diff options
author | Gerald Carter <jerry@samba.org> | 2006-10-01 21:20:14 +0000 |
---|---|---|
committer | Gerald Carter <jerry@samba.org> | 2006-10-01 21:20:14 +0000 |
commit | 6cd6987fc504a8056295113c12f629ad5c4b2868 (patch) | |
tree | 1cb4088f4b88d086f5b0bc84ffa99aa3c537e0b2 /source/utils | |
parent | 2f4cccbf3b63db498bde48679c228747f1838f91 (diff) | |
download | samba-6cd6987fc504a8056295113c12f629ad5c4b2868.tar.gz samba-6cd6987fc504a8056295113c12f629ad5c4b2868.tar.xz samba-6cd6987fc504a8056295113c12f629ad5c4b2868.zip |
r19018: staging for a 3.0.23d on Tuesday (I think we have sufficient changes to warrant one)
Diffstat (limited to 'source/utils')
-rw-r--r-- | source/utils/net_ads.c | 9 | ||||
-rw-r--r-- | source/utils/net_rpc_samsync.c | 3 | ||||
-rw-r--r-- | source/utils/net_sam.c | 56 | ||||
-rw-r--r-- | source/utils/net_usershare.c | 68 | ||||
-rw-r--r-- | source/utils/ntlm_auth.c | 37 | ||||
-rw-r--r-- | source/utils/pdbedit.c | 79 |
6 files changed, 121 insertions, 131 deletions
diff --git a/source/utils/net_ads.c b/source/utils/net_ads.c index f01f7ac33b3..606e45100e8 100644 --- a/source/utils/net_ads.c +++ b/source/utils/net_ads.c @@ -1061,7 +1061,7 @@ static ADS_STATUS net_precreate_machine_acct( ADS_STRUCT *ads, const char *ou ) asprintf(&dn, "%s,%s", ou_str, ads->config.bind_path); free(ou_str); - rc = ads_search_dn(ads, &res, dn, NULL); + rc = ads_search_dn(ads, (void**)&res, dn, NULL); ads_msgfree(ads, res); if (ADS_ERR_OK(rc)) { @@ -1525,8 +1525,11 @@ static int net_ads_printer_publish(int argc, const char **argv) return -1; } - get_remote_printer_publishing_data(pipe_hnd, mem_ctx, &mods, - printername); + if (!W_ERROR_IS_OK(get_remote_printer_publishing_data(pipe_hnd, mem_ctx, &mods, + printername))) { + ads_destroy(&ads); + return -1; + } rc = ads_add_printer_entry(ads, prt_dn, mem_ctx, &mods); if (!ADS_ERR_OK(rc)) { diff --git a/source/utils/net_rpc_samsync.c b/source/utils/net_rpc_samsync.c index 4f99c3035c8..05d2f1f6703 100644 --- a/source/utils/net_rpc_samsync.c +++ b/source/utils/net_rpc_samsync.c @@ -539,6 +539,9 @@ static NTSTATUS fetch_account_info(uint32 rid, SAM_ACCOUNT_INFO *delta) add_ret = smbrun(add_script,NULL); DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' " "gave %d\n", add_script, add_ret)); + if (add_ret == 0) { + smb_nscd_flush_user_cache(); + } } /* try and find the possible unix account again */ diff --git a/source/utils/net_sam.c b/source/utils/net_sam.c index 654c9ec5b2a..4c1b967d4e4 100644 --- a/source/utils/net_sam.c +++ b/source/utils/net_sam.c @@ -206,23 +206,20 @@ static int net_sam_set_pwnoexp(int argc, const char **argv) } /* - * Set a user's time field + * Set pass last change time, based on force pass change now */ -static int net_sam_set_time(int argc, const char **argv, const char *field, - BOOL (*fn)(struct samu *, time_t, - enum pdb_value_state)) +static int net_sam_set_pwdmustchangenow(int argc, const char **argv) { struct samu *sam_acct = NULL; DOM_SID sid; enum SID_NAME_USE type; const char *dom, *name; NTSTATUS status; - time_t new_time; - if (argc != 2) { - d_fprintf(stderr, "usage: net sam set %s <user> " - "[now|YYYY-MM-DD HH:MM]\n", field); + if ((argc != 2) || (!strequal(argv[1], "yes") && + !strequal(argv[1], "no"))) { + d_fprintf(stderr, "usage: net sam set pwdmustchangenow <user> [yes|no]\n"); return -1; } @@ -238,22 +235,6 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, return -1; } - if (strequal(argv[1], "now")) { - new_time = time(NULL); - } else { - struct tm tm; - char *end; - ZERO_STRUCT(tm); - end = strptime(argv[1], "%Y-%m-%d %H:%M", &tm); - new_time = mktime(&tm); - if ((end == NULL) || (*end != '\0') || (new_time == -1)) { - d_fprintf(stderr, "Could not parse time string %s\n", - argv[1]); - return -1; - } - } - - if ( !(sam_acct = samu_new( NULL )) ) { d_fprintf(stderr, "Internal error\n"); return -1; @@ -264,9 +245,10 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, return -1; } - if (!fn(sam_acct, new_time, PDB_CHANGED)) { - d_fprintf(stderr, "Internal error\n"); - return -1; + if (strequal(argv[1], "yes")) { + pdb_set_pass_last_set_time(sam_acct, 0, PDB_CHANGED); + } else { + pdb_set_pass_last_set_time(sam_acct, time(NULL), PDB_CHANGED); } status = pdb_update_sