, as part of d6cdbfd87 the default location of passdb.tdb has changed from the private directory to the state directory. I think because passdb.tdb holds the password hashes, it is reasonable to keep this next to the smbpasswd file. Please review and potentially push. Thanks, Volker (This used to be commit c9c7607c402c0a9df9796c767b689d207d67d8e4)
2007-12-26Remove the sampwent interfaceVolker Lendecke1-146/+0
(This used to be commit 9e80b969fb40766de2c9b1a05d16bf4d4c6e46f7)
2007-12-26Add tdbsam_search_usersVolker Lendecke1-0/+134
(This used to be commit 02f0b0bd393bd942fc934f251bd6afed8e5424b0)
2007-12-10Remove the char[1024] strings from dynconfig. ReplaceJeremy Allison1-1/+1
them with malloc'ing accessor functions. Should save a lot of static space :-). Jeremy. (This used to be commit 52dc5eaef2106015b3a8b659e818bdb15ad94b05)
2007-11-20More pstring elimination.Jeremy Allison1-42/+67
Jeremy. (This used to be commit 15074de938539e7a9c527d9a6d81792adc2ac3d0)
2007-11-05static pstring removalVolker Lendecke1-2/+2
(This used to be commit 5490e2d77233f594a42cb32eda8215014db544e3)
2007-11-01Patch 2 of 3 from Debian Samba packagers:Gerald (Jerry) Carter1-2/+2
The point is doing the following associations: - non discardable state data (all TDB files that may need to be backed up) go to statedir - shared data (codepage stuff) go to codepagedir The patch *does not change* the default location for these directories. So, there is no behaviour change when applying it. The main change is for samba developers who have to think when dealing with files that previously pertained to libdir whether they: - go in statedir - go in codepagedir - stay in libdir (This used to be commit d6cdbfd875bb2653e831d314726c3240beb0a96b)
2007-10-18RIP BOOL. Convert BOOL -> bool. I found a few interestingJeremy Allison1-25/+25
bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-10r23801: The FSF has moved around a lot. This fixes their Mass Ave address.Andrew Tridgell1-2/+1
(This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227)
2007-10-10r23779: Change from v2 or later to v3 or later.Jeremy Allison1-1/+1
Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10r23510: Tidy calls to smb_panic by removing trailing newlines. Print theJames Peach1-1/+1
failed expression in SMB_ASSERT. (This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
2007-10-10r22009: change TDB_DATA from char * to unsigned char *Stefan Metzmacher1-11/+12
and fix all compiler warnings in the users metze (This used to be commit 3a28443079c141a6ce8182c65b56ca210e34f37f)
2007-10-10r21982: make use of tdb_*_bystring() and string_term_tdb_data()Stefan Metzmacher1-29/+12
to avoid creating the TDB_DATA struct from strings "by hand" metze (This used to be commit 9ebaa4c573ea5784a8c9cd9d29561b760d62bb18)
2007-10-10r18703: Fix the annoying effect that happens when nscd is running:Günther Deschner1-0/+4
We usually do not get the results from user/group script modifications immediately. A lot of users do add nscd restart/refresh commands into their scripts to workaround that while we could flush the nscd caches directly using libnscd. Guenther (This used to be commit 7db6ce295afbedfada7b207ad56566d2195a0d21)
2007-10-10r17150: MMC User & group plugins fixes:Gerald Carter1-5/+15
* Make sure to lower case all usernames before calling the create, delete, or rename hooks. * Preserve case for usernames in passdb * Flush the getpwnam cache after renaming a user * Add become/unbecome root block in _samr_delete_dom_user() when trying to verify the account's existence. (This used to be commit bbe11b7a950e7d85001f042bbd1ea3bf33ecda7b)
2007-10-10r16945: Sync trunk -> 3.0 for 3.0.24 code. Still needJeremy Allison1-16/+27
to do the upper layer directories but this is what everyone is waiting for.... Jeremy. (This used to be commit 9dafb7f48ca3e7af956b0a7d1720c2546fc4cfb8)
2007-10-10r16663: Fix coverity #301, memleak in error path.Jeremy Allison1-1/+1
Jeremy. (This used to be commit dfdb4ce89155dc1528b455252751616cc2c6708c)
2007-10-10r16624: Fix bug #3877, reported by jason@ncac.gwu.eduJeremy Allison1-2/+1
Jeremy. (This used to be commit 1f52b8b40619679242da663f5e5e7836d547f0a2)
2007-10-10r16582: Fix Klocwork #1997 and all generic class of problemsJeremy Allison1-0/+6
where we don't correctly check the return from memdup. Jeremy. (This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
2007-10-10r16014: Correctly set the group RID in init_sam_from_buffer.Volker Lendecke1-0/+2
BIG THANKS to Tom Bork for reporting that Bug! Volker (This used to be commit 40339fdcced67d62e449ba6f19329d89c808e139)
2007-10-10r15101: Little step towards getting Samba4 tdb into 3: tdb_lock_bystring ↵Volker Lendecke1-3/+3
does not have the timeout argument in Samba4. Add a new routine tdb_lock_bystring_with_timeout. Volker (This used to be commit b9c6e3f55602fa505859a4b2cd137b74105d685f)
2007-10-10r14634: Many bug fixes thanks to train rides and overnight stays in airportsGerald Carter1-13/+7
* Finally fix parsing idmap uid/gid ranges not to break with spaces surrounding the '-' * Allow local groups to renamed by adding info level 2 to _samr_set_aliasinfo() * Fix parsing bug in _samr_del_dom_alias() reply * Prevent root from being deleted via Samba * Prevent builting groups from being renamed or deleted * Fix bug in pdb_tdb that broke renaming user accounts * Make sure winbindd is running when trying to create the Administrators and Users BUILTIN groups automatically from smbd (and not just check the winbind nexted groups parameter value). * Have the top level rid allocator verify that the RID it is about to grant is not already assigned in our own SAM (retries up to 250 times). This fixes passdb with existing SIDs assigned to users from the RID algorithm but not monotonically allocating the RIDs from passdb. (This used to be commit db1162241f79c2af8afb7d8c26e8ed1c4a4b476f)
2007-10-10r14577: BUG Fixes:Gerald Carter1-8/+6
* Add back in the import/export support to pdbedit * Fix segv in pam_smbpass * Cleanup some error paths in pdb_tdb and pdb_interface (This used to be commit df53d64910fbb96eb810102e986b3c337d54c463)
2007-10-10r13765: Fix bug reported by jra. Don't check for a group SID when storingGerald Carter1-0/+2
a user since we no longer pay any attention to the value. (This used to be commit 085c6859ee5b97efe9ec06e95877d500822d3c82)
2007-10-10r13747: Fix the reference count for tdbsam_open() - on anJeremy Allison1-5/+9
upgrade it calls tdbsam_convert() which calls tdbsam_open() deep inside the init_sam_from_buffer_vX call. If the ref count hasn't been set yet then we will close the tdbsam reference in tdbsam_getsampwsid(). smbpasswd -a was core-dumping again :-). Jeremy (This used to be commit 993069eb87c190ba8ee92224340c8f9ffb3ade74)
2007-10-10r13729: Fix smbpasswd -xVolker Lendecke1-13/+6
(This used to be commit 2afcbbfb6f2efcc2e10106b10a87365556013787)
2007-10-10r13728: No, we have not talked about this on irc less than 24h ago... ;-)Volker Lendecke1-2/+2
(This used to be commit 59f95ea752d932b00d4a4ff37311b830d65c8a03)
2007-10-10r13711: * Correctly handle acb_info/acct_flags as uint32 not as uint16.Günther Deschner1-4/+238
* Fix a couple of related parsing issues. * in the info3 reply in a samlogon, return the ACB-flags (instead of returning zero) Guenther (This used to be commit 5b89e8bc24f0fdc8b52d5c9e849aba723df34ea7)
2007-10-10r13679: Commiting the rm_primary_group.patch posted on samba-technicalGerald Carter1-4/+6
* ignore the primary group SID attribute from struct samu* * generate the primary group SID strictlky from the Unix primary group when dealing with passdb users * Fix memory leak in original patch caused by failing to free a talloc * * add wrapper around samu_set_unix() to prevent exposing the create BOOL to callers. Wrappers are samu_set_unix() and samu-allic_rid_unix() (This used to be commit bcf269e2ec6630b78d909010fabd3b69dd6dda84)
2007-10-10r13622: Allow to rename machine accounts in a Samba Domain. This still uses theGünther Deschner1-3/+4
"rename user script" to do the rename of the posix machine account (this might be changed later). Fixes #2331. Guenther (This used to be commit b2eac2e6eb6ddd1bcb4ed5172e7cd64144c18d16)
2007-10-10r13600: Move functions local to tdbsam to pdb_tdb.cGerald Carter1-7/+397
(This used to be commit e3489f7eddb21981bb74cd8792aca869ae6790e1)
2007-10-10r13590: * replace all pdb_init_sam[_talloc]() calls with samu_new()Gerald Carter1-1/+5
* replace all pdb_{init,fill}_sam_pw() calls with samu_set_unix() (This used to be commit 6f1afa4acc93a07d0ee9940822d7715acaae634f)
2007-10-10r13589: Make sure we only try to close the tdbsam file in endsampwent() when weGerald Carter1-4/+11
have a valid pwent list from a setsampwent(). Fixes a bug with the reference count on the open tdb. (This used to be commit 77332f0738423d16a2b5e21af6aaf92b029da0ef)
2007-10-10r13576: This is the beginnings of moving the SAM_ACCOUNT data structureGerald Carter1-51/+51
to make full use of the new talloc() interface. Discussed with Volker and Jeremy. * remove the internal mem_ctx and simply use the talloc() structure as the context. * replace the internal free_fn() with a talloc_destructor() function * remove the unnecessary private nested structure * rename SAM_ACCOUNT to 'struct samu' to indicate the current an upcoming changes. Groups will most likely be replaced with a 'struct samg' in the future. Note that there are now passbd API changes. And for the most part, the wrapper functions remain the same. While this code has been tested on tdb and ldap based Samba PDC's as well as Samba member servers, there are probably still some bugs. The code also needs more testing under valgrind to ensure it's not leaking memory. But it's a start...... (This used to be commit 19b7593972480540283c5bf02c02e5ecd8d2c3f0)
2007-10-10r13512: Rewrite tdbsam code to use a reference count based open/closeGerald Carter1-326/+281
on the tdb file. This allow recusive calls to succeed without complaining about failed opens since a tdb can only be opened once per process. We probably still need to backport the transaction support from Samba 4 here though. (This used to be commit 94c37e06522bfc1753cc8f3c6c7bd4329587007e)
2007-10-10r13460: by popular demand....Gerald Carter1-11/+5
* remove pdb_context data structure * set default group for DOMAIN_RID_GUEST user as RID 513 (just like Windows) * Allow RID 513 to resolve to always resolve to a name * Remove auto mapping of guest account primary group given the previous 2 changes (This used to be commit 7a2da5f0cc05c1920c664c9a690a23bdf854e285)
2007-10-10r13316: Let the carnage begin....Gerald Carter1-1/+95
Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
2007-10-10r13209: Make smbpasswd -a work again if passdb did not exist.Volker Lendecke1-0/+1
Volker (This used to be commit e747ea7250b3ff19aee49072a2cf95840ff50b85)
2007-10-10r13175: Actually make adding a new user into an empty pdbtdbJeremy Allison1-1/+1
file create the file. Jeremy. (This used to be commit 31b3201f537220ec82d6fecbb4c457bfe3dbb9c9)
2007-10-10r13172: Fix incorrect error message when new tdb not created correctly.Jeremy Allison1-1/+1
Jeremy. (This used to be commit e5f19ad5ac1b728de4ca5a6c37c0d79b0752f536)
2007-10-10r11236: Implement user rename for smbpasswd and ldap backends. Some cleanup onJim McDonough1-4/+6
tdb as well to make naming consistent. (This used to be commit ee91eb9a39cc5e3edd9e97eb040e7557930e4e62)
2007-10-10r10911: part of #2861: add rename support for usrmgr.exe when using tdbsamJim McDonough1-40/+208
This gets it working before replacing tdb with the samba4 version. (This used to be commit 8210b0503a050e12ee1b4335fa6e50d10ad06577)
2007-10-10r4847: Hand over a acb_mask to pdb_setsampwent in load_sampwd_entries().Günther Deschner1-1/+1
This allows the ldap-backend to search much more effeciently. Machines will be searched in the ldap_machine_suffix and users in the ldap_users_suffix. (Note that we already use the ldap_group_suffix in ldapsam_setsamgrent for quite some time). Using the specific ldap-bases becomes notably important in large domains: On my testmachine "net rpc trustdom list" has to search through 40k accounts just to list 3 interdomain-trust-accounts, similiar effects show up the non-user query_dispinfo-calls, etc. Also renamed all_machines to only_machines in load_sampwd_entries() since that reflects better what is really meant. Guenther (This used to be commit 6394257cc721ca739bda0e320375f04506913533)
2007-10-10r4724: Add support for Windows privileges in Samba 3.0Gerald Carter1-1/+14
(based on Simo's code in trunk). Rewritten with the following changes: * privilege set is based on a 32-bit mask instead of strings (plans are to extend this to a 64 or 128-bit mask before the next 3.0.11preX release). * Remove the privilege code from the passdb API (replication to come later) * Only support the minimum amount of privileges that make sense. * Rewrite the domain join checks to use the SeMachineAccountPrivilege instead of the 'is a member of "Domain Admins"?' check that started all this. Still todo: * Utilize the SePrintOperatorPrivilege in addition to the 'printer admin' parameter * Utilize the SeAddUserPrivilege for adding users and groups * Fix some of the hard coded _lsa_*() calls * Start work on enough of SAM replication to get privileges from one Samba DC to another. * Come up with some management tool for manipultaing privileges instead of user manager since it is buggy when run on a 2k client (haven't tried xp). Works ok on NT4. (This used to be commit 77c10ff9aa6414a31eece6dfec00793f190a9d6c)
2007-10-10r4088: Get medieval on our ass about malloc.... :-). Take control of all our ↵Jeremy Allison1-2/+2
allocation functions so we can funnel through some well known functions. Should help greatly with malloc checking. HEAD patch to follow. Jeremy. (This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
2007-10-10r1412: Fix password history list in tdbsam. Fix some memory leaks. AddJeremy Allison1-0/+3
my (C) to a header file that was at least 50% mine :-). Jeremy. (This used to be commit 8ee6060977ec8e65082f3ad09e1e1ccf5b4672ed)
2007-10-10r1392: Added password history code to tdbsam backend. Not yet tested (ie. mayJeremy Allison1-1/+4
core dump) but compiles and links correctly. I will run the full set of tests on the ldap sam and the tdb sam for password history tomorrow. Jeremy. (This used to be commit ac846420d0ef2c60d2dc71319b24401c73699249)
2007-10-10r1388: Adding password history code for ldap backend, based on a patch fromJeremy Allison1-1/+0
"Jianliang Lu" <j.lu@tiesse.com>. Multi-string attribute changed to linearised pstring due to ordering issues. A few other changes to fix race conditions. I will add the tdb backend code next. This code compiles but has not yet been tested with password history policy set to greater than zero. Targeted for 3.0.6. Jeremy. (This used to be commit dd54b2a3c45e202e504ad69d170eb798da4e6fc9)
2004-02-13Move tdbsam versioning/upgrade code into 3.0Jim McDonough1-13/+175
(This used to be commit 730c07cac2166812f4a2da5cfba7152d168b2bdd)