From a1fb9f217659b0954ba0966f917de5276f86c85f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Sat, 19 Apr 2003 05:53:55 +0000 Subject: Merging smbgroupedit into 'net groupmap'. Not entirely done. Need to check on where the privilege code is sitting and update the docs. Examples: root# bin/net help groupmap net groupmap add Create a new group mapping net groupmap modify Update a group mapping net groupmap delete Remove a group mapping net groupmap list List current group map # bin/net groupmap add Usage: net groupmap add rid= name= type= [comment=] # bin/net groupmap delete Usage: net groupmap delete name= # bin/net groupmap modify Usage: net groupmap modify name= [comment=] [type= (This used to be commit f2fd0ab41ffbc0355db95529b6bda1b21aa4860a) --- source3/utils/net_groupmap.c | 419 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 419 insertions(+) create mode 100644 source3/utils/net_groupmap.c (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c new file mode 100644 index 0000000000..df49b7c219 --- /dev/null +++ b/source3/utils/net_groupmap.c @@ -0,0 +1,419 @@ +/* + * Unix SMB/CIFS implementation. + * RPC Pipe client / server routines + * Copyright (C) Andrew Tridgell 1992-2000, + * Copyright (C) Jean François Micouleau 1998-2001. + * Copyright (C) Gerald Carter 2003. + * + * This program is free software; you can redistribute it and/or modify + * it under the terms of the GNU General Public License as published by + * the Free Software Foundation; either version 2 of the License, or + * (at your option) any later version. + * + * This program is distributed in the hope that it will be useful, + * but WITHOUT ANY WARRANTY; without even the implied warranty of + * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + * GNU General Public License for more details. + * + * You should have received a copy of the GNU General Public License + * along with this program; if not, write to the Free Software + * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + */ + + +#include "includes.h" +#include "../utils/net.h" + + +/********************************************************* + utility function to parse an integer parameter from + "parameter = value" +**********************************************************/ +static uint32 get_int_param( const char* param ) +{ + char *p; + + p = strchr( param, '=' ); + if ( !p ) + return 0; + + return atoi(p+1); +} + +/********************************************************* + utility function to parse an integer parameter from + "parameter = value" +**********************************************************/ +static char* get_string_param( const char* param ) +{ + char *p; + + p = strchr( param, '=' ); + if ( !p ) + return NULL; + + return (p+1); +} + +/********************************************************* + Figure out if the input was an NT group or a SID string. + Return the SID. +**********************************************************/ +static BOOL get_sid_from_input(DOM_SID *sid, char *input) +{ + GROUP_MAP map; + + if (StrnCaseCmp( input, "S-", 2)) { + /* Perhaps its the NT group name? */ + if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) { + printf("NT Group %s doesn't exist in mapping DB\n", input); + return False; + } else { + *sid = map.sid; + } + } else { + if (!string_to_sid(sid, input)) { + printf("converting sid %s from a string failed!\n", input); + return False; + } + } + return True; +} + +/********************************************************* + Dump a GROUP_MAP entry to stdout (long or short listing) +**********************************************************/ + +static void print_map_entry ( GROUP_MAP map, BOOL long_list ) +{ + fstring string_sid; + fstring group_type; + fstring priv_text; + + decode_sid_name_use(group_type, map.sid_name_use); + sid_to_string(string_sid, &map.sid); + convert_priv_to_text(&(map.priv_set), priv_text); + + if (!long_list) + d_printf("%s (%s) -> %s\n", map.nt_name, string_sid, gidtoname(map.gid)); + else { + d_printf("%s\n", map.nt_name); + d_printf("\tSID : %s\n", string_sid); + d_printf("\tUnix group: %s\n", gidtoname(map.gid)); + d_printf("\tGroup type: %s\n", group_type); + d_printf("\tComment : %s\n", map.comment); + d_printf("\tPrivilege : %s\n\n", priv_text); + } + +} +/********************************************************* + List the groups. +**********************************************************/ +int net_groupmap_list(int argc, const char **argv) +{ + int entries; + BOOL long_list = False; + int i; + fstring ntgroup = ""; + + /* get the options */ + for ( i=0; i name= type= [comment=]\n"); + return -1; + } + + sid_copy(&sid, get_global_sam_sid()); + sid_append_rid(&sid, rid); + sid_to_string(string_sid, &sid); + + if (ntcomment[0]) + fstrcpy(ntcomment, "Local Unix group"); + + if ( !(gid = nametogid(ntgroup)) ) { + d_printf("Can't lookup UNIX group %s\n", ntgroup); + return -1; + } + + init_privilege(&se_priv); +#if 0 + if (privilege!=NULL) + convert_priv_from_text(&se_priv, privilege); +#endif + + if (!add_initial_entry(gid, string_sid, sid_type, ntgroup, + ntcomment, se_priv, PR_ACCESS_FROM_NETWORK) ) { + d_printf("adding entry for group %s failed!\n", ntgroup); + return -1; + } + + free_privilege(&se_priv); + + d_printf("Successully added group %s to the mapping db\n", ntgroup); + return 0; +} + +int net_groupmap_modify(int argc, const char **argv) +{ + DOM_SID sid; + GROUP_MAP map; + fstring ntcomment = ""; + fstring type = ""; + fstring ntgroup = ""; + enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; + int i; + + /* get the options */ + for ( i=0; i [comment=] [type=\n"); + return -1; + } + + if (!get_sid_from_input(&sid, ntgroup)) { + return -1; + } + + /* Get the current mapping from the database */ + if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) { + d_printf("Failure to local group SID in the database\n"); + return -1; + } + + /* + * Allow changing of group type only between domain and local + * We disallow changing Builtin groups !!! (SID problem) + */ + if (sid_type==SID_NAME_ALIAS + || sid_type==SID_NAME_DOM_GRP + || sid_type==SID_NAME_UNKNOWN) + { + if (map.sid_name_use==SID_NAME_ALIAS + || map.sid_name_use==SID_NAME_DOM_GRP + || map.sid_name_use==SID_NAME_UNKNOWN) + { + map.sid_name_use=sid_type; + } else { + printf("cannot change group type to builtin\n"); + }; + } else { + printf("cannot change group type from builtin\n"); + } + + /* Change comment if new one */ + if ( ntcomment[0] ) + fstrcpy( map.comment, ntcomment ); + +#if 0 + /* Change the privilege if new one */ + if (privilege!=NULL) + convert_priv_from_text(&map.priv_set, privilege); +#endif + + if ( !pdb_update_group_mapping_entry(&map) ) { + d_printf("Could not update group database\n"); + free_privilege(&map.priv_set); + return -1; + } + + free_privilege(&map.priv_set); + + d_printf("Updated mapping entry for %s\n", ntgroup); + + return 0; +} + +int net_groupmap_delete(int argc, const char **argv) +{ + DOM_SID sid; + fstring ntgroup = ""; + int i; + + /* get the options */ + for ( i=0; i\n"); + return -1; + } + + if ( !get_sid_from_input(&sid, ntgroup) ) { + d_printf("Unable to resolve group %s to a SID\n", ntgroup); + return -1; + } + + if ( !pdb_delete_group_mapping_entry(sid) ) { + printf("Failed to removing group %s from the mapping db!\n", ntgroup); + return -1; + } + + d_printf("Sucessfully removed %s from the mapping db\n", ntgroup); + + return 0; +} + +#if 0 +/********************************************************* + Change a group. +**********************************************************/ +static int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type, char *ntgroup, char *groupdesc, char *privilege) +{ +} +#endif -- cgit From 79d3731d98836e6a502eb21d3d50df381b67600c Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 21 Apr 2003 19:43:25 +0000 Subject: * fix segfault when no vfs objects defined * add "sid=..." to 'net groupmap add' (This used to be commit e5f6676639b5552f7dec90091c53cf14e78088ee) --- source3/utils/net_groupmap.c | 20 +++++++++++++++----- 1 file changed, 15 insertions(+), 5 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index df49b7c219..76c153498a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -200,6 +200,13 @@ int net_groupmap_add(int argc, const char **argv) return -1; } } + else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { + fstrcpy( sid_string, get_string_param( argv[i] ) ); + if ( !sid_string[0] ) { + d_printf("must supply a SID\n"); + return -1; + } + } else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { @@ -230,14 +237,17 @@ int net_groupmap_add(int argc, const char **argv) } } - if ( !ntgroup[0] || !rid || sid_type==SID_NAME_UNKNOWN ) { - d_printf("Usage: net groupmap add rid= name= type= [comment=]\n"); + if ( !ntgroup[0] || (!rid && !sid_string[0]} || sid_type==SID_NAME_UNKNOWN ) { + d_printf("Usage: net groupmap add {rid=|sid=} name=| type= [comment=]\n"); return -1; } - sid_copy(&sid, get_global_sam_sid()); - sid_append_rid(&sid, rid); - sid_to_string(string_sid, &sid); + /* append the rid to our own domain/machine SID if we don't have a full SID */ + if ( !sid_string[0] ) { + sid_copy(&sid, get_global_sam_sid()); + sid_append_rid(&sid, rid); + sid_to_string(string_sid, &sid); + } if (ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); -- cgit From 530dc717321abdc8f9f2f5400009119e5fad613c Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 21 Apr 2003 23:23:24 +0000 Subject: Fixup a few typos for Jerry. Jeremy. (This used to be commit 1e5fe87d75ef4bb9d6af787abc501dcf105c9c6c) --- source3/utils/net_groupmap.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 76c153498a..13b0c4adeb 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -201,8 +201,8 @@ int net_groupmap_add(int argc, const char **argv) } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { - fstrcpy( sid_string, get_string_param( argv[i] ) ); - if ( !sid_string[0] ) { + fstrcpy( string_sid, get_string_param( argv[i] ) ); + if ( !string_sid[0] ) { d_printf("must supply a SID\n"); return -1; } @@ -237,13 +237,13 @@ int net_groupmap_add(int argc, const char **argv) } } - if ( !ntgroup[0] || (!rid && !sid_string[0]} || sid_type==SID_NAME_UNKNOWN ) { + if ( !ntgroup[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { d_printf("Usage: net groupmap add {rid=|sid=} name=| type= [comment=]\n"); return -1; } /* append the rid to our own domain/machine SID if we don't have a full SID */ - if ( !sid_string[0] ) { + if ( !string_sid[0] ) { sid_copy(&sid, get_global_sam_sid()); sid_append_rid(&sid, rid); sid_to_string(string_sid, &sid); -- cgit From 3996f116c7d08f4624c923ae1868f5c1bcd8a2b2 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 22 Apr 2003 02:52:15 +0000 Subject: removing some ifdef'd out code (This used to be commit 43942398af7e7589fcf8534099eccf277f6e4295) --- source3/utils/net_groupmap.c | 8 -------- 1 file changed, 8 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 13b0c4adeb..a9f47172fe 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -419,11 +419,3 @@ int net_groupmap_delete(int argc, const char **argv) return 0; } -#if 0 -/********************************************************* - Change a group. -**********************************************************/ -static int changegroup(char *sid_string, char *group, enum SID_NAME_USE sid_type, char *ntgroup, char *groupdesc, char *privilege) -{ -} -#endif -- cgit From cbdb436e2147fe2215439305ab226048e1ae9b0e Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 22 Apr 2003 05:14:21 +0000 Subject: support referencing group by sid in all operations; allow group name to be changed (This used to be commit b6ccdb8f7b72eed4c4248db43fefa09b6f084852) --- source3/utils/net_groupmap.c | 73 ++++++++++++++++++++++++++++++++++++-------- 1 file changed, 60 insertions(+), 13 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a9f47172fe..3cb132c2f9 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -176,6 +176,7 @@ int net_groupmap_add(int argc, const char **argv) PRIVILEGE_SET se_priv; DOM_SID sid; fstring ntgroup = ""; + fstring unixgrp = ""; fstring string_sid = ""; fstring type = ""; fstring ntcomment = ""; @@ -193,7 +194,14 @@ int net_groupmap_add(int argc, const char **argv) return -1; } } - else if ( !StrnCaseCmp(argv[i], "name", strlen("name")) ) { + else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { + fstrcpy( unixgrp, get_string_param( argv[i] ) ); + if ( !unixgrp[0] ) { + d_printf("must supply a name\n"); + return -1; + } + } + else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_printf("must supply a name\n"); @@ -237,8 +245,8 @@ int net_groupmap_add(int argc, const char **argv) } } - if ( !ntgroup[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { - d_printf("Usage: net groupmap add {rid=|sid=} name=| type= [comment=]\n"); + if ( !unixgrp[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { + d_printf("Usage: net groupmap add {rid=|sid=} unixgroup= type= [ntgroup=] [comment=]\n"); return -1; } @@ -252,11 +260,15 @@ int net_groupmap_add(int argc, const char **argv) if (ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); - if ( !(gid = nametogid(ntgroup)) ) { + if ( !(gid = nametogid(unixgrp)) ) { d_printf("Can't lookup UNIX group %s\n", ntgroup); return -1; } + if ( !ntgroup[0] ) + fstrcpy( ntgroup, unixgrp ); + + init_privilege(&se_priv); #if 0 if (privilege!