summaryrefslogtreecommitdiff
path: root/source3/smbd/uid.c
AgeCommit message (Collapse)AuthorFilesLines
2004-03-01Ok here it is my latest work on privilegesSimo Sorce1-6/+12
This patch add privilege support for samba Currently it is implemented only for tdbsam backend but estending it to other sam backends is straightforward. I must make a big thank to JFM for his teachings on the matter and the functions at the base of this work. At thye moment only samr_create_user honours SeAddUsersPrivilege and SeMachineAccountPrivilege to permit any user to add machines and/or users to the server. The command "net priv" has been provided to manipulate the privileges database. There are still many things to do (like support in "net rpc vampire") but the working core is here. Feel free to comment/extend on this work. Of course I will deny that any bug may affect this code :-) Simo. This patch adds also my patch about add share command enhancements. (This used to be commit 7a78c3605e203bd8e0d7ae244605f076a5d0b0bc)
2004-02-13Fixup the 'multiple-vuids' bugs.Jeremy Allison1-12/+76
Jeremy. (This used to be commit a7d4a6d1167f7657113148cdf68ea3c491b51b14)
2004-02-08(merge from 3.0)Andrew Bartlett1-11/+0
nsswitch/winbindd_util.c: add static smbd/uid.c: remove unused function Andrew Bartlett (This used to be commit 4822a3f73610f6e468c447f1282246f13a378cde)
2004-02-08(merge from 3.0)Andrew Bartlett1-69/+0
Samba hasn't used this function for ages - it's now handled deep in the auth subsystem. Andrew Bartlett (This used to be commit bb505ca696427f105d05a0b9aab6d5eee043ede6)
2003-09-09sync 3.0 into HEAD for the last timeGerald Carter1-464/+1
(This used to be commit c17a7dc9a190156a069da3e861c18fd3f81224ad)
2003-07-16trying to get HEAD building again. If you want the codeGerald Carter1-0/+372
prior to this merge, checkout HEAD_PRE_3_0_0_BETA_3_MERGE (This used to be commit adb98e7b7cd0f025b52c570e4034eebf4047b1ad)
2003-05-01*id_to_*id call reshape to return NTSTATUS errorsSimo Sorce1-1/+1
plus internal fixes 1st stage (This used to be commit 6d036761e565bc93964bb3c939d5b7d78d5778a3)
2003-04-29This is a nice rewrite:Simo Sorce1-2/+1
SAM_ACCOUNT does not have anymore uid and gid fields all the code that used them has been fixed to use the proper idmap calls fix to idmap_tdb for first time idmap.tdb initialization. auth_serversupplied_info structure has now an uid and gid field few other fixes to make the system behave correctly with idmap tested only with tdbsam, but smbpasswd and nisplus should be ok have not tested ldap ! (This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
2003-04-29consolidate idmap code in one placeSimo Sorce1-349/+0
(This used to be commit f7041ec5d74475013c839b5ea9ecac10322e5e65)
2003-04-29ok next_rid out as well local_*id_to*id functionsSimo Sorce1-229/+42
reverted user making function, did not pass the abartlet test :-) idmap is now fully integrated, we only miss user creation and removal of uid and gid from SAM_ACCOUNT (This used to be commit 67af8c26586c4829166795813a373bf9be27b753)
2003-04-19fixesSimo Sorce1-0/+2
fix debug, add "idmap" string to the list of classes fix idmap, check init failures, and enhance debugging fix idmap_tdb, _do_ init uid and gid low,high states (too bad I missed that before) fix smbd/uid.c, use gid_t for gids and uid_t for uids (This used to be commit bc95de4ebb014080bc70173e7df94c672cea8df6)
2003-04-02THE Idmap patch :-)Simo Sorce1-2/+120
includes a --with-idmap=no switch to disable idmap usage if you find problems. cosmetic fixes and param aliases to separate winbind from idamp roles. A temporarily remote idmap winbind compatibility backend. As I have time I will further change code to not call directly winbind (partly done but not tested) and a specilized module will be built in place for the current glue hack. The patch has been tested locally in my limited time, the patch is simple and clear and should not reserve problems, if any just disable it. As usual, comments and fisex are welcome :-) Simo. (This used to be commit 02781320476ed1b7ee5d943fa36f9a66ab67f208)
2003-03-27local_gid_to_sid() could use pdb_ldap, which for now requires ROOT.Andrew Bartlett1-0/+2
(This used to be commit a51ce67e322f91a56acb9e358ee8b2254b2e7792)
2003-02-19Fix inspired by Stefan (metze) Metzmacher - cache the sidtype also.Jeremy Allison1-19/+27
Jeremy. (This used to be commit 634f20dff63d255c317f9dcc9f4caf4e8e79123c)
2003-02-17This patch fixes one of my longest-standing pet hates with Samba :-).Andrew Bartlett1-2/+2
When we look see if a user is in a list, and we try to 'expand' an @group, we should lookup the user's own list of groups, rather than looking for all the members of a group. I'm sure this will fix some nasty performance issues, particularly on large domains etc. In particular, this avoids contacting winbind at all, if the group is not a winbind group. (This caused a deadlock on my winbind-on-PDC setup). The groups list always includes the user's primary group, as per the getgrouplist manpage, and my recent changes to our implementation. Andrew Bartlett (This used to be commit 9be21976f7662ebe6eb92fff7cecbdb352eca334)
2003-02-12Added code based on Michael Steffens <michael.steffens@hp.com> uid/gidJeremy Allison1-1/+205
caching code. Reduces load on winbindd. Probably should be moved to use gencache at some future date. Jeremy. (This used to be commit 19f577e23ba3dd9101fb3e77a729906fdb8f5df7)
2002-11-12Removed global_myworkgroup, global_myname, global_myscope. Added liberalJeremy Allison1-4/+2
dashes of const. This is a rather large check-in, some things may break. It does compile though :-). Jeremy. (This used to be commit 82b8f749a36b42e22186297482aad2abb04fab8a)
2002-10-29Fix a nice little memory leak in our uid changing code.Andrew Bartlett1-0/+2
Andrew Bartlett (This used to be commit 5c4967c70dfab78733ef21e3a5eaf252a5958613)
2002-10-23First cut of new ACL mapping code from Andreas Gruenbacher <agruen@suse.de>.Jeremy Allison1-1/+1
This is not 100% the same as what SuSE shipped in their Samba, there is a crash bug fix, a race condition fix, and a few logic changes I'd like to discuss with Andreas. Added Andreas to (C) notices for posix_acls.c Jeremy. (This used to be commit a81d700ae9c82d4b7ea631ab7862162a2ed3d512)
2002-08-22Ensure we don't change to a user that we can't get an NT_TOKEN for.Andrew Bartlett1-0/+4
(This used to be commit 9416289b571b1c838239e5342bb6148041ab681b)
2002-08-20Based orginally by work by Kai, this patch moves our NT_TOKEN generation intoAndrew Bartlett1-18/+20
our authenticaion code - removing some of the duplication from the current code. This also gets us *much* closer to supporting a real SAM backend, becouse the SAM can give us the right info then. This also changes our service.c code, so that we do a VUID (rather than uid) cache on the connection struct, and do full NT ACL/NT_TOKEN checks (or cached equivilant) on every packet, for the same r or rw mode the whole share was open for. Andrew Bartlett (This used to be commit d8122cee059fc7098bfa7e42e638a9958b3ac902)
2002-08-16Add some const to the 'in' paramaters for these functions.Andrew Bartlett1-2/+2
Andrew Bartlett (This used to be commit 23f332178526877e9670515eb7c614b81fca21a9)
2002-07-31fix debug, at idra's suggestion.Andrew Bartlett1-1/+1
Andrew Bartlett (This used to be commit bc17b91c2f1a1df58614b67bff94f228be6b9bb2)
2002-07-30Update a pile of Samba's SID lookup code to ensure:Andrew Bartlett1-35/+39
- That we never call winbind recursivly - That we never use an 'algorithmic' RID when we have a fixed uid or gid mapping in either the passdb or the group mapping db. Also, remove restrictions that say 'this domain only'. If we have a mapping configured, allow it to be returned. If we later decide certian mappings are invalid, then we sould put that in the code that actually does the map. Allow 'sid->name' transtations on the fixed 'well known' groups for NT, even if they are not represented by Unix groups yet. Andrew Bartlett (This used to be commit d5bafb224337e393420c2ce9c0a787405314713c)
2002-07-24We must be root to access the passdb, so ensure all calls to local_lookup_sid()Andrew Bartlett1-1/+5
have become_root()/unbecome_root() wrappers. (this should be the last of them, the rest were done ages ago). Andrew Bartlett (This used to be commit 83360b211a7e834306d3e549c18bc41576534417)
2002-07-07Updates to the 'name -> sid' code:Andrew Bartlett1-3/+3
Correct the 'none mapped' behaviour, (so that it matches Win2k) and add a function to make the SID types appear as text strings in logs/rpcclient. Also, remove a silly case that would cause 'failure' to be 'success'. (Might look at this a bit more in future). Andrew Bartlett (This used to be commit c20d057f8821d13d3de61b319de44db23773516b)
2002-06-07Globally replace 'global_sam_sid' with get_global_sam_sid(), a selfAndrew Bartlett1-2/+2
initialising function. This patch thanks to the work of "Stefan (metze) Metzmacher" <metze@metzemix.de> This is partly to enable the transition to SIDs in the the passdb. Andrew Bartlett (This used to be commit 96afea638e15d4cbadc57023a511094a770c6adc)
2002-04-13Better handling of uid/gid -> RID and RID -> uid/gid code.Andrew Bartlett1-2/+3
All uids and gids must create valid RIDs, becouse other code expects this, and can't handle the failure case. (ACL code in particular) Allow admins to adjust the base of the RID algorithm, so avoid clashes with users brought in from NT (for example). Put all the algorithm code back in one place, so that this change is global. Better coping with NULL sid pointers - but it still breaks a lot of stuff. BONUS: manpage entry for new paramater :-) counter based rids for normal users in tdbsam is disabled for the timebeing, idra and I will work out some things here soon I hope. Andrew Bartlett (This used to be commit 5275c94cdf0c64f347d4282f47088d084b1a7ea5)
2002-04-11Much better support for both non-algorithic RIDs (where the RID is stored inAndrew Bartlett1-5/+15
the passdb) and RIDs not in the passdb, due to being NIS users etc. The main fix here is to add become_root()/unbecome_root() at critical places. This (finally) fixes the bug where you could not see local users's names in a file's security properties as non-root. Tested. The similar bug in uid_to_sid is also fixed, but is not (yet) Tested. Andrew Bartlett (This used to be commit 79327a305e20d78ab5ca21d01c39b5f49dc0d632)
2002-03-13if we know that the SID is local then don't try via winbinddAndrew Tridgell1-0/+5
(This used to be commit 1a8f3ba3ab7717c481e3fb4f1ea8938461160d09)
2002-03-13fixed mapping of SIDs for local usersAndrew Tridgell1-1/+1
(This used to be commit df9e345366078ccaa94df7c2f2e33b292605e88a)
2002-03-05Fixed compiler warning about unused variables.Tim Potter1-5/+5
(This used to be commit 7bb0dda8ee1d61a0e8448070f1a71fcd13be5d40)
2002-02-27this allows us to support foreign SIDs in winbindd and smbdAndrew Tridgell1-2/+13
this means "xcopy /o" has a chance of working with ACLs that contain ACEs that use SIDs that the Samba server has no knowledge of. It's a bit hackish, Tim, can you look at my uid.c changes? (This used to be commit fe2db3148587937aa7b674c1c99036d42a3776b3)
2002-01-30Removed version number from file header.Tim Potter1-2/+1
Changed "SMB/Netbios" to "SMB/CIFS" in file header. (This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-26 - Provide sid->name lookup support for non-unix accounts.Andrew Bartlett1-36/+33
- Rework the name -> sid lookup function to always try local lookup first (for local domain names) before trying winbind. This seems to eliminate my winbind feedback loop problems. (I don't use winbind for nsswitch, where there are almost certainly further issues). Andrew Bartlett (This used to be commit 25cadce67bc8effd4248ab993ae78e1d8511d994)
2002-01-26Rework lookup_name() to take seperate username/domain args, and to removeAndrew Bartlett1-31/+24
varioius crazy 'if winbind didn't find it' cases. This makes winbind default domain support easier to intergrate with smbd. (This used to be commit 3e71521957d579f00249679de837490aca5ba92f)
2002-01-20This patch makes the 'winbind use default domain' code interact better withAndrew Bartlett1-1/+1
smbd, and also makes it much cleaner inside winbindd. It is mostly my code, with a few changes and testing performed by Alexander Bokovoy <a.bokovoy@sam-solutions.net>. ab has tested it in security=domain and security=ads, but more testing is always appricatiated. The idea is that we no longer cart around a 'domain\user' string, we keep them seperate until the last moment - when we push that string into a pwent on onto the socket. This removes the need to be constantly parsing that string - the domain prefix is almost always already provided, (only a couple of functions actually changed arguments in all this). Some consequential changes to the RPC client code, to stop it concatonating the two strings (it now passes them both back as params). I havn't changed the cache code, however the usernames will no longer have a double domain prefix in the key string. The actual structures are unchanged - but the meaning of 'username' in the 'rid' will have changed. (The cache is invalidated at startup, so on-disk formats are not an issue here). Andrew Bartlett (This used to be commit e870f0e727952aeb8599cf93ad2650ae56eca033)
2002-01-17A nice *big* change to the fundemental way we do things.Andrew Bartlett1-9/+4
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps them around for a long time - often past the next call... This adds a getpwnam_alloc and a getpwuid_alloc to the collection. These function as expected, returning a malloced structure that can be free()ed with passwd_free(&passwd). This patch also cuts down on the number of calls to getpwnam - mostly by taking advantage of the fact that the passdb interface is already case-insensiteve. With this patch most of the recursive cases have been removed (that I know of) and the problems are reduced further by not using the sys_ interface in the new code. This means that pointers to the cache won't be affected. (This is a tempoary HACK, I intend to kill the password cache entirly). The only change I'm a little worried about is the change to rpc_server/srv_samr_nt.c for private groups. In this case we are getting groups from the new group mapping DB. Do we still need to check for private groups? I've toned down the check to a case sensitve match with the new code, but we might be able to kill it entirly. I've also added a make_modifyable_passwd() function, that copies a passwd struct into the form that the old sys_getpw* code provided. As far as I can tell this is only actually used in the pass_check.c crazies, where I moved the final 'special case' for shadow passwords (out of _Get_Pwnam()). The matching case for getpwent() is dealt with already, in lib/util_getent.c Also included in here is a small change to register the [homes] share at vuid creation rather than just in one varient of the session setup. (This picks up the SPNEGO cases). The home directory is now stored on the vuid, and I am hoping this might provide a saner way to do %H substitions. TODO: Kill off remaining Get_Pwnam_Modify calls (they are not needed), change the remaining sys_getpwnam() callers to use getpwnam_alloc() and move Get_Pwnam to return an allocated struct. Andrew Bartlett (This used to be commit 1d86c7f94230bc53daebd4d2cd829da6292e05da)
2001-12-04added a boolean to the group mapping functions to specify if we need orJean-François Micouleau1-1/+1
