/*
* Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
* Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#ifdef USE_SMBUNIX_DB
extern int DEBUGLEVEL;
extern DOM_SID global_sam_sid;
/***************************************************************
Start to enumerate the smbpasswd list. Returns a void pointer
to ensure no modification outside this module.
****************************************************************/
static void *startsmbunixgrpent(BOOL update)
{
return startsmbpwent(False);
}
/***************************************************************
End enumeration of the smbpasswd list.
****************************************************************/
static void endsmbunixgrpent(void *vp)
{
endsmbpwent(vp);
}
/*************************************************************************
Return the current position in the smbpasswd list as an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static SMB_BIG_UINT getsmbunixgrppos(void *vp)
{
return getsmbpwpos(vp);
}
/*************************************************************************
Set the current position in the smbpasswd list from an SMB_BIG_UINT.
This must be treated as an opaque token.
*************************************************************************/
static BOOL setsmbunixgrppos(void *vp, SMB_BIG_UINT tok)
{
return setsmbpwpos(vp, tok);
}
/*************************************************************************
Routine to return the next smbpassgroup entry
*************************************************************************/
static struct smb_passwd *getsmbunixgrpent(void *vp,
uint32 **grp_rids, int *num_grps,
uint32 **als_rids, int *num_alss)
{
/* Static buffers we will return. */
struct sam_passwd *pw_buf;
fstring unix_name;
int i;
int unixgrps;
gid_t *grps;
BOOL failed = False;
if (vp == NULL)
{
DEBUG(0,("getsmbunixgrpent: Bad password file pointer.\n"));
return NULL;
}
pw_buf = getsam21pwent(vp);
if (pw_buf == NULL)
{
return NULL;
}
fstrcpy(unix_name, pw_buf->unix_name);
if (grp_rids != NULL)
{
(*grp_rids) = NULL;
(*num_grps) = 0;
}
if (als_rids != NULL)
{
(*als_rids) = NULL;
(*num_alss) = 0;
}
if (als_rids == NULL && grp_rids == NULL)
{
/* they didn't want to know the members. */
return pwdb_sam_to_smb(pw_buf);
}
/*
* find all unix groups
*/
if (get_unixgroups(unix_name, pw_buf->unix_uid, pw_buf->unix_gid, &unixgrps, &grps))
{
return NULL;
}
/*
* check each unix group for a mapping as an nt alias or an nt group
*/
for (i = 0; i < unixgrps && !failed; i++)
{
uint32 rid;
/*
* find the unix name for each user's group.
* assume the unix group is an nt name (alias? group? user?)
* (user or not our own domain will be an error).
*
* oh, oh, can anyone spot what's missing heeere?
* you guessed it: built-in aliases. those are in
* Domain S-1-5-20, and NT Domain Users can only
* have lists of RIDs as groups.
*
* doesn't stop you making NT Domain Users a member
* of a BUILTIN Alias (e.g "Administrators" or "Power Users")
* it's just that there's no way to tell that from this
* API call: wrong domain, sorry.
*
*/
DOM_NAME_MAP gmep;
if (!lookupsmbgrpgid(grps[i], &gmep))
{
continue;
}
sid_split_rid(&gmep.sid, &rid);
if (!sid_equal(&global_sam_sid, &gmep.sid))
{
continue;
}
switch (gmep.type)
{
case SID_NAME_ALIAS:
{
if (als_rids != NULL && add_num_to_list(als_rids, num_alss, rid) == NULL)
{
failed = True;
}
break;
}
case SID_NAME_DOM_GRP:
case SID_NAME_WKN_GRP:
{
if (grp_rids != NULL && add_num_to_list(grp_rids, num_grps, rid) == NULL)
{
failed = True;
}
break;
}
default:
{
break;
}
}
}
if (failed)
{
if (grp_rids != NULL && (*grp_rids) != NULL)
{
free(*grp_rids);
(*num_grps) = 0;
}
if (als_rids != NULL && (*als_rids) != NULL)
{
free(*als_rids);
(*num_alss) = 0;
}
return NULL;
}
return pwdb_sam_to_smb(pw_buf);
}
static struct passgrp_ops smbunixgrp_ops =
{
startsmbunixgrpent,
endsmbunixgrpent,
getsmbunixgrppos,
setsmbunixgrppos,
iterate_getsmbgrpntnam, /* In passgrp.c */
iterate_getsmbgrpuid, /* In passgrp.c */
iterate_getsmbgrprid, /* In passgrp.c */
getsmbunixgrpent
};
struct passgrp_ops *unix_initialise_password_grp(void)
{
return &smbunixgrp_ops;
}
#else
/* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
void smbpassgroupunix_dummy_function(void) { } /* stop some compilers complaining */
#endif /* USE_SMBPASS_DB */