=NULL) @@ -282,18 +294,26 @@ int net_groupmap_modify(int argc, const char **argv) fstring ntcomment = ""; fstring type = ""; fstring ntgroup = ""; + fstring sid_string = ""; enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; int i; /* get the options */ for ( i=0; i [comment=] [type=\n"); + if ( !ntgroup[0] && !sid_string[0] ) { + d_printf("Usage: net groupmap modify {ntgroup=|sid=} [comment=] [type=\n"); return -1; } - - if (!get_sid_from_input(&sid, ntgroup)) { - return -1; + + /* give preference to the SID; if both the ntgroup name and SID + are defined, use the SID and assume that the group name could be a + new name */ + + if ( sid_string[0] ) { + if (!get_sid_from_input(&sid, sid_string)) { + return -1; + } } + else { + if (!get_sid_from_input(&sid, ntgroup)) { + return -1; + } + } /* Get the current mapping from the database */ if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) { @@ -358,6 +389,9 @@ int net_groupmap_modify(int argc, const char **argv) /* Change comment if new one */ if ( ntcomment[0] ) fstrcpy( map.comment, ntcomment ); + + if ( ntgroup[0] ) + fstrcpy( map.nt_name, ntgroup ); #if 0 /* Change the privilege if new one */ @@ -382,28 +416,41 @@ int net_groupmap_delete(int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; + fstring sid_string = ""; int i; /* get the options */ for ( i=0; i\n"); + if ( !ntgroup[0] && !sid_string[0]) { + d_printf("Usage: net groupmap delete {ntgroup=|sid=}\n"); return -1; } + /* give preference to the SID if we have that */ + + if ( sid_string[0] ) + fstrcpy( ntgroup, sid_string ); + if ( !get_sid_from_input(&sid, ntgroup) ) { d_printf("Unable to resolve group %s to a SID\n", ntgroup); return -1; -- cgit From 9465f4b2c42131088b99beb3625c5d1bc45210d8 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 22 Apr 2003 05:57:49 +0000 Subject: default new groups to domain groups (This used to be commit 665d21b8656bf85f9b372b44ff1f4af414551e5a) --- source3/utils/net_groupmap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 3cb132c2f9..2436fffc6d 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -180,7 +180,7 @@ int net_groupmap_add(int argc, const char **argv) fstring string_sid = ""; fstring type = ""; fstring ntcomment = ""; - enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; + enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP; uint32 rid = 0; gid_t gid; int i; @@ -245,8 +245,8 @@ int net_groupmap_add(int argc, const char **argv) } } - if ( !unixgrp[0] || (!rid && !string_sid[0]) || sid_type==SID_NAME_UNKNOWN ) { - d_printf("Usage: net groupmap add {rid=|sid=} unixgroup= type= [ntgroup=] [comment=]\n"); + if ( !unixgrp[0] || (!rid && !string_sid[0]) ) { + d_printf("Usage: net groupmap add {rid=|sid=} unixgroup= [type=] [ntgroup=] [comment=]\n"); return -1; } -- cgit From 651ff45e8d7cba0a6aead787a94d81ae3a693206 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 22 Apr 2003 18:03:55 +0000 Subject: don't reset the group type unless specified (This used to be commit 541f40a144461ca139ac53837d3f31ce6972d18c) --- source3/utils/net_groupmap.c | 22 ++++++++-------------- 1 file changed, 8 insertions(+), 14 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 2436fffc6d..63e69fa7cf 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -370,20 +370,14 @@ int net_groupmap_modify(int argc, const char **argv) * Allow changing of group type only between domain and local * We disallow changing Builtin groups !!! (SID problem) */ - if (sid_type==SID_NAME_ALIAS - || sid_type==SID_NAME_DOM_GRP - || sid_type==SID_NAME_UNKNOWN) - { - if (map.sid_name_use==SID_NAME_ALIAS - || map.sid_name_use==SID_NAME_DOM_GRP - || map.sid_name_use==SID_NAME_UNKNOWN) - { - map.sid_name_use=sid_type; - } else { - printf("cannot change group type to builtin\n"); - }; - } else { - printf("cannot change group type from builtin\n"); + if ( sid_type != SID_NAME_UNKNOWN ) + { + if ( map.sid_name_use == SID_NAME_WKN_GRP ) { + d_printf("You can only change between domain and local groups.\n"); + return -1; + } + + map.sid_name_use=sid_type; } /* Change comment if new one */ -- cgit From cfe53bd06623eb3f718b5978b0b3c2a24461e8f4 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 23 Apr 2003 00:34:31 +0000 Subject: allow the unix group in a mapping to be changed; doesn't work with LDAP right now but should be ok with tdb's (This used to be commit fdacad185c4f78958d56bccbd69a0f2628f1b792) --- source3/utils/net_groupmap.c | 22 +++++++++++++++++++++- 1 file changed, 21 insertions(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 63e69fa7cf..2b88183f22 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -294,9 +294,11 @@ int net_groupmap_modify(int argc, const char **argv) fstring ntcomment = ""; fstring type = ""; fstring ntgroup = ""; + fstring unixgrp = ""; fstring sid_string = ""; enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; int i; + gid_t gid; /* get the options */ for ( i=0; i|sid=} [comment=] [type=\n"); + d_printf("Usage: net groupmap modify {ntgroup=|sid=} [comment=] [unixgroup=] [type=]\n"); return -1; } @@ -386,6 +395,17 @@ int net_groupmap_modify(int argc, const char **argv) if ( ntgroup[0] ) fstrcpy( map.nt_name, ntgroup ); + + if ( unixgrp[0] ) { + gid = nametogid( unixgrp ); + if ( gid == -1 ) { + d_printf("Unable to lookup UNIX group %s. Make sure the group exists.\n", + unixgrp); + return -1; + } + + map.gid = gid; + } #if 0 /* Change the privilege if new one */ -- cgit From 9530bbe2add93cd4e7f40cf38e374c64d30a735f Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Thu, 24 Apr 2003 16:47:32 +0000 Subject: groupmap delet should take a name or a SID (This used to be commit d9277bd06401cb040390739ae730c8991736c886) --- source3/utils/net_groupmap.c | 15 +++++++++++++-- 1 file changed, 13 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 2b88183f22..aaefda2e5c 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -115,19 +115,27 @@ int net_groupmap_list(int argc, const char **argv) BOOL long_list = False; int i; fstring ntgroup = ""; + fstring sid_string = ""; /* get the options */ for ( i=0; i Date: Fri, 25 Apr 2003 02:26:23 +0000 Subject: fix and if () that should be an 'else if()' (This used to be commit 82f024723c5312fe2b6a57915de8e78c96f80ef0) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index aaefda2e5c..f4cd8c13a6 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -453,7 +453,7 @@ int net_groupmap_delete(int argc, const char **argv) return -1; } } - if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { + else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { d_printf("must supply a SID\n"); -- cgit From 5ffd33df94855b57dd3a04e2fd6bbf10f3bf0e89 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 15 May 2003 17:23:35 +0000 Subject: Patch from "Alex Deiter" to fix incorrect error check. Jeremy. (This used to be commit 43ca4b8a8425b97a6bea08b91420bac6cde807b3) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index f4cd8c13a6..905fdf6287 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -271,7 +271,7 @@ int net_groupmap_add(int argc, const char **argv) if (ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); - if ( !(gid = nametogid(unixgrp)) ) { + if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { d_printf("Can't lookup UNIX group %s\n", ntgroup); return -1; } -- cgit From 75a5c0b307a79536316b651273d3f6983323f5ce Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Wed, 18 Jun 2003 15:24:10 +0000 Subject: Ok, this patch removes the privilege stuff we had in, unused, for some time. The code was nice, but put in the wrong place (group mapping) and not supported by most of the code, thus useless. We will put back most of the code when our infrastructure will be changed so that privileges actually really make sense to be set. This is a first patch of a set to enhance all our mapping code cleaness and stability towards a sane next beta for 3.0 code base Simo. (This used to be commit e341e7c49f8c17a9ee30ca3fab3aa0397c1f0c7e) --- source3/utils/net_groupmap.c | 39 +++++++-------------------------------- 1 file changed, 7 insertions(+), 32 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 905fdf6287..fd6e4aef59 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -65,7 +65,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) if (StrnCaseCmp( input, "S-", 2)) { /* Perhaps its the NT group name? */ - if (!pdb_getgrnam(&map, input, MAPPING_WITHOUT_PRIV)) { + if (!pdb_getgrnam(&map, input)) { printf("NT Group %s doesn't exist in mapping DB\n", input); return False; } else { @@ -88,11 +88,9 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) { fstring string_sid; fstring group_type; - fstring priv_text; decode_sid_name_use(group_type, map.sid_name_use); sid_to_string(string_sid, &map.sid); - convert_priv_to_text(&(map.priv_set), priv_text); if (!long_list) d_printf("%s (%s) -> %s\n", map.nt_name, string_sid, gidtoname(map.gid)); @@ -102,7 +100,6 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) d_printf("\tUnix group: %s\n", gidtoname(map.gid)); d_printf("\tGroup type: %s\n", group_type); d_printf("\tComment : %s\n", map.comment); - d_printf("\tPrivilege : %s\n\n", priv_text); } } @@ -155,23 +152,21 @@ int net_groupmap_list(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, sid, MAPPING_WITH_PRIV)) { + if(!pdb_getgrsid(&map, sid)) { d_printf("Failure to local group SID in the database\n"); return -1; } print_map_entry( map, long_list ); - free_privilege(&(map.priv_set)); } else { GROUP_MAP *map=NULL; /* enumerate all group mappings */ - if ( !pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED, MAPPING_WITH_PRIV) ) + if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) return -1; for (i=0; i Date: Sat, 21 Jun 2003 08:35:30 +0000 Subject: This removes the StrCaseCmp() stuff from 'net idmap' and 'net groupmap'. The correct way to implement this stuff is via a function table, as exampled in all the other parts of 'net'. This also moves the idmap code into a new file. Volker, is this your code? You might want to put your name on it. Andrew Bartlett (This used to be commit 477f2d9e390bb18d4f08d1cac9c981b73d628c4f) --- source3/utils/net_groupmap.c | 50 ++++++++++++++++++++++++++++++++++++++++---- 1 file changed, 46 insertions(+), 4 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index fd6e4aef59..c9c37a68c2 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -106,7 +106,7 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) /********************************************************* List the groups. **********************************************************/ -int net_groupmap_list(int argc, const char **argv) +static int net_groupmap_list(int argc, const char **argv) { int entries; BOOL long_list = False; @@ -177,7 +177,7 @@ int net_groupmap_list(int argc, const char **argv) Add a new group mapping entry **********************************************************/ -int net_groupmap_add(int argc, const char **argv) +static int net_groupmap_add(int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; @@ -283,7 +283,7 @@ int net_groupmap_add(int argc, const char **argv) return 0; } -int net_groupmap_modify(int argc, const char **argv) +static int net_groupmap_modify(int argc, const char **argv) { DOM_SID sid; GROUP_MAP map; @@ -412,7 +412,7 @@ int net_groupmap_modify(int argc, const char **argv) return 0; } -int net_groupmap_delete(int argc, const char **argv) +static int net_groupmap_delete(int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; @@ -466,3 +466,45 @@ int net_groupmap_delete(int argc, const char **argv) return 0; } +int net_help_groupmap(int argc, const char **argv) +{ + d_printf("net groupmap add"\ + "\n Create a new group mapping\n"); + d_printf("net groupmap modify"\ + "\n Update a group mapping\n"); + d_printf("net groupmap delete"\ + "\n Remove a group mapping\n"); + d_printf("net groupmap list"\ + "\n List current group map\n"); + + return -1; +} + + +/*********************************************************** + migrated functionality from smbgroupedit + **********************************************************/ +int net_groupmap(int argc, const char **argv) +{ + /* we shouldn't have silly checks like this */ + if (getuid() != 0) { + d_printf("You must be root to edit group mappings.\nExiting...\n"); + return -1; + } + + struct functable func[] = { + {"add", net_groupmap_add}, + {"modify", net_groupmap_modify}, + {"delete", net_groupmap_delete}, + {"list", net_groupmap_list}, + {"help", net_help_groupmap}, + {NULL, NULL} + }; + + return net_run_function(argc, argv, func, net_help_groupmap); + if ( 0 == argc ) + return net_help_groupmap( argc, argv ); + + return net_help_groupmap( argc, argv ); +} + -- cgit From 4830a878455fe0e525aa3bd2a59e55d1f30bddad Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Sat, 21 Jun 2003 23:35:12 +0000 Subject: (fixing bug in my last commit) This isn't C++ - start your code *after* all the variables are declared... Andrew Bartlett (This used to be commit b7760faedc2181538ffc325e727808e6df8f943f) --- source3/utils/net_groupmap.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index c9c37a68c2..590a005e17 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -486,12 +486,6 @@ int net_help_groupmap(int argc, const char **argv) **********************************************************/ int net_groupmap(int argc, const char **argv) { - /* we shouldn't have silly checks like this */ - if (getuid() != 0) { - d_printf("You must be root to edit group mappings.\nExiting...\n"); - return -1; - } - struct functable func[] = { {"add", net_groupmap_add}, {"modify", net_groupmap_modify}, @@ -501,6 +495,12 @@ int net_groupmap(int argc, const char **argv) {NULL, NULL} }; + /* we shouldn't have silly checks like this */ + if (getuid() != 0) { + d_printf("You must be root to edit group mappings.\nExiting...\n"); + return -1; + } + return net_run_function(argc, argv, func, net_help_groupmap); if ( 0 == argc ) return net_help_groupmap( argc, argv ); -- cgit From c9d6c786a1a1d1b33141cbd47984ec0a374fef46 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 15 Jul 2003 17:27:39 +0000 Subject: Fix memleak (This used to be commit 517bb4d0df4cd120ef0ffc3cd879897971f0982e) --- source3/utils/net_groupmap.c | 2 ++ 1 file changed, 2 insertions(+) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 590a005e17..8831839e4e 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -168,6 +168,8 @@ static int net_groupmap_list(int argc, const char **argv) for (i=0; i Date: Wed, 6 Aug 2003 09:24:11 +0000 Subject: When doing 'net groupmap add', default to algorithmic mapping for the rid. Volker (This used to be commit 7ce94d39add6e056e3b1deea21bf0438ba61e4cc) --- source3/utils/net_groupmap.c | 17 +++++++++++------ 1 file changed, 11 insertions(+), 6 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 8831839e4e..a50628a7c3 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -252,11 +252,21 @@ static int net_groupmap_add(int argc, const char **argv) } } - if ( !unixgrp[0] || (!rid && !string_sid[0]) ) { + if ( !unixgrp[0] ) { d_printf("Usage: net groupmap add {rid=|sid=} unixgroup= [type=] [ntgroup=] [comment=]\n"); return -1; } + if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { + d_printf("Can't lookup UNIX group %s\n", ntgroup); + return -1; + } + + if ( (rid == 0) || (string_sid[0] == '\0') ) { + d_printf("No rid or sid specified, choosing algorithmic mapping\n"); + rid = pdb_gid_to_group_rid(gid); + } + /* append the rid to our own domain/machine SID if we don't have a full SID */ if ( !string_sid[0] ) { sid_copy(&sid, get_global_sam_sid()); @@ -267,11 +277,6 @@ static int net_groupmap_add(int argc, const char **argv) if (ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); - if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { - d_printf("Can't lookup UNIX group %s\n", ntgroup); - return -1; - } - if ( !ntgroup[0] ) fstrcpy( ntgroup, unixgrp ); -- cgit From db5355cb3acce0e265a003846b82679625df8202 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 15 Aug 2003 01:55:06 +0000 Subject: Don't ask, it's too embarrassing :-) Actually let the user explicitly specify a rid... Volker (This used to be commit 3aed9c8a4ac97ef55772ddae1e1cb0a5a1a15767) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a50628a7c3..9937145230 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -262,7 +262,7 @@ static int net_groupmap_add(int argc, const char **argv) return -1; } - if ( (rid == 0) || (string_sid[0] == '\0') ) { + if ( (rid == 0) && (string_sid[0] == '\0') ) { d_printf("No rid or sid specified, choosing algorithmic mapping\n"); rid = pdb_gid_to_group_rid(gid); } -- cgit From 5cf58a1b982ba48521942842dd21cca2ca02f4d0 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 11 Sep 2003 01:57:08 +0000 Subject: Fix error message when calling namedtogid() fails adding a group map entry. Bug #431. (This used to be commit bc8a181477866d0d97324bf45431bcdff895ad18) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 9937145230..f99876bbd8 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -258,7 +258,7 @@ static int net_groupmap_add(int argc, const char **argv) } if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { - d_printf("Can't lookup UNIX group %s\n", ntgroup); + d_printf("Can't lookup UNIX group %s\n", unixgrp); return -1; } -- cgit From 2c21d31c92aeed99016d609a2e8e736016fdd9c7 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 15 Sep 2003 21:27:36 +0000 Subject: Fix from gregory@networksentry.co.za, don't clobber the comment if it exists. Jeremy. (This used to be commit c8bfde5be9f0a3603f7333ff4266ad19c20cb9f9) --- source3/utils/net_groupmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index f99876bbd8..323f4afbc3 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -274,10 +274,10 @@ static int net_groupmap_add(int argc, const char **argv) sid_to_string(string_sid, &sid); } - if (ntcomment[0]) + if (!ntcomment[0]) fstrcpy(ntcomment, "Local Unix group"); - if ( !ntgroup[0] ) + if (!ntgroup[0] ) fstrcpy( ntgroup, unixgrp ); -- cgit From 88c95aa7351c6037cb9f92a2c67d96d6fef91377 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Mon, 22 Sep 2003 17:53:59 +0000 Subject: fix some warnings found by the Sun C compiler (This used to be commit e1fac713e25692a5790c3261ba323732930f5249) --- source3/utils/net_groupmap.c | 5 ++--- 1 file changed, 2 insertions(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 323f4afbc3..06a8daa775 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -508,9 +508,8 @@ int net_groupmap(int argc, const char **argv) return -1; } - return net_run_function(argc, argv, func, net_help_groupmap); - if ( 0 == argc ) - return net_help_groupmap( argc, argv ); + if ( argc ) + return net_run_function(argc, argv, func, net_help_groupmap); return net_help_groupmap( argc, argv ); } -- cgit From f570f879bbcef275d55a29a0d82ec91ddb31d6c9 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 16 Feb 2004 14:04:56 +0000 Subject: Fix success message for net groupmap modify Volker (This used to be commit 19b30334a7c0f6abde6dfc81550e50aa823117c2) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 06a8daa775..416f42507d 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -414,7 +414,7 @@ static int net_groupmap_modify(int argc, const char **argv) return -1; } - d_printf("Updated mapping entry for %s\n", ntgroup); + d_printf("Updated mapping entry for %s\n", map.nt_name); return 0; } -- cgit From d9819ec090bb533b79a257daa3461045c2422c05 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 26 Feb 2004 11:29:56 +0000 Subject: Implement 'net groupmap set' and 'net groupmap cleanup'. I was rather annoyed by the net groupmap syntax, I could never get it right. net groupmap set "domain admins" domadm creates a mapping, net groupmap set "domain admins" -C "Comment" -N "newntname" should also do what you expect. I'd like to have some feedback on the usability of this. net groupmap cleanup solves a problem I've had two times now: Our SID changed, and a user's primary group was mapped to a SID that is not ours. net groupmap cleanup removes all mappings that are not from our domain sid. Volker (This used to be commit eb4d4faff8c14e999f414ca5b6e8c25a558859c8) --- source3/utils/net_groupmap.c | 141 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 141 insertions(+) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 416f42507d..2b487ef17b 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -473,6 +473,141 @@ static int net_groupmap_delete(int argc, const char **argv) return 0; } +static int net_groupmap_set(int argc, const char **argv) +{ + const char *ntgroup = NULL; + struct group *grp = NULL; + GROUP_MAP map; + BOOL have_map = False; + + if ((argc < 1) || (argc > 2)) { + d_printf("Usage: net groupmap set \"NT Group\" " + "[\"unix group\"] [-C \"comment\"] [-L] [-D]\n"); + return -1; + } + + if ( opt_localgroup && opt_domaingroup ) { + d_printf("Can only specify -L or -D, not both\n"); + return -1; + } + + ntgroup = argv[0]; + + if (argc == 2) { + grp = getgrnam(argv[1]); + + if (grp == NULL) { + d_printf("Could not find unix group %s\n", argv[1]); + return -1; + } + } + + have_map = pdb_getgrnam(&map, ntgroup); + + if (!have_map) { + DOM_SID sid; + have_map = ( (strncmp(ntgroup, "S-", 2) == 0) && + string_to_sid(&sid, ntgroup) && + pdb_getgrsid(&map, sid) ); + } + + if (!have_map) { + + /* Ok, add it */ + + if (grp == NULL) { + d_printf("Could not find group mapping for %s\n", + ntgroup); + return -1; + } + + map.gid = grp->gr_gid; + + if (opt_rid == 0) { + opt_rid = pdb_gid_to_group_rid(map.gid); + } + + sid_copy(&map.sid, get_global_sam_sid()); + sid_append_rid(&map.sid, opt_rid); + + map.sid_name_use = SID_NAME_DOM_GRP; + fstrcpy(map.nt_name, ntgroup); + fstrcpy(map.comment, ""); + + if (!pdb_add_group_mapping_entry(&map)) { + d_printf("Could not add mapping entry for %s\n", + ntgroup); + return -1; + } + } + + /* Now we have a mapping entry, update that stuff */ + + if ( opt_localgroup || opt_domaingroup ) { + if (map.sid_name_use == SID_NAME_WKN_GRP) { + d_printf("Can't change type of the BUILTIN group %s\n", + map.nt_name); + return -1; + } + } + + if (opt_localgroup) + map.sid_name_use = SID_NAME_ALIAS; + + if (opt_domaingroup) + map.sid_name_use = SID_NAME_DOM_GRP; + + /* The case (opt_domaingroup && opt_localgroup) was tested for above */ + + if (strlen(opt_comment) > 0) + fstrcpy(map.comment, opt_comment); + + if (strlen(opt_newntname) > 0) + fstrcpy(map.nt_name, opt_newntname); + + if (grp != NULL) + map.gid = grp->gr_gid; + + if (!pdb_update_group_mapping_entry(&map)) { + d_printf("Could not update group mapping for %s\n", ntgroup); + return -1; + } + + return 0; +} + +static int net_groupmap_cleanup(int argc, const char **argv) +{ + GROUP_MAP *map = NULL; + int i, entries; + + if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, + ENUM_ALL_MAPPED)) { + d_printf("Could not list group mappings\n"); + return -1; + } + + for (i=0; i Date: Wed, 7 Apr 2004 12:43:44 +0000 Subject: r116: volker's patch for local group and group nesting (This used to be commit b393469d9581f20e4d4c52633b952ee984cca36f) --- source3/utils/net_groupmap.c | 108 +++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 108 insertions(+) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 2b487ef17b..a3a13e1dd8 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -608,6 +608,102 @@ static int net_groupmap_cleanup(int argc, const char **argv) return 0; } +static int net_groupmap_addmem(int argc, const char **argv) +{ + DOM_SID alias, member; + + if ( (argc != 2) || + !string_to_sid(&alias, argv[0]) || + !string_to_sid(&member, argv[1]) ) { + d_printf("Usage: net groupmap addmem alias-sid member-sid\n"); + return -1; + } + + if (!pdb_add_aliasmem(&alias, &member)) { + d_printf("Could not add sid %s to alias %s\n", + argv[1], argv[0]); + return -1; + } + + return 0; +} + +static int net_groupmap_delmem(int argc, const char **argv) +{ + DOM_SID alias, member; + + if ( (argc != 2) || + !string_to_sid(&alias, argv[0]) || + !string_to_sid(&member, argv[1]) ) { + d_printf("Usage: net groupmap delmem alias-sid member-sid\n"); + return -1; + } + + if (!pdb_del_aliasmem(&alias, &member)) { + d_printf("Could not delete sid %s from alias %s\n", + argv[1], argv[0]); + return -1; + } + + return 0; +} + +static int net_groupmap_listmem(int argc, const char **argv) +{ + DOM_SID alias; + DOM_SID *members; + int i, num; + NTSTATUS result; + + if ( (argc != 1) || + !string_to_sid(&alias, argv[0]) ) { + d_printf("Usage: net groupmap listmem alias-sid\n"); + return -1; + } + + if (!pdb_enum_aliasmem(&alias, &members, &num)) { + d_printf("Could not list members for sid %s: %s\n", + argv[0], nt_errstr(result)); + return -1; + } + + for (i = 0; i < num; i++) { + printf("%s\n", sid_string_static(&(members[i]))); + } + + SAFE_FREE(members); + + return 0; +} + +static int net_groupmap_memberships(int argc, const char **argv) +{ + DOM_SID member; + DOM_SID *aliases; + int i, num; + NTSTATUS result; + + if ( (argc != 1) || + !string_to_sid(&member, argv[0]) ) { + d_printf("Usage: net groupmap memberof sid\n"); + return -1; + } + + if (!pdb_enum_alias_memberships(&member, &aliases, &num)) { + d_printf("Could not list memberships for sid %s: %s\n", + argv[0], nt_errstr(result)); + return -1; + } + + for (i = 0; i < num; i++) { + printf("%s\n", sid_string_static(&(aliases[i]))); + } + + SAFE_FREE(aliases); + + return 0; +} + int net_help_groupmap(int argc, const char **argv) { d_printf("net groupmap add"\ @@ -616,6 +712,14 @@ int net_help_groupmap(int argc, const char **argv) "\n Update a group mapping\n"); d_printf("net groupmap delete"\ "\n Remove a group mapping\n"); + d_printf("net groupmap addmember"\ + "\n Add a foreign alias member\n"); + d_printf("net groupmap delmember"\ + "\n Delete a foreign alias member\n"); + d_printf("net groupmap listmembers"\ + "\n List foreign group members\n"); + d_printf("net groupmap memberships"\ + "\n List foreign group memberships\n"); d_printf("net groupmap list"\ "\n List current group map\n"); d_printf("net groupmap set"\ @@ -638,6 +742,10 @@ int net_groupmap(int argc, const char **argv) {"delete", net_groupmap_delete}, {"set", net_groupmap_set}, {"cleanup", net_groupmap_cleanup}, + {"addmem", net_groupmap_addmem}, + {"delmem", net_groupmap_delmem}, + {"listmem", net_groupmap_listmem}, + {"memberships", net_groupmap_memberships}, {"list", net_groupmap_list}, {"help", net_help_groupmap}, {NULL, NULL} -- cgit From 23f1b04b90278e3a7a425b3d8c4ef9e6cc065d89 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Wed, 11 Aug 2004 09:32:32 +0000 Subject: r1720: Show correct help for net groupmap commands. Guenther (This used to be commit 3677c6a8f67628d5bea0764f84e624730d57b423) --- source3/utils/net_groupmap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a3a13e1dd8..0ad1d51953 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -712,11 +712,11 @@ int net_help_groupmap(int argc, const char **argv) "\n Update a group mapping\n"); d_printf("net groupmap delete"\ "\n Remove a group mapping\n"); - d_printf("net groupmap addmember"\ + d_printf("net groupmap addmem"\ "\n Add a foreign alias member\n"); - d_printf("net groupmap delmember"\ + d_printf("net groupmap delmem"\ "\n Delete a foreign alias member\n"); - d_printf("net groupmap listmembers"\ + d_printf("net groupmap listmem"\ "\n List foreign group members\n"); d_printf("net groupmap memberships"\ "\n List foreign group memberships\n"); -- cgit From b4cf9e95059071df49b34ff8574e48cb96f42da1 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 7 Oct 2004 04:01:18 +0000 Subject: r2835: Since we always have -I. and -I$(srcdir) in CFLAGS, we can get rid of '..' from all #include preprocessor commands. This fixes bugzilla #1880 where OpenVMS gets confused about the '.' characters. (This used to be commit 7f161702fa4916979602cc0295919b541912acd6) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 0ad1d51953..3431196b1e 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -22,7 +22,7 @@ #include "includes.h" -#include "../utils/net.h" +#include "utils/net.h" /********************************************************* -- cgit From 154d5f913b4ce60f731227eb1bb3650c45fcde93 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Fri, 5 Nov 2004 23:34:00 +0000 Subject: r3566: Completely replace the queryuseraliases call. The previous implementation does not exactly match what you would expect. XP workstations during login actually do this, so we should better become a bit more correct. The LDAP query issued is not really fully optimal, but it is a lot faster and more correct than what was there before. The change in passdb.h makes it possible that queryuseraliases is done with a single ldap query. Volker (This used to be commit 2508d4ed1e16c268fc9f3676b0c6a122e070f93d) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 3431196b1e..b2d96041dc 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -689,7 +689,7 @@ static int net_groupmap_memberships(int argc, const char **argv) return -1; } - if (!pdb_enum_alias_memberships(&member, &aliases, &num)) { + if (!pdb_enum_alias_memberships(&member, 1, &aliases, &num)) { d_printf("Could not list memberships for sid %s: %s\n", argv[0], nt_errstr(result)); return -1; -- cgit From 2da4456df9509d710a5e08d28ea009c72e572c1a Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Mon, 20 Dec 2004 11:05:54 +0000 Subject: r4285: Allow -v or -l for displaying verbose groupmap-listing as well as "verbose". Guenther (This used to be commit 0760d07b4c6f15489bea2f0fb4f1b0084bd62301) --- source3/utils/net_groupmap.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index b2d96041dc..c6391a65fe 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -113,6 +113,9 @@ static int net_groupmap_list(int argc, const char **argv) int i; fstring ntgroup = ""; fstring sid_string = ""; + + if (opt_verbose || opt_long_list_entries) + long_list = True; /* get the options */ for ( i=0; i Date: Fri, 4 Feb 2005 22:27:14 +0000 Subject: r5234: Do not use the "Local Unix Group"-default description for all kinds of group-mappings. Guenther (This used to be commit 2556e6570ec8074bb67827f95eb365800c5c9827) --- source3/utils/net_groupmap.c | 18 ++++++++++++++++-- 1 file changed, 16 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index c6391a65fe..158c006d1c 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -277,8 +277,22 @@ static int net_groupmap_add(int argc, const char **argv) sid_to_string(string_sid, &sid); } - if (!ntcomment[0]) - fstrcpy(ntcomment, "Local Unix group"); + if (!ntcomment[0]) { + switch (sid_type) { + case SID_NAME_WKN_GRP: + fstrcpy(ntcomment, "Wellknown Unix group"); + break; + case SID_NAME_DOM_GRP: + fstrcpy(ntcomment, "Domain Unix group"); + break; + case SID_NAME_ALIAS: + fstrcpy(ntcomment, "Local Unix group"); + break; + default: + fstrcpy(ntcomment, "Unix group"); + break; + } + } if (!ntgroup[0] ) fstrcpy( ntgroup, unixgrp ); -- cgit From eeefe8cf5e2303863ea63d1487042082cdfc2778 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Mon, 21 Mar 2005 16:11:44 +0000 Subject: r5918: Fix typo. (This used to be commit 0d38d5f610a280a29617f887329d9084f0be6203) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 158c006d1c..a63e8176f8 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -303,7 +303,7 @@ static int net_groupmap_add(int argc, const char **argv) return -1; } - d_printf("Successully added group %s to the mapping db\n", ntgroup); + d_printf("Successfully added group %s to the mapping db\n", ntgroup); return 0; } -- cgit From e84ead0cfdc5e45a577387cc54dceb4c3f32948a Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 27 Mar 2005 16:33:04 +0000 Subject: r6080: Port some of the non-critical changes from HEAD to 3_0. The main one is the change in pdb_enum_alias_memberships to match samr.idl a bit closer. Volker (This used to be commit 3a6786516957d9f67af6d53a3167c88aa272972f) --- source3/utils/net_groupmap.c | 52 +++++++++++++++++++++++++++++++++++--------- 1 file changed, 42 insertions(+), 10 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a63e8176f8..b20a37c726 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -693,12 +693,37 @@ static int net_groupmap_listmem(int argc, const char **argv) return 0; } +static BOOL print_alias_memberships(TALLOC_CTX *mem_ctx, + const DOM_SID *domain_sid, + const DOM_SID *member) +{ + uint32 *alias_rids; + int i, num_alias_rids; + + alias_rids = NULL; + num_alias_rids = 0; + + if (!pdb_enum_alias_memberships(mem_ctx, domain_sid, member, 1, + &alias_rids, &num_alias_rids)) { + d_printf("Could not list memberships for sid %s\n", + sid_string_static(member)); + return False; + } + + for (i = 0; i < num_alias_rids; i++) { + DOM_SID alias; + sid_copy(&alias, domain_sid); + sid_append_rid(&alias, alias_rids[i]); + printf("%s\n", sid_string_static(&alias)); + } + + return True; +} + static int net_groupmap_memberships(int argc, const char **argv) { - DOM_SID member; - DOM_SID *aliases; - int i, num; - NTSTATUS result; + TALLOC_CTX *mem_ctx; + DOM_SID *domain_sid, *builtin_sid, member; if ( (argc != 1) || !string_to_sid(&member, argv[0]) ) { @@ -706,17 +731,24 @@ static int net_groupmap_memberships(int argc, const char **argv) return -1; } - if (!pdb_enum_alias_memberships(&member, 1, &aliases, &num)) { - d_printf("Could not list memberships for sid %s: %s\n", - argv[0], nt_errstr(result)); + mem_ctx = talloc_init("net_groupmap_memberships"); + if (mem_ctx == NULL) { + d_printf("talloc_init failed\n"); return -1; } - for (i = 0; i < num; i++) { - printf("%s\n", sid_string_static(&(aliases[i]))); + domain_sid = get_global_sam_sid(); + builtin_sid = string_sid_talloc(mem_ctx, "S-1-5-32"); + if ((domain_sid == NULL) || (builtin_sid == NULL)) { + d_printf("Could not get domain sid\n"); + return -1; } - SAFE_FREE(aliases); + if (!print_alias_memberships(mem_ctx, domain_sid, &member) || + !print_alias_memberships(mem_ctx, builtin_sid, &member)) + return -1; + + talloc_destroy(mem_ctx); return 0; } -- cgit From 5d5d596206e08be5bb159d9a474dc0b10e07b169 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 10 May 2005 12:21:02 +0000 Subject: r6706: * fix bug that prevented smbclient from creating directories on non-dfs paths * add patch from James Peach to remove use of uninitialized variables (This used to be commit c71f20f1ae5ccfd49cf81af0299c96fe27351222) --- source3/utils/net_groupmap.c | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index b20a37c726..9aae620f6e 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -670,7 +670,6 @@ static int net_groupmap_listmem(int argc, const char **argv) DOM_SID alias; DOM_SID *members; int i, num; - NTSTATUS result; if ( (argc != 1) || !string_to_sid(&alias, argv[0]) ) { @@ -679,8 +678,7 @@ static int net_groupmap_listmem(int argc, const char **argv) } if (!pdb_enum_aliasmem(&alias, &members, &num)) { - d_printf("Could not list members for sid %s: %s\n", - argv[0], nt_errstr(result)); + d_printf("Could not list members for sid %s\n", argv[0]); return -1; } -- cgit From f24d88cf9da46680d52b42b92bd484e7b09ce99b Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Tue, 31 May 2005 13:46:45 +0000 Subject: r7139: trying to reduce the number of diffs between trunk and 3.0; changing version to 3.0.20pre1 (This used to be commit 9727d05241574042dd3aa8844ae5c701d22e2da1) --- source3/utils/net_groupmap.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 9aae620f6e..b08673b2bb 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -3,7 +3,8 @@ * RPC Pipe client / server routines * Copyright (C) Andrew Tridgell 1992-2000, * Copyright (C) Jean François Micouleau 1998-2001. - * Copyright (C) Gerald Carter 2003. + * Copyright (C) Gerald Carter 2003, + * Copyright (C) Volker Lendecke 2004 * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by -- cgit From 8d7c88667190fe286971ac4fffb64ee5bd9eeeb0 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 18 Oct 2005 03:24:00 +0000 Subject: r11137: Compile with only 2 warnings (I'm still working on that code) on a gcc4 x86_64 box. Jeremy. (This used to be commit d720867a788c735e56d53d63265255830ec21208) --- source3/utils/net_groupmap.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index b08673b2bb..12c3c79ef4 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -109,9 +109,9 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) **********************************************************/ static int net_groupmap_list(int argc, const char **argv) { - int entries; + size_t entries; BOOL long_list = False; - int i; + size_t i; fstring ntgroup = ""; fstring sid_string = ""; @@ -597,7 +597,7 @@ static int net_groupmap_set(int argc, const char **argv) static int net_groupmap_cleanup(int argc, const char **argv) { GROUP_MAP *map = NULL; - int i, entries; + size_t i, entries; if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) { @@ -670,7 +670,7 @@ static int net_groupmap_listmem(int argc, const char **argv) { DOM_SID alias; DOM_SID *members; - int i, num; + size_t i, num; if ( (argc != 1) || !string_to_sid(&alias, argv[0]) ) { @@ -697,7 +697,7 @@ static BOOL print_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *member) { uint32 *alias_rids; - int i, num_alias_rids; + size_t i, num_alias_rids; alias_rids = NULL; num_alias_rids = 0; -- cgit From ab51c18cc9a3273c5d8ca11d97882e6ca2266d00 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Thu, 8 Dec 2005 15:34:38 +0000 Subject: r12129: Fix uninitialized variables. Volker (This used to be commit 8a7d6eb2c081c0d74b62aa76dc243946df62ced2) --- source3/utils/net_groupmap.c | 3 +++ 1 file changed, 3 insertions(+) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 12c3c79ef4..9e897d8efc 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -678,6 +678,9 @@ static int net_groupmap_listmem(int argc, const char **argv) return -1; } + members = NULL; + num = 0; + if (!pdb_enum_aliasmem(&alias, &members, &num)) { d_printf("Could not list members for sid %s\n", argv[0]); return -1; -- cgit From 4d03fc55df2a3253f5b5b3086264439b6a174340 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 Dec 2005 16:55:28 +0000 Subject: r12182: Cosmetic cleanup (This used to be commit 81c358b511457fbc6304845acb4bfbf1b4adf062) --- source3/utils/net_groupmap.c | 14 +++++--------- 1 file changed, 5 insertions(+), 9 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 9e897d8efc..f12668a85a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -87,19 +87,15 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) static void print_map_entry ( GROUP_MAP map, BOOL long_list ) { - fstring string_sid; - fstring group_type; - - decode_sid_name_use(group_type, map.sid_name_use); - sid_to_string(string_sid, &map.sid); - if (!long_list) - d_printf("%s (%s) -> %s\n", map.nt_name, string_sid, gidtoname(map.gid)); + d_printf("%s (%s) -> %s\n", map.nt_name, + sid_string_static(&map.sid), gidtoname(map.gid)); else { d_printf("%s\n", map.nt_name); - d_printf("\tSID : %s\n", string_sid); + d_printf("\tSID : %s\n", sid_string_static(&map.sid)); d_printf("\tUnix group: %s\n", gidtoname(map.gid)); - d_printf("\tGroup type: %s\n", group_type); + d_printf("\tGroup type: %s\n", + decode_sid_name_use(map.sid_name_use)); d_printf("\tComment : %s\n", map.comment); } -- cgit From db6eea0fb4fe1665120306689ace3fa2f8b9dea7 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sun, 11 Dec 2005 21:59:58 +0000 Subject: r12185: Cosmetic cleanup (This used to be commit d1e8f9afffecf986a428bfac29b22dcbce610016) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index f12668a85a..89bad6ea51 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -95,7 +95,7 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) d_printf("\tSID : %s\n", sid_string_static(&map.sid)); d_printf("\tUnix group: %s\n", gidtoname(map.gid)); d_printf("\tGroup type: %s\n", - decode_sid_name_use(map.sid_name_use)); + sid_type_lookup(map.sid_name_use)); d_printf("\tComment : %s\n", map.comment); } -- cgit From c42be9fd38556a1cc2e16c8d763a592beb863806 Mon Sep 17 00:00:00 2001 From: Lars Müller Date: Tue, 17 Jan 2006 21:22:00 +0000 Subject: r12986: Use d_fprintf(stderr, ...) for any error message in net. All 'usage' messages are still printed to stdout. Fix some compiler warnings for system() calls where we didn't used the return code. Add appropriate error messages and return with the error code we got from system() or NT_STATUS_UNSUCCESSFUL. (This used to be commit f650e3bdafc4c6bcd7eb4bcf8b6b885b979919eb) --- source3/utils/net_groupmap.c | 78 ++++++++++++++++++++++---------------------- 1 file changed, 39 insertions(+), 39 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 89bad6ea51..1cff120c39 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -122,19 +122,19 @@ static int net_groupmap_list(int argc, const char **argv) else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { - d_printf("must supply a SID\n"); + d_fprintf(stderr, "must supply a SID\n"); return -1; } } else { - d_printf("Bad option: %s\n", argv[i]); + d_fprintf(stderr, "Bad option: %s\n", argv[i]); return -1; } } @@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv) /* Get the current mapping from the database */ if(!pdb_getgrsid(&map, sid)) { - d_printf("Failure to local group SID in the database\n"); + d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -197,35 +197,35 @@ static int net_groupmap_add(int argc, const char **argv) if ( !StrnCaseCmp(argv[i], "rid", strlen("rid")) ) { rid = get_int_param(argv[i]); if ( rid < DOMAIN_GROUP_RID_ADMINS ) { - d_printf("RID must be greater than %d\n", (uint32)DOMAIN_GROUP_RID_ADMINS-1); + d_fprintf(stderr, "RID must be greater than %d\n", (uint32)DOMAIN_GROUP_RID_ADMINS-1); return -1; } } else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { fstrcpy( unixgrp, get_string_param( argv[i] ) ); if ( !unixgrp[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( string_sid, get_string_param( argv[i] ) ); if ( !string_sid[0] ) { - d_printf("must supply a SID\n"); + d_fprintf(stderr, "must supply a SID\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { - d_printf("must supply a comment string\n"); + d_fprintf(stderr, "must supply a comment string\n"); return -1; } } @@ -247,7 +247,7 @@ static int net_groupmap_add(int argc, const char **argv) } } else { - d_printf("Bad option: %s\n", argv[i]); + d_fprintf(stderr, "Bad option: %s\n", argv[i]); return -1; } } @@ -258,7 +258,7 @@ static int net_groupmap_add(int argc, const char **argv) } if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { - d_printf("Can't lookup UNIX group %s\n", unixgrp); + d_fprintf(stderr, "Can't lookup UNIX group %s\n", unixgrp); return -1; } @@ -296,7 +296,7 @@ static int net_groupmap_add(int argc, const char **argv) if (!add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment)) { - d_printf("adding entry for group %s failed!\n", ntgroup); + d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup); return -1; } @@ -322,28 +322,28 @@ static int net_groupmap_modify(int argc, const char **argv) if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { - d_printf("must supply a comment string\n"); + d_fprintf(stderr, "must supply a comment string\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { fstrcpy( unixgrp, get_string_param( argv[i] ) ); if ( !unixgrp[0] ) { - d_printf("must supply a group name\n"); + d_fprintf(stderr, "must supply a group name\n"); return -1; } } @@ -361,7 +361,7 @@ static int net_groupmap_modify(int argc, const char **argv) } } else { - d_printf("Bad option: %s\n", argv[i]); + d_fprintf(stderr, "Bad option: %s\n", argv[i]); return -1; } } @@ -388,7 +388,7 @@ static int net_groupmap_modify(int argc, const char **argv) /* Get the current mapping from the database */ if(!pdb_getgrsid(&map, sid)) { - d_printf("Failure to local group SID in the database\n"); + d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -398,7 +398,7 @@ static int net_groupmap_modify(int argc, const char **argv) */ if (sid_type != SID_NAME_UNKNOWN) { if (map.sid_name_use == SID_NAME_WKN_GRP) { - d_printf("You can only change between domain and local groups.\n"); + d_fprintf(stderr, "You can only change between domain and local groups.\n"); return -1; } @@ -415,7 +415,7 @@ static int net_groupmap_modify(int argc, const char **argv) if ( unixgrp[0] ) { gid = nametogid( unixgrp ); if ( gid == -1 ) { - d_printf("Unable to lookup UNIX group %s. Make sure the group exists.\n", + d_fprintf(stderr, "Unable to lookup UNIX group %s. Make sure the group exists.\n", unixgrp); return -1; } @@ -424,7 +424,7 @@ static int net_groupmap_modify(int argc, const char **argv) } if ( !pdb_update_group_mapping_entry(&map) ) { - d_printf("Could not update group database\n"); + d_fprintf(stderr, "Could not update group database\n"); return -1; } @@ -445,19 +445,19 @@ static int net_groupmap_delete(int argc, const char **argv) if ( !StrnCaseCmp(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { - d_printf("must supply a name\n"); + d_fprintf(stderr, "must supply a name\n"); return -1; } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { - d_printf("must supply a SID\n"); + d_fprintf(stderr, "must supply a SID\n"); return -1; } } else { - d_printf("Bad option: %s\n", argv[i]); + d_fprintf(stderr, "Bad option: %s\n", argv[i]); return -1; } } @@ -473,12 +473,12 @@ static int net_groupmap_delete(int argc, const char **argv) fstrcpy( ntgroup, sid_string ); if ( !get_sid_from_input(&sid, ntgroup) ) { - d_printf("Unable to resolve group %s to a SID\n", ntgroup); + d_fprintf(stderr, "Unable to resolve group %s to a SID\n", ntgroup); return -1; } if ( !pdb_delete_group_mapping_entry(sid) ) { - printf("Failed to removing group %s from the mapping db!\n", ntgroup); + d_fprintf(stderr, "Failed to removing group %s from the mapping db!\n", ntgroup); return -1; } @@ -511,7 +511,7 @@ static int net_groupmap_set(int argc, const char **argv) grp = getgrnam(argv[1]); if (grp == NULL) { - d_printf("Could not find unix group %s\n", argv[1]); + d_fprintf(stderr, "Could not find unix group %s\n", argv[1]); return -1; } } @@ -530,7 +530,7 @@ static int net_groupmap_set(int argc, const char **argv) /* Ok, add it */ if (grp == NULL) { - d_printf("Could not find group mapping for %s\n", + d_fprintf(stderr, "Could not find group mapping for %s\n", ntgroup); return -1; } @@ -549,7 +549,7 @@ static int net_groupmap_set(int argc, const char **argv) fstrcpy(map.comment, ""); if (!pdb_add_group_mapping_entry(&map)) { - d_printf("Could not add mapping entry for %s\n", + d_fprintf(stderr, "Could not add mapping entry for %s\n", ntgroup); return -1; } @@ -559,7 +559,7 @@ static int net_groupmap_set(int argc, const char **argv) if ( opt_localgroup || opt_domaingroup ) { if (map.sid_name_use == SID_NAME_WKN_GRP) { - d_printf("Can't change type of the BUILTIN group %s\n", + d_fprintf(stderr, "Can't change type of the BUILTIN group %s\n", map.nt_name); return -1; } @@ -583,7 +583,7 @@ static int net_groupmap_set(int argc, const char **argv) map.gid = grp->gr_gid; if (!pdb_update_group_mapping_entry(&map)) { - d_printf("Could not update group mapping for %s\n", ntgroup); + d_fprintf(stderr, "Could not update group mapping for %s\n", ntgroup); return -1; } @@ -597,7 +597,7 @@ static int net_groupmap_cleanup(int argc, const char **argv) if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) { - d_printf("Could not list group mappings\n"); + d_fprintf(stderr, "Could not list group mappings\n"); return -1; } @@ -634,7 +634,7 @@ static int net_groupmap_addmem(int argc, const char **argv) } if (!pdb_add_aliasmem(&alias, &member)) { - d_printf("Could not add sid %s to alias %s\n", + d_fprintf(stderr, "Could not add sid %s to alias %s\n", argv[1], argv[0]); return -1; } @@ -654,7 +654,7 @@ static int net_groupmap_delmem(int argc, const char **argv) } if (!pdb_del_aliasmem(&alias, &member)) { - d_printf("Could not delete sid %s from alias %s\n", + d_fprintf(stderr, "Could not delete sid %s from alias %s\n", argv[1], argv[0]); return -1; } @@ -678,7 +678,7 @@ static int net_groupmap_listmem(int argc, const char **argv) num = 0; if (!pdb_enum_aliasmem(&alias, &members, &num)) { - d_printf("Could not list members for sid %s\n", argv[0]); + d_fprintf(stderr, "Could not list members for sid %s\n", argv[0]); return -1; } @@ -703,7 +703,7 @@ static BOOL print_alias_memberships(TALLOC_CTX *mem_ctx, if (!pdb_enum_alias_memberships(mem_ctx, domain_sid, member, 1, &alias_rids, &num_alias_rids)) { - d_printf("Could not list memberships for sid %s\n", + d_fprintf(stderr, "Could not list memberships for sid %s\n", sid_string_static(member)); return False; } @@ -731,14 +731,14 @@ static int net_groupmap_memberships(int argc, const char **argv) mem_ctx = talloc_init("net_groupmap_memberships"); if (mem_ctx == NULL) { - d_printf("talloc_init failed\n"); + d_fprintf(stderr, "talloc_init failed\n"); return -1; } domain_sid = get_global_sam_sid(); builtin_sid = string_sid_talloc(mem_ctx, "S-1-5-32"); if ((domain_sid == NULL) || (builtin_sid == NULL)) { - d_printf("Could not get domain sid\n"); + d_fprintf(stderr, "Could not get domain sid\n"); return -1; } @@ -800,7 +800,7 @@ int net_groupmap(int argc, const char **argv) /* we shouldn't have silly checks like this */ if (getuid() != 0) { - d_printf("You must be root to edit group mappings.\nExiting...\n"); + d_fprintf(stderr, "You must be root to edit group mappings.\nExiting...\n"); return -1; } -- cgit From 0af1500fc0bafe61019f1b2ab1d9e1d369221240 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 3 Feb 2006 22:19:41 +0000 Subject: r13316: Let the carnage begin.... Sync with trunk as off r13315 (This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f) --- source3/utils/net_groupmap.c | 38 ++++++++++++++++++++++++++++---------- 1 file changed, 28 insertions(+), 10 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 1cff120c39..96a6aa531a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -93,6 +93,7 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) else { d_printf("%s\n", map.nt_name); d_printf("\tSID : %s\n", sid_string_static(&map.sid)); + d_printf("\tUnix gid : %d\n", map.gid); d_printf("\tUnix group: %s\n", gidtoname(map.gid)); d_printf("\tGroup type: %s\n", sid_type_lookup(map.sid_name_use)); @@ -261,10 +262,26 @@ static int net_groupmap_add(int argc, const char **argv) d_fprintf(stderr, "Can't lookup UNIX group %s\n", unixgrp); return -1; } + + { + GROUP_MAP map; + if (pdb_getgrgid(&map, gid)) { + d_printf("Unix group %s already mapped to SID %s\n", + unixgrp, sid_string_static(&map.sid)); + return -1; + } + } if ( (rid == 0) && (string_sid[0] == '\0') ) { - d_printf("No rid or sid specified, choosing algorithmic mapping\n"); - rid = pdb_gid_to_group_rid(gid); + d_printf("No rid or sid specified, choosing a RID\n"); + if (pdb_rid_algorithm()) { + rid = pdb_gid_to_group_rid(gid); + } else { + if (!pdb_new_rid(&rid)) { + d_printf("Could not get new RID\n"); + } + } + d_printf("Got RID %d\n", rid); } /* append the rid to our own domain/machine SID if we don't have a full SID */ @@ -423,7 +440,7 @@ static int net_groupmap_modify(int argc, const char **argv) map.gid = gid; } - if ( !pdb_update_group_mapping_entry(&map) ) { + if ( !NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map)) ) { d_fprintf(stderr, "Could not update group database\n"); return -1; } @@ -548,7 +565,7 @@ static int net_groupmap_set(int argc, const char **argv) fstrcpy(map.nt_name, ntgroup); fstrcpy(map.comment, ""); - if (!pdb_add_group_mapping_entry(&map)) { + if (!NT_STATUS_IS_OK(pdb_add_group_mapping_entry(&map))) { d_fprintf(stderr, "Could not add mapping entry for %s\n", ntgroup); return -1; @@ -582,7 +599,7 @@ static int net_groupmap_set(int argc, const char **argv) if (grp != NULL) map.gid = grp->gr_gid; - if (!pdb_update_group_mapping_entry(&map)) { + if (!NT_STATUS_IS_OK(pdb_update_group_mapping_entry(&map))) { d_fprintf(stderr, "Could not update group mapping for %s\n", ntgroup); return -1; } @@ -633,7 +650,7 @@ static int net_groupmap_addmem(int argc, const char **argv) return -1; } - if (!pdb_add_aliasmem(&alias, &member)) { + if (!NT_STATUS_IS_OK(pdb_add_aliasmem(&alias, &member))) { d_fprintf(stderr, "Could not add sid %s to alias %s\n", argv[1], argv[0]); return -1; @@ -653,7 +670,7 @@ static int net_groupmap_delmem(int argc, const char **argv) return -1; } - if (!pdb_del_aliasmem(&alias, &member)) { + if (!NT_STATUS_IS_OK(pdb_del_aliasmem(&alias, &member))) { d_fprintf(stderr, "Could not delete sid %s from alias %s\n", argv[1], argv[0]); return -1; @@ -677,7 +694,7 @@ static int net_groupmap_listmem(int argc, const char **argv) members = NULL; num = 0; - if (!pdb_enum_aliasmem(&alias, &members, &num)) { + if (!NT_STATUS_IS_OK(pdb_enum_aliasmem(&alias, &members, &num))) { d_fprintf(stderr, "Could not list members for sid %s\n", argv[0]); return -1; } @@ -701,8 +718,9 @@ static BOOL print_alias_memberships(TALLOC_CTX *mem_ctx, alias_rids = NULL; num_alias_rids = 0; - if (!pdb_enum_alias_memberships(mem_ctx, domain_sid, member, 1, - &alias_rids, &num_alias_rids)) { + if (!NT_STATUS_IS_OK(pdb_enum_alias_memberships( + mem_ctx, domain_sid, member, 1, + &alias_rids, &num_alias_rids))) { d_fprintf(stderr, "Could not list memberships for sid %s\n", sid_string_static(member)); return False; -- cgit From 301d51e13a1aa4e633e2da161b0dd260a8a499cd Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 13 Feb 2006 17:08:25 +0000 Subject: r13494: Merge the stuff I've done in head the last days. Volker (This used to be commit bb40e544de68f01a6e774753f508e69373b39899) --- source3/utils/net_groupmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 96a6aa531a..de31ceb1f3 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -312,7 +312,7 @@ static int net_groupmap_add(int argc, const char **argv) fstrcpy( ntgroup, unixgrp ); - if (!add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment)) { + if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) { d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup); return -1; } @@ -494,7 +494,7 @@ static int net_groupmap_delete(int argc, const char **argv) return -1; } - if ( !pdb_delete_group_mapping_entry(sid) ) { + if ( !NT_STATUS_IS_OK(pdb_delete_group_mapping_entry(sid)) ) { d_fprintf(stderr, "Failed to removing group %s from the mapping db!\n", ntgroup); return -1; } -- cgit From 3444017ed3ce97218028e994d6c5eb3ccb209e3a Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Thu, 23 Feb 2006 01:58:27 +0000 Subject: r13648: Duh. (This used to be commit 48cd81074e5a7cbba5892eedd62fff4ce0d826b5) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index de31ceb1f3..fa60fcbd08 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -818,7 +818,7 @@ int net_groupmap(int argc, const char **argv) /* we shouldn't have silly checks like this */ if (getuid() != 0) { - d_fprintf(stderr, "You must be root to edit group mappings.\nExiting...\n"); + d_fprintf(stderr, "You must be root to edit group mappings.\n"); return -1; } -- cgit From 0ce53f8ba5110381ad6f910abe581a69019135b8 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Wed, 15 Mar 2006 00:10:38 +0000 Subject: r14403: * modifies create_local_nt_token() to create a BUILTIN\Administrators group IFF sid_to_gid(S-1-5-32-544) fails and 'winbind nested groups = yes' * Add a SID domain to the group mapping enumeration passdb call to fix the checks for local and builtin groups. The SID can be NULL if you want the old semantics for internal maintenance. I only updated the tdb group mapping code. * remove any group mapping from the tdb that have a gid of -1 for better consistency with pdb_ldap.c. The fixes the problem with calling add_group_map() in the tdb code for unmapped groups which might have had a record present. * Ensure that we distinguish between groups in the BUILTIN and local machine domains via getgrnam() Other wise BUILTIN\Administrators & SERVER\Administrators would resolve to the same gid. * Doesn't strip the global_sam_name() from groups in the local machine's domain (this is required to work with 'winbind default domain' code) Still todo. * Fix fallback Administrators membership for root and domain Admins if nested groups = no or winbindd is not running * issues with "su - user -c 'groups'" command * There are a few outstanding issues with BUILTIN\Users that Windows apparently tends to assume. I worked around this presently with a manual group mapping but I do not think this is a good solution. So I'll probably add some similar as I did for Administrators. (This used to be commit 612979476aef62e8e8eef632fa6be7d30282bb83) --- source3/utils/net_groupmap.c | 7 ++----- 1 file changed, 2 insertions(+), 5 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index fa60fcbd08..a96ac526bf 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -163,7 +163,7 @@ static int net_groupmap_list(int argc, const char **argv) else { GROUP_MAP *map=NULL; /* enumerate all group mappings */ - if (!pdb_enum_group_mapping(SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) + if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) return -1; for (i=0; i Date: Tue, 8 Aug 2006 08:26:40 +0000 Subject: r17451: Change pdb_getgrsid not to take a DOM_SID but a const DOM_SID * as an argument. Volker (This used to be commit 873a5a1211d185fd50e7167d88cbc869f70dfd3f) --- source3/utils/net_groupmap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index a96ac526bf..3865382c92 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, sid)) { + if(!pdb_getgrsid(&map, &sid)) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -404,7 +404,7 @@ static int net_groupmap_modify(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, sid)) { + if(!pdb_getgrsid(&map, &sid)) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -539,7 +539,7 @@ static int net_groupmap_set(int argc, const char **argv) DOM_SID sid; have_map = ( (strncmp(ntgroup, "S-", 2) == 0) && string_to_sid(&sid, ntgroup) && - pdb_getgrsid(&map, sid) ); + pdb_getgrsid(&map, &sid) ); } if (!have_map) { -- cgit From e1e62d89999629d41cc2b66b12eb37ce190d5db0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 8 Aug 2006 19:29:34 +0000 Subject: r17463: A bit of cleanup work: Remove some unused code: pdb_find_alias is not used anymore, and nobody I think has ever used the pdb_nop operations for group mapping. smbpasswd and tdb use the default ones and ldap has its own. Make the functions pdb_getgr* return NTSTATUS instead of BOOL. Nobody right now really makes use of it, but it feels wrong to throw away information so early. Volker (This used to be commit f9856f6490fe44fdba97ea86062237d8c74d4bdc) --- source3/utils/net_groupmap.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 3865382c92..10ea8cce2a 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -66,7 +66,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) if (StrnCaseCmp( input, "S-", 2)) { /* Perhaps its the NT group name? */ - if (!pdb_getgrnam(&map, input)) { + if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) { printf("NT Group %s doesn't exist in mapping DB\n", input); return False; } else { @@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, &sid)) { + if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -265,7 +265,7 @@ static int net_groupmap_add(int argc, const char **argv) { GROUP_MAP map; - if (pdb_getgrgid(&map, gid)) { + if (NT_STATUS_IS_OK(pdb_getgrgid(&map, gid))) { d_printf("Unix group %s already mapped to SID %s\n", unixgrp, sid_string_static(&map.sid)); return -1; @@ -404,7 +404,7 @@ static int net_groupmap_modify(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!pdb_getgrsid(&map, &sid)) { + if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -533,13 +533,13 @@ static int net_groupmap_set(int argc, const char **argv) } } - have_map = pdb_getgrnam(&map, ntgroup); + have_map = NT_STATUS_IS_OK(pdb_getgrnam(&map, ntgroup)); if (!have_map) { DOM_SID sid; have_map = ( (strncmp(ntgroup, "S-", 2) == 0) && string_to_sid(&sid, ntgroup) && - pdb_getgrsid(&map, &sid) ); + NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid)) ); } if (!have_map) { -- cgit From d802774e02ed4a68d61b9fa3b95164221dd50112 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Tue, 8 Aug 2006 20:50:35 +0000 Subject: r17465: Get rid of add_initial_entry. In the two places it was called in it seemed a bit pointless to me. Volker (This used to be commit 244b25ae49d3c635fc54498dbee29f5b649ea1fa) --- source3/utils/net_groupmap.c | 66 ++++++++++++++++++++++---------------------- 1 file changed, 33 insertions(+), 33 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 10ea8cce2a..fc16bb8e49 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -182,16 +182,12 @@ static int net_groupmap_list(int argc, const char **argv) static int net_groupmap_add(int argc, const char **argv) { - DOM_SID sid; - fstring ntgroup = ""; fstring unixgrp = ""; fstring string_sid = ""; fstring type = ""; - fstring ntcomment = ""; - enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP; uint32 rid = 0; - gid_t gid; int i; + GROUP_MAP map; /* get the options */ for ( i=0; i Date: Wed, 9 Aug 2006 15:25:26 +0000 Subject: r17468: To minimize the diff later on, pre-commit some changes independently: Change internal mapping.c functions to return NTSTATUS instead of BOOL. Volker (This used to be commit 4ebfc30a28a6f48613098176c5acdfdafbd2941a) --- source3/utils/net_groupmap.c | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index fc16bb8e49..86bec385e7 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -163,7 +163,7 @@ static int net_groupmap_list(int argc, const char **argv) else { GROUP_MAP *map=NULL; /* enumerate all group mappings */ - if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) + if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))) return -1; for (i=0; i Date: Fri, 11 Aug 2006 18:09:59 +0000 Subject: r17496: net groupmap add could add uninitialized sid_name_type entries to the group mapping db. Ensure this can't happen. Jeremy. (This used to be commit 2ba0d93d53868c8b28dccf91dfa26e86817da511) --- source3/utils/net_groupmap.c | 37 +++++++++++++++++++++++++++---------- 1 file changed, 27 insertions(+), 10 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 86bec385e7..b95e8c65e4 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -188,7 +188,14 @@ static int net_groupmap_add(int argc, const char **argv) uint32 rid = 0; int i; GROUP_MAP map; - + const char *name_type; + + ZERO_STRUCT(map); + + /* Default is domain group. */ + map.sid_name_use = SID_NAME_DOM_GRP; + name_type = "domain group"; + /* get the options */ for ( i=0; i Date: Tue, 15 Aug 2006 14:07:15 +0000 Subject: r17554: Cleanup (This used to be commit 761cbd52f0cff6b864c506ec03c94039b6101ef9) --- source3/utils/net_groupmap.c | 85 ++++++++++++++++++++++---------------------- 1 file changed, 43 insertions(+), 42 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index b95e8c65e4..df13a93de6 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -66,7 +66,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) if (StrnCaseCmp( input, "S-", 2)) { /* Perhaps its the NT group name? */ - if (!NT_STATUS_IS_OK(pdb_getgrnam(&map, input))) { + if (!pdb_getgrnam(&map, input)) { printf("NT Group %s doesn't exist in mapping DB\n", input); return False; } else { @@ -153,7 +153,7 @@ static int net_groupmap_list(int argc, const char **argv) } /* Get the current mapping from the database */ - if(!NT_STATUS_IS_OK(pdb_getgrsid(&map, &sid))) { + if(!pdb_getgrsid(&map, sid)) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } @@ -163,7 +163,7 @@ static int net_groupmap_list(int argc, const char **argv) else { GROUP_MAP *map=NULL; /* enumerate all group mappings */ - if (!NT_STATUS_IS_OK(pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED))) + if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) return -1; for (i=0; i Date: Mon, 21 Aug 2006 20:04:01 +0000 Subject: r17669: Remove RID algorithm support from unmapped users and groups when using smbpasswd (This used to be commit dde552336c732ddd6076a6a32575a37cb51aa94c) --- source3/utils/net_groupmap.c | 11 +++++++++-- 1 file changed, 9 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index df13a93de6..4708efa908 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -289,7 +289,7 @@ static int net_groupmap_add(int argc, const char **argv) if ( (rid == 0) && (string_sid[0] == '\0') ) { d_printf("No rid or sid specified, choosing a RID\n"); if (pdb_rid_algorithm()) { - rid = pdb_gid_to_group_rid(gid); + rid = algorithmic_pdb_gid_to_group_rid(gid); } else { if (!pdb_new_rid(&rid)) { d_printf("Could not get new RID\n"); @@ -573,7 +573,14 @@ static int net_groupmap_set(int argc, const char **argv) map.gid = grp->gr_gid; if (opt_rid == 0) { - opt_rid = pdb_gid_to_group_rid(map.gid); + if ( pdb_rid_algorithm() ) + opt_rid = algorithmic_pdb_gid_to_group_rid(map.gid); + else { + if ( !pdb_new_rid((uint32*)&opt_rid) ) { + d_fprintf( stderr, "Could not allocate new RID\n"); + return -1; + } + } } sid_copy(&map.sid, get_global_sam_sid()); -- cgit From 2b27c93a9a8471693d7dcb5fdbe8afe65b22ff66 Mon Sep 17 00:00:00 2001 From: Gerald Carter Date: Fri, 8 Sep 2006 14:28:06 +0000 Subject: r18271: Big change: * autogenerate lsa ndr code * rename 'enum SID_NAME_USE' to 'enum lsa_SidType' * merge a log more security descriptor functions from gen_ndr/ndr_security.c in SAMBA_4_0 The most embarassing thing is the "#define strlen_m strlen" We need a real implementation in SAMBA_3_0 which I'll work on after this code is in. (This used to be commit 3da9f80c28b1e75ef6d46d38fbb81ade6b9fa951) --- source3/utils/net_groupmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 4708efa908..ad1a141cfc 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -188,7 +188,7 @@ static int net_groupmap_add(int argc, const char **argv) fstring string_sid = ""; fstring type = ""; fstring ntcomment = ""; - enum SID_NAME_USE sid_type = SID_NAME_DOM_GRP; + enum lsa_SidType sid_type = SID_NAME_DOM_GRP; uint32 rid = 0; gid_t gid; int i; @@ -345,7 +345,7 @@ static int net_groupmap_modify(int argc, const char **argv) fstring ntgroup = ""; fstring unixgrp = ""; fstring sid_string = ""; - enum SID_NAME_USE sid_type = SID_NAME_UNKNOWN; + enum lsa_SidType sid_type = SID_NAME_UNKNOWN; int i; gid_t gid; -- cgit From 248a82c0f28a5e1df957726558b795cf98d29097 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Mon, 4 Jun 2007 01:51:18 +0000 Subject: r23323: merged ldb changes from 3.0.26 (This used to be commit 7c9a5c2a3f012a06e9550dc0de7df460c2fd943b) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index ad1a141cfc..bb30a31c0b 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -725,7 +725,7 @@ static int net_groupmap_listmem(int argc, const char **argv) printf("%s\n", sid_string_static(&(members[i]))); } - SAFE_FREE(members); + TALLOC_FREE(members); return 0; } -- cgit From d824b98f80ba186030cbb70b3a1e5daf80469ecd Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Mon, 9 Jul 2007 19:25:36 +0000 Subject: r23779: Change from v2 or later to v3 or later. Jeremy. (This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index bb30a31c0b..0d6598d609 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -8,7 +8,7 @@ * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by - * the Free Software Foundation; either version 2 of the License, or + * the Free Software Foundation; either version 3 of the License, or * (at your option) any later version. * * This program is distributed in the hope that it will be useful, -- cgit From 153cfb9c83534b09f15cc16205d7adb19b394928 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Tue, 10 Jul 2007 05:23:25 +0000 Subject: r23801: The FSF has moved around a lot. This fixes their Mass Ave address. (This used to be commit 87c91e4362c51819032bfbebbb273c52e203b227) --- source3/utils/net_groupmap.c | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 0d6598d609..34e9f8c033 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -17,8 +17,7 @@ * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License - * along with this program; if not, write to the Free Software - * Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. + * along with this program; if not, see . */ -- cgit From 30191d1a5704ad2b158386b511558972d539ce47 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Thu, 18 Oct 2007 17:40:25 -0700 Subject: RIP BOOL. Convert BOOL -> bool. I found a few interesting bugs in various places whilst doing this (places that assumed BOOL == int). I also need to fix the Samba4 pidl generation (next checkin). Jeremy. (This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f) --- source3/utils/net_groupmap.c | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 34e9f8c033..d2ed696eb1 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -59,7 +59,7 @@ static char* get_string_param( const char* param ) Figure out if the input was an NT group or a SID string. Return the SID. **********************************************************/ -static BOOL get_sid_from_input(DOM_SID *sid, char *input) +static bool get_sid_from_input(DOM_SID *sid, char *input) { GROUP_MAP map; @@ -84,7 +84,7 @@ static BOOL get_sid_from_input(DOM_SID *sid, char *input) Dump a GROUP_MAP entry to stdout (long or short listing) **********************************************************/ -static void print_map_entry ( GROUP_MAP map, BOOL long_list ) +static void print_map_entry ( GROUP_MAP map, bool long_list ) { if (!long_list) d_printf("%s (%s) -> %s\n", map.nt_name, @@ -106,7 +106,7 @@ static void print_map_entry ( GROUP_MAP map, BOOL long_list ) static int net_groupmap_list(int argc, const char **argv) { size_t entries; - BOOL long_list = False; + bool long_list = False; size_t i; fstring ntgroup = ""; fstring sid_string = ""; @@ -526,7 +526,7 @@ static int net_groupmap_set(int argc, const char **argv) const char *ntgroup = NULL; struct group *grp = NULL; GROUP_MAP map; - BOOL have_map = False; + bool have_map = False; if ((argc < 1) || (argc > 2)) { d_printf("Usage: net groupmap set \"NT Group\" " @@ -729,7 +729,7 @@ static int net_groupmap_listmem(int argc, const char **argv) return 0; } -static BOOL print_alias_memberships(TALLOC_CTX *mem_ctx, +static bool print_alias_memberships(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, const DOM_SID *member) { -- cgit From 4b9f336a62cd4992956a68c8a17764a3f768b3f1 Mon Sep 17 00:00:00 2001 From: Günther Deschner Date: Fri, 30 Nov 2007 18:47:25 +0100 Subject: Move param helper routines to one place. Guenther (This used to be commit 6bf2c8038c4bc7a52b7f260209ade0bdeb95c685) --- source3/utils/net_groupmap.c | 31 ------------------------------- 1 file changed, 31 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index d2ed696eb1..8aead50b9f 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -24,37 +24,6 @@ #include "includes.h" #include "utils/net.h" - -/********************************************************* - utility function to parse an integer parameter from - "parameter = value" -**********************************************************/ -static uint32 get_int_param( const char* param ) -{ - char *p; - - p = strchr( param, '=' ); - if ( !p ) - return 0; - - return atoi(p+1); -} - -/********************************************************* - utility function to parse an integer parameter from - "parameter = value" -**********************************************************/ -static char* get_string_param( const char* param ) -{ - char *p; - - p = strchr( param, '=' ); - if ( !p ) - return NULL; - - return (p+1); -} - /********************************************************* Figure out if the input was an NT group or a SID string. Return the SID. -- cgit From 7b01537679d4d4f1408634fe63c64c144f9d9519 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 21:53:26 +0100 Subject: Replace sid_string_static with sid_string_tos In utils/ I was a bit lazy... (This used to be commit 60e830b0f4571bd5d9039f2edd199534f2a4c341) --- source3/utils/net_groupmap.c | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 8aead50b9f..c59548b2f1 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -57,10 +57,10 @@ static void print_map_entry ( GROUP_MAP map, bool long_list ) { if (!long_list) d_printf("%s (%s) -> %s\n", map.nt_name, - sid_string_static(&map.sid), gidtoname(map.gid)); + sid_string_tos(&map.sid), gidtoname(map.gid)); else { d_printf("%s\n", map.nt_name); - d_printf("\tSID : %s\n", sid_string_static(&map.sid)); + d_printf("\tSID : %s\n", sid_string_tos(&map.sid)); d_printf("\tUnix gid : %d\n", map.gid); d_printf("\tUnix group: %s\n", gidtoname(map.gid)); d_printf("\tGroup type: %s\n", @@ -249,7 +249,7 @@ static int net_groupmap_add(int argc, const char **argv) { if (pdb_getgrgid(&map, gid)) { d_printf("Unix group %s already mapped to SID %s\n", - unixgrp, sid_string_static(&map.sid)); + unixgrp, sid_string_tos(&map.sid)); return -1; } } @@ -619,7 +619,7 @@ static int net_groupmap_cleanup(int argc, const char **argv) if (!sid_check_is_in_our_domain(&map[i].sid)) { printf("Deleting mapping for NT Group %s, sid %s\n", map[i].nt_name, - sid_string_static(&map[i].sid)); + sid_string_tos(&map[i].sid)); pdb_delete_group_mapping_entry(map[i].sid); } } @@ -690,7 +690,7 @@ static int net_groupmap_listmem(int argc, const char **argv) } for (i = 0; i < num; i++) { - printf("%s\n", sid_string_static(&(members[i]))); + printf("%s\n", sid_string_tos(&(members[i]))); } TALLOC_FREE(members); @@ -712,7 +712,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, mem_ctx, domain_sid, member, 1, &alias_rids, &num_alias_rids))) { d_fprintf(stderr, "Could not list memberships for sid %s\n", - sid_string_static(member)); + sid_string_tos(member)); return False; } @@ -720,7 +720,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, DOM_SID alias; sid_copy(&alias, domain_sid); sid_append_rid(&alias, alias_rids[i]); - printf("%s\n", sid_string_static(&alias)); + printf("%s\n", sid_string_tos(&alias)); } return True; -- cgit From 2e07c2ade89f4ff281c61f74cb88e09990cf5f46 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Sat, 15 Dec 2007 22:47:30 +0100 Subject: s/sid_to_string/sid_to_fstring/ least surprise for callers (This used to be commit eb523ba77697346a365589101aac379febecd546) --- source3/utils/net_groupmap.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index c59548b2f1..b0e3d60a24 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -270,7 +270,7 @@ static int net_groupmap_add(int argc, const char **argv) if ( !string_sid[0] ) { sid_copy(&sid, get_global_sam_sid()); sid_append_rid(&sid, rid); - sid_to_string(string_sid, &sid); + sid_to_fstring(string_sid, &sid); } if (!ntcomment[0]) { -- cgit From f5769109447d8da0f09b102d444a816ad97a00dc Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Fri, 9 May 2008 23:22:12 +0200 Subject: net: Remove globals (This used to be commit 1e9319cf88b65a2a8d4f5099a1fe5297e405ed2e) --- source3/utils/net_groupmap.c | 55 ++++++++++++++++++++++---------------------- 1 file changed, 27 insertions(+), 28 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index b0e3d60a24..0fdebcc912 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -72,7 +72,7 @@ static void print_map_entry ( GROUP_MAP map, bool long_list ) /********************************************************* List the groups. **********************************************************/ -static int net_groupmap_list(int argc, const char **argv) +static int net_groupmap_list(struct net_context *c, int argc, const char **argv) { size_t entries; bool long_list = False; @@ -80,7 +80,7 @@ static int net_groupmap_list(int argc, const char **argv) fstring ntgroup = ""; fstring sid_string = ""; - if (opt_verbose || opt_long_list_entries) + if (c->opt_verbose || c->opt_long_list_entries) long_list = True; /* get the options */ @@ -148,7 +148,7 @@ static int net_groupmap_list(int argc, const char **argv) Add a new group mapping entry **********************************************************/ -static int net_groupmap_add(int argc, const char **argv) +static int net_groupmap_add(struct net_context *c, int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; @@ -293,7 +293,6 @@ static int net_groupmap_add(int argc, const char **argv) if (!ntgroup[0] ) fstrcpy( ntgroup, unixgrp ); - if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) { d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup); return -1; @@ -304,7 +303,7 @@ static int net_groupmap_add(int argc, const char **argv) return 0; } -static int net_groupmap_modify(int argc, const char **argv) +static int net_groupmap_modify(struct net_context *c, int argc, const char **argv) { DOM_SID sid; GROUP_MAP map; @@ -436,7 +435,7 @@ static int net_groupmap_modify(int argc, const char **argv) return 0; } -static int net_groupmap_delete(int argc, const char **argv) +static int net_groupmap_delete(struct net_context *c, int argc, const char **argv) { DOM_SID sid; fstring ntgroup = ""; @@ -490,7 +489,7 @@ static int net_groupmap_delete(int argc, const char **argv) return 0; } -static int net_groupmap_set(int argc, const char **argv) +static int net_groupmap_set(struct net_context *c, int argc, const char **argv) { const char *ntgroup = NULL; struct group *grp = NULL; @@ -503,7 +502,7 @@ static int net_groupmap_set(int argc, const char **argv) return -1; } - if ( opt_localgroup && opt_domaingroup ) { + if ( c->opt_localgroup && c->opt_domaingroup ) { d_printf("Can only specify -L or -D, not both\n"); return -1; } @@ -540,11 +539,11 @@ static int net_groupmap_set(int argc, const char **argv) map.gid = grp->gr_gid; - if (opt_rid == 0) { + if (c->opt_rid == 0) { if ( pdb_rid_algorithm() ) - opt_rid = algorithmic_pdb_gid_to_group_rid(map.gid); + c->opt_rid = algorithmic_pdb_gid_to_group_rid(map.gid); else { - if ( !pdb_new_rid((uint32*)&opt_rid) ) { + if ( !pdb_new_rid((uint32*)&c->opt_rid) ) { d_fprintf( stderr, "Could not allocate new RID\n"); return -1; } @@ -552,7 +551,7 @@ static int net_groupmap_set(int argc, const char **argv) } sid_copy(&map.sid, get_global_sam_sid()); - sid_append_rid(&map.sid, opt_rid); + sid_append_rid(&map.sid, c->opt_rid); map.sid_name_use = SID_NAME_DOM_GRP; fstrcpy(map.nt_name, ntgroup); @@ -567,7 +566,7 @@ static int net_groupmap_set(int argc, const char **argv) /* Now we have a mapping entry, update that stuff */ - if ( opt_localgroup || opt_domaingroup ) { + if ( c->opt_localgroup || c->opt_domaingroup ) { if (map.sid_name_use == SID_NAME_WKN_GRP) { d_fprintf(stderr, "Can't change type of the BUILTIN group %s\n", map.nt_name); @@ -575,19 +574,19 @@ static int net_groupmap_set(int argc, const char **argv) } } - if (opt_localgroup) + if (c->opt_localgroup) map.sid_name_use = SID_NAME_ALIAS; - if (opt_domaingroup) + if (c->opt_domaingroup) map.sid_name_use = SID_NAME_DOM_GRP; /* The case (opt_domaingroup && opt_localgroup) was tested for above */ - if (strlen(opt_comment) > 0) - fstrcpy(map.comment, opt_comment); + if (strlen(c->opt_comment) > 0) + fstrcpy(map.comment, c->opt_comment); - if (strlen(opt_newntname) > 0) - fstrcpy(map.nt_name, opt_newntname); + if (strlen(c->opt_newntname) > 0) + fstrcpy(map.nt_name, c->opt_newntname); if (grp != NULL) map.gid = grp->gr_gid; @@ -600,7 +599,7 @@ static int net_groupmap_set(int argc, const char **argv) return 0; } -static int net_groupmap_cleanup(int argc, const char **argv) +static int net_groupmap_cleanup(struct net_context *c, int argc, const char **argv) { GROUP_MAP *map = NULL; size_t i, entries; @@ -629,7 +628,7 @@ static int net_groupmap_cleanup(int argc, const char **argv) return 0; } -static int net_groupmap_addmem(int argc, const char **argv) +static int net_groupmap_addmem(struct net_context *c, int argc, const char **argv) { DOM_SID alias, member; @@ -649,7 +648,7 @@ static int net_groupmap_addmem(int argc, const char **argv) return 0; } -static int net_groupmap_delmem(int argc, const char **argv) +static int net_groupmap_delmem(struct net_context *c, int argc, const char **argv) { DOM_SID alias, member; @@ -669,7 +668,7 @@ static int net_groupmap_delmem(int argc, const char **argv) return 0; } -static int net_groupmap_listmem(int argc, const char **argv) +static int net_groupmap_listmem(struct net_context *c, int argc, const char **argv) { DOM_SID alias; DOM_SID *members; @@ -726,7 +725,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, return True; } -static int net_groupmap_memberships(int argc, const char **argv) +static int net_groupmap_memberships(struct net_context *c, int argc, const char **argv) { TALLOC_CTX *mem_ctx; DOM_SID *domain_sid, *builtin_sid, member; @@ -759,7 +758,7 @@ static int net_groupmap_memberships(int argc, const char **argv) return 0; } -int net_help_groupmap(int argc, const char **argv) +int net_help_groupmap(struct net_context *c, int argc, const char **argv) { d_printf("net groupmap add"\ "\n Create a new group mapping\n"); @@ -789,7 +788,7 @@ int net_help_groupmap(int argc, const char **argv) /*********************************************************** migrated functionality from smbgroupedit **********************************************************/ -int net_groupmap(int argc, const char **argv) +int net_groupmap(struct net_context *c, int argc, const char **argv) { struct functable func[] = { {"add", net_groupmap_add}, @@ -813,8 +812,8 @@ int net_groupmap(int argc, const char **argv) } if ( argc ) - return net_run_function(argc, argv, func, net_help_groupmap); + return net_run_function(c, argc, argv, func, net_help_groupmap); - return net_help_groupmap( argc, argv ); + return net_help_groupmap(c, argc, argv ); } -- cgit From 4206d9754486d2c1e18217cbcdbaad8f31f5244b Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Thu, 8 May 2008 11:23:38 +0200 Subject: net: more whitespace cleanup (This used to be commit ef0184d580500734fc7af51e1c790b075180a3d0) --- source3/utils/net_groupmap.c | 82 ++++++++++++++++++++++---------------------- 1 file changed, 41 insertions(+), 41 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 0fdebcc912..9f54bdaa08 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -82,7 +82,7 @@ static int net_groupmap_list(struct net_context *c, int argc, const char **argv) if (c->opt_verbose || c->opt_long_list_entries) long_list = True; - + /* get the options */ for ( i=0; i|sid=} unixgroup= [type=] [ntgroup=] [comment=]\n"); return -1; } - + if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { d_fprintf(stderr, "Can't lookup UNIX group %s\n", unixgrp); return -1; @@ -253,7 +253,7 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv) return -1; } } - + if ( (rid == 0) && (string_sid[0] == '\0') ) { d_printf("No rid or sid specified, choosing a RID\n"); if (pdb_rid_algorithm()) { @@ -289,10 +289,10 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv) break; } } - + if (!ntgroup[0] ) fstrcpy( ntgroup, unixgrp ); - + if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) { d_fprintf(stderr, "adding entry for group %s failed!\n", ntgroup); return -1; @@ -323,28 +323,28 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg if ( !ntgroup[0] ) { d_fprintf(stderr, "must supply a name\n"); return -1; - } + } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { d_fprintf(stderr, "must supply a name\n"); return -1; - } + } } else if ( !StrnCaseCmp(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { d_fprintf(stderr, "must supply a comment string\n"); return -1; - } + } } else if ( !StrnCaseCmp(argv[i], "unixgroup", strlen("unixgroup")) ) { fstrcpy( unixgrp, get_string_param( argv[i] ) ); if ( !unixgrp[0] ) { d_fprintf(stderr, "must supply a group name\n"); return -1; - } + } } else if ( !StrnCaseCmp(argv[i], "type", strlen("type")) ) { fstrcpy( type, get_string_param( argv[i] ) ); @@ -364,17 +364,17 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg return -1; } } - + if ( !ntgroup[0] && !sid_string[0] ) { d_printf("Usage: net groupmap modify {ntgroup=|sid=} [comment=] [unixgroup=] [type=]\n"); return -1; } /* give preference to the SID; if both the ntgroup name and SID - are defined, use the SID and assume that the group name could be a + are defined, use the SID and assume that the group name could be a new name */ - - if ( sid_string[0] ) { + + if ( sid_string[0] ) { if (!get_sid_from_input(&sid, sid_string)) { return -1; } @@ -383,18 +383,18 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg if (!get_sid_from_input(&sid, ntgroup)) { return -1; } - } + } /* Get the current mapping from the database */ if(!pdb_getgrsid(&map, sid)) { d_fprintf(stderr, "Failure to local group SID in the database\n"); return -1; } - + /* * Allow changing of group type only between domain and local * We disallow changing Builtin groups !!! (SID problem) - */ + */ if (sid_type == SID_NAME_UNKNOWN) { d_fprintf(stderr, "Can't map to an unknown group type.\n"); return -1; @@ -410,10 +410,10 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg /* Change comment if new one */ if ( ntcomment[0] ) fstrcpy( map.comment, ntcomment ); - + if ( ntgroup[0] ) fstrcpy( map.nt_name, ntgroup ); - + if ( unixgrp[0] ) { gid = nametogid( unixgrp ); if ( gid == -1 ) { @@ -421,7 +421,7 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg unixgrp); return -1; } - + map.gid = gid; } @@ -429,7 +429,7 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg d_fprintf(stderr, "Could not update group database\n"); return -1; } - + d_printf("Updated mapping entry for %s\n", map.nt_name); return 0; @@ -449,31 +449,31 @@ static int net_groupmap_delete(struct net_context *c, int argc, const char **arg if ( !ntgroup[0] ) { d_fprintf(stderr, "must supply a name\n"); return -1; - } + } } else if ( !StrnCaseCmp(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { d_fprintf(stderr, "must supply a SID\n"); return -1; - } + } } else { d_fprintf(stderr, "Bad option: %s\n", argv[i]); return -1; } } - + if ( !ntgroup[0] && !sid_string[0]) { d_printf("Usage: net groupmap delete {ntgroup=|sid=}\n"); return -1; } - + /* give preference to the SID if we have that */ - + if ( sid_string[0] ) fstrcpy( ntgroup, sid_string ); - + if ( !get_sid_from_input(&sid, ntgroup) ) { d_fprintf(stderr, "Unable to resolve group %s to a SID\n", ntgroup); return -1; @@ -632,7 +632,7 @@ static int net_groupmap_addmem(struct net_context *c, int argc, const char **arg { DOM_SID alias, member; - if ( (argc != 2) || + if ( (argc != 2) || !string_to_sid(&alias, argv[0]) || !string_to_sid(&member, argv[1]) ) { d_printf("Usage: net groupmap addmem alias-sid member-sid\n"); @@ -780,7 +780,7 @@ int net_help_groupmap(struct net_context *c, int argc, const char **argv) "\n Set group mapping\n"); d_printf("net groupmap cleanup"\ "\n Remove foreign group mapping entries\n"); - + return -1; } @@ -810,7 +810,7 @@ int net_groupmap(struct net_context *c, int argc, const char **argv) d_fprintf(stderr, "You must be root to edit group mappings.\n"); return -1; } - + if ( argc ) return net_run_function(c, argc, argv, func, net_help_groupmap); -- cgit From 16938883e6fcae7601eb6343177aa2d56dd2136e Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Mon, 12 May 2008 11:53:23 +0200 Subject: net: Use true/false instead of True/False. (This used to be commit a8b567aac3b0e39cfe67fb97167b10312ca5e73a) --- source3/utils/net_groupmap.c | 18 +++++++++--------- 1 file changed, 9 insertions(+), 9 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 9f54bdaa08..55ba0ba80c 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -36,17 +36,17 @@ static bool get_sid_from_input(DOM_SID *sid, char *input) /* Perhaps its the NT group name? */ if (!pdb_getgrnam(&map, input)) { printf("NT Group %s doesn't exist in mapping DB\n", input); - return False; + return false; } else { *sid = map.sid; } } else { if (!string_to_sid(sid, input)) { printf("converting sid %s from a string failed!\n", input); - return False; + return false; } } - return True; + return true; } /********************************************************* @@ -75,18 +75,18 @@ static void print_map_entry ( GROUP_MAP map, bool long_list ) static int net_groupmap_list(struct net_context *c, int argc, const char **argv) { size_t entries; - bool long_list = False; + bool long_list = false; size_t i; fstring ntgroup = ""; fstring sid_string = ""; if (c->opt_verbose || c->opt_long_list_entries) - long_list = True; + long_list = true; /* get the options */ for ( i=0; i 2)) { d_printf("Usage: net groupmap set \"NT Group\" " @@ -712,7 +712,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, &alias_rids, &num_alias_rids))) { d_fprintf(stderr, "Could not list memberships for sid %s\n", sid_string_tos(member)); - return False; + return false; } for (i = 0; i < num_alias_rids; i++) { @@ -722,7 +722,7 @@ static bool print_alias_memberships(TALLOC_CTX *mem_ctx, printf("%s\n", sid_string_tos(&alias)); } - return True; + return true; } static int net_groupmap_memberships(struct net_context *c, int argc, const char **argv) -- cgit From 0210f7af917d0e4ea1f16f9c6e767b8fe817c095 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Thu, 15 May 2008 10:14:41 +0200 Subject: net: The top level help function for net cmd is always net_cmd_usage (This used to be commit f7d0903a58b0b0fc248a613937a101f15baa5311) --- source3/utils/net_groupmap.c | 8 ++++---- 1 file changed, 4 insertions(+), 4 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 55ba0ba80c..4b4ec45dea 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -758,7 +758,7 @@ static int net_groupmap_memberships(struct net_context *c, int argc, const char return 0; } -int net_help_groupmap(struct net_context *c, int argc, const char **argv) +int net_groupmap_usage(struct net_context *c, int argc, const char **argv) { d_printf("net groupmap add"\ "\n Create a new group mapping\n"); @@ -801,7 +801,7 @@ int net_groupmap(struct net_context *c, int argc, const char **argv) {"listmem", net_groupmap_listmem}, {"memberships", net_groupmap_memberships}, {"list", net_groupmap_list}, - {"help", net_help_groupmap}, + {"help", net_groupmap_usage}, {NULL, NULL} }; @@ -812,8 +812,8 @@ int net_groupmap(struct net_context *c, int argc, const char **argv) } if ( argc ) - return net_run_function(c, argc, argv, func, net_help_groupmap); + return net_run_function(c,argc, argv, func, net_groupmap_usage); - return net_help_groupmap(c, argc, argv ); + return net_groupmap_usage(c, argc, argv); } -- cgit From f3d86100b8c31c368679b1928de2ce24619aeea8 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Mon, 19 May 2008 15:55:34 +0200 Subject: net: Make "net groupmap" use functable3 (This used to be commit c328b3e30b17866f4a0fd344d01efca826215cbc) --- source3/utils/net_groupmap.c | 189 +++++++++++++++++++++++++++++++------------ 1 file changed, 138 insertions(+), 51 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index 4b4ec45dea..cea1b0a3d7 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -79,6 +79,16 @@ static int net_groupmap_list(struct net_context *c, int argc, const char **argv) size_t i; fstring ntgroup = ""; fstring sid_string = ""; + const char list_usage_str[] = "net groupmap list [verbose] " + "[ntgroup=NT group] [sid=SID]\n" + " verbose\tPrint verbose list\n" + " ntgroup\tNT group to list\n" + " sid\tSID of group to list"; + + if (c->display_usage) { + d_printf("Usage:\n%s\n", list_usage_str); + return 0; + } if (c->opt_verbose || c->opt_long_list_entries) long_list = true; @@ -104,6 +114,7 @@ static int net_groupmap_list(struct net_context *c, int argc, const char **argv) } else { d_fprintf(stderr, "Bad option: %s\n", argv[i]); + d_printf("Usage:\n%s\n", list_usage_str); return -1; } } @@ -163,6 +174,10 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv) GROUP_MAP map; const char *name_type; + const char add_usage_str[] = "net groupmap add {rid=|sid=}" + " unixgroup= " + "[type=] " + "[ntgroup=] [comment=]"; ZERO_STRUCT(map); @@ -170,6 +185,11 @@ static int net_groupmap_add(struct net_context *c, int argc, const char **argv) map.sid_name_use = SID_NAME_DOM_GRP; name_type = "domain group"; + if (c->display_usage) { + d_printf("Usage\n%s\n", add_usage_str); + return 0; + } + /* get the options */ for ( i=0; i|sid=} unixgroup= [type=] [ntgroup=] [comment=]\n"); + d_printf("Usage:\n%s\n", add_usage_str); return -1; } @@ -315,6 +335,16 @@ static int net_groupmap_modify(struct net_context *c, int argc, const char **arg enum lsa_SidType sid_type = SID_NAME_UNKNOWN; int i; gid_t gid; + const char modify_usage_str[] = "net groupmap modify " + "{ntgroup=|sid=} " + "[comment=] " + "[unixgroup=] " + "[type=]"; + + if (c->display_usage) { + d_printf("Usage:\n%s\n", modify_usage_str); + return 0; + } /* get the options */ for ( i=0; i|sid=} [comment=] [unixgroup=] [type=]\n"); + d_printf("Usage:\n%s\n", modify_usage_str); return -1; } @@ -441,6 +471,13 @@ static int net_groupmap_delete(struct net_context *c, int argc, const char **arg fstring ntgroup = ""; fstring sid_string = ""; int i; + const char delete_usage_str[] = "net groupmap delete " + "{ntgroup=|sid=}"; + + if (c->display_usage) { + d_printf("Usage:\n%s\n", delete_usage_str); + return 0; + } /* get the options */ for ( i=0; i|sid=}\n"); + d_printf("Usage:\n%s\n", delete_usage_str); return -1; } @@ -496,7 +533,7 @@ static int net_groupmap_set(struct net_context *c, int argc, const char **argv) GROUP_MAP map; bool have_map = false; - if ((argc < 1) || (argc > 2)) { + if ((argc < 1) || (argc > 2) || c->display_usage) { d_printf("Usage: net groupmap set \"NT Group\" " "[\"unix group\"] [-C \"comment\"] [-L] [-D]\n"); return -1; @@ -604,6 +641,13 @@ static int net_groupmap_cleanup(struct net_context *c, int argc, const char **ar GROUP_MAP *map = NULL; size_t i, entries; + if (c->display_usage) { + d_printf("Usage:\n" + "net groupmap cleanup\n" + " Delete all group mappings\n"); + return 0; + } + if (!pdb_enum_group_mapping(NULL, SID_NAME_UNKNOWN, &map, &entries, ENUM_ALL_MAPPED)) { d_fprintf(stderr, "Could not list group mappings\n"); @@ -633,6 +677,7 @@ static int net_groupmap_addmem(struct net_context *c, int argc, const char **arg DOM_SID alias, member; if ( (argc != 2) || + c->display_usage || !string_to_sid(&alias, argv[0]) || !string_to_sid(&member, argv[1]) ) { d_printf("Usage: net groupmap addmem alias-sid member-sid\n"); @@ -652,7 +697,8 @@ static int net_groupmap_delmem(struct net_context *c, int argc, const char **arg { DOM_SID alias, member; - if ( (argc != 2) || + if ( (argc != 2) || + c->display_usage || !string_to_sid(&alias, argv[0]) || !string_to_sid(&member, argv[1]) ) { d_printf("Usage: net groupmap delmem alias-sid member-sid\n"); @@ -674,7 +720,8 @@ static int net_groupmap_listmem(struct net_context *c, int argc, const char **ar DOM_SID *members; size_t i, num; - if ( (argc != 1) || + if ( (argc != 1) || + c->display_usage || !string_to_sid(&alias, argv[0]) ) { d_printf("Usage: net groupmap listmem alias-sid\n"); return -1; @@ -730,7 +777,8 @@ static int net_groupmap_memberships(struct net_context *c, int argc, const char TALLOC_CTX *mem_ctx; DOM_SID *domain_sid, *builtin_sid, member; - if ( (argc != 1) || + if ( (argc != 1) || + c->display_usage || !string_to_sid(&member, argv[0]) ) { d_printf("Usage: net groupmap memberof sid\n"); return -1; @@ -758,51 +806,93 @@ static int net_groupmap_memberships(struct net_context *c, int argc, const char return 0; } -int net_groupmap_usage(struct net_context *c, int argc, const char **argv) -{ - d_printf("net groupmap add"\ - "\n Create a new group mapping\n"); - d_printf("net groupmap modify"\ - "\n Update a group mapping\n"); - d_printf("net groupmap delete"\ - "\n Remove a group mapping\n"); - d_printf("net groupmap addmem"\ - "\n Add a foreign alias member\n"); - d_printf("net groupmap delmem"\ - "\n Delete a foreign alias member\n"); - d_printf("net groupmap listmem"\ - "\n List foreign group members\n"); - d_printf("net groupmap memberships"\ - "\n List foreign group memberships\n"); - d_printf("net groupmap list"\ - "\n List current group map\n"); - d_printf("net groupmap set"\ - "\n Set group mapping\n"); - d_printf("net groupmap cleanup"\ - "\n Remove foreign group mapping entries\n"); - - return -1; -} - - /*********************************************************** migrated functionality from smbgroupedit **********************************************************/ int net_groupmap(struct net_context *c, int argc, const char **argv) { - struct functable func[] = { - {"add", net_groupmap_add}, - {"modify", net_groupmap_modify}, - {"delete", net_groupmap_delete}, - {"set", net_groupmap_set}, - {"cleanup", net_groupmap_cleanup}, - {"addmem", net_groupmap_addmem}, - {"delmem", net_groupmap_delmem}, - {"listmem", net_groupmap_listmem}, - {"memberships", net_groupmap_memberships}, - {"list", net_groupmap_list}, - {"help", net_groupmap_usage}, - {NULL, NULL} + struct functable3 func[] = { + { + "add", + net_groupmap_add, + NET_TRANSPORT_LOCAL, + "Create a new group mapping", + "net groupmap add\n" + " Create a new group mapping" + }, + { + "modify", + net_groupmap_modify, + NET_TRANSPORT_LOCAL, + "Update a group mapping", + "net groupmap modify\n" + " Modify an existing group mapping" + }, + { + "delete", + net_groupmap_delete, + NET_TRANSPORT_LOCAL, + "Remove a group mapping", + "net groupmap delete\n" + " Remove a group mapping" + }, + { + "set", + net_groupmap_set, + NET_TRANSPORT_LOCAL, + "Set group mapping", + "net groupmap set\n" + " Set a group mapping" + }, + { + "cleanup", + net_groupmap_cleanup, + NET_TRANSPORT_LOCAL, + "Remove foreign group mapping entries", + "net groupmap cleanup\n" + " Remove foreign group mapping entries" + }, + { + "addmem", + net_groupmap_addmem, + NET_TRANSPORT_LOCAL, + "Add a foreign alias member", + "net groupmap addmem\n" + " Add a foreign alias member" + }, + { + "delmem", + net_groupmap_delmem, + NET_TRANSPORT_LOCAL, + "Delete foreign alias member", + "net groupmap delmem\n" + " Delete foreign alias member" + }, + { + "listmem", + net_groupmap_listmem, + NET_TRANSPORT_LOCAL, + "List foreign group members", + "net groupmap listmem\n" + " List foreign alias members" + }, + { + "memberships", + net_groupmap_memberships, + NET_TRANSPORT_LOCAL, + "List foreign group memberships", + "net groupmap memberships\n" + " List foreign group memberships" + }, + { + "list", + net_groupmap_list, + NET_TRANSPORT_LOCAL, + "List current group map", + "net groupmap list\n" + " List current group map" + }, + {NULL, NULL, 0, NULL, NULL} }; /* we shouldn't have silly checks like this */ @@ -811,9 +901,6 @@ int net_groupmap(struct net_context *c, int argc, const char **argv) return -1; } - if ( argc ) - return net_run_function(c,argc, argv, func, net_groupmap_usage); - - return net_groupmap_usage(c, argc, argv); + return net_run_function3(c,argc, argv, "net groupmap", func); } -- cgit From 255bdb26025a5025bc60637dd924f6ec71c49ee5 Mon Sep 17 00:00:00 2001 From: Kai Blin Date: Sat, 7 Jun 2008 02:25:08 +0200 Subject: net: Rename functable3 to functable, get rid of old functables (This used to be commit bb7c5fc4ec77db4073d3beccf12af12910b6bd07) --- source3/utils/net_groupmap.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) (limited to 'source3/utils/net_groupmap.c') diff --git a/source3/utils/net_groupmap.c b/source3/utils/net_groupmap.c index cea1b0a3d7..b160d840a0 100644 --- a/source3/utils/net_groupmap.c +++ b/source3/utils/net_groupmap.c @@ -811,7 +811,7 @@ static int net_groupmap_memberships(struct net_context *c, int argc, const char **********************************************************/ int net_groupmap(struct net_context *c, int argc, const char **argv) { - struct functable3 func[] = { + struct functable func[] = { { "add", net_groupmap_add, @@ -901,6 +901,6 @@ int net_groupmap(struct net_context *c, int argc, const char **argv) return -1; } - return net_run_function3(c,argc, argv, "net groupmap", func); + return net_run_function(c,argc, argv, "net groupmap", func); } -- cgit