not the privileges. Usually we don't need them, so the memory is free early. lib/util_sid.c: added some helper functions to check an SID. passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass an RID all the way. If the group doesn't exist on the domain SID, don't return a faked one as it can collide with a builtin one. Some rpc structures have been badly designed, they return only rids and force the client to do subsequent lsa_lookup_sid() on the domain sid and the builtin sid ! rpc_server/srv_util.c: wrote a new version of get_domain_user_groups(). Only the samr code uses it atm. It uses the group mapping code instead of a bloody hard coded crap. The netlogon code will use it too, but I have to do some test first. J.F. (This used to be commit 6c87e96149101995b7d049657d5c26eefef37d8c)
2001-12-04Moved name_is_local to the correct place. Ooops.Jeremy Allison1-10/+0
Jeremy. (This used to be commit 708c0a8d16ca86439e451def5f8d37f600ff15f1)
2001-12-04Tidyup of lib/username. Add name_is_local fn to determine if name isJeremy Allison1-0/+10
winbindd. Getting ready for efficiency fix in group lookups. Jeremy. (This used to be commit 8d41dfd149625e8ac53ab5e90a96e9a2daf9a629)
2001-11-28space -> tab.Jeremy Allison1-24/+20
Jeremy. (This used to be commit c7dd0364f2b084d9a372ac885fd788bbb5113125)
2001-11-26Another merge from appliance-head: in [ug]id_to_sid don't call theTim Potter1-14/+30
winbind function if the id is obviously going to be local. Cleanup of winbind [ug]id parameter handling. (This used to be commit 4ab9ca31a02b3388aa89a00e0390ea9e4c76283a)
2001-11-09This change updates lp_guestaccount() to be a *global* paramater, rather thanAndrew Bartlett1-1/+1
per-share. I beleive that almost all the things that this could have done on a per-share basis can be done with other tools, like 'force user'. Almost all the user's of this paramater used it as a global anyway... While this is one step at a time, I hope it will allow me to considerably simplfy the make_connection() code, particularly for the user-level security case. This already removes an absolute truckload of extra attempted password lookups on the guest account. Andrew Bartlett (This used to be commit 8e708332eded210c1d1fe0cebca3c9c19f054b71)
2001-11-08Fixed incorrect debug message. )-:Tim Potter1-1/+1
(This used to be commit a99d9cec7e090736ab49c91720cfd2b43e2a6f00)
2001-11-03Added NT_USER_TOKEN into server_info to fix extra groups problem.Jeremy Allison1-1/+70
Got "medieval on our ass" about const warnings (as many as I could :-). Jeremy. (This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
2001-10-29This commit is number 3 of 4.Andrew Bartlett1-1/+1
In particular this commit focuses on: Changing the Get_Pwnam code so that it can work in a const-enforced environment. While these changes have been mildly tested, and are pretty small, any assistance in this is appreciated. ---- These changes allow for 'const' in the Samba tree. There are a number of good reasons to do this: - I want to allow the SAM_ACCOUNT structure to move from wasteful pstrings and fstrings to allocated strings. We can't do that if people are modifying these outputs, as they may well make assumptions about getting pstrings and fstrings - I want --with-pam_smbpass to compile with a slightly sane volume of warnings, currently its pretty bad, even in 2.2 where is compiles at all. - Tridge assures me that he no longer opposes 'const religion' based on the ability to #define const the problem away. - Changed Get_Pwnam(x,y) into two variants (so that the const parameter can work correctly): - Get_Pwnam(const x) and Get_Pwnam_Modify(x). - Reworked smbd/chgpasswd.c to work with these mods, passing around a 'struct passwd' rather than the modified username (This used to be commit e7634f81c5116ff4addfb7e495f54b6bb78e8f77)
2001-10-19client : Fixed error return.Jeremy Allison1-1/+1
uid.c: Added missing void. Jeremy. (This used to be commit c2e06ed2219860479868fd1ac18013ae4f891e10)
2001-10-18Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.Jeremy Allison1-20/+122
Ensure make_conection() can only be called as root. Jeremy. (This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
2001-10-12fixed compiler warning.Tim Potter1-1/+1
(This used to be commit 2d5b0f7ad865f92668954f87fd3b116a7abffa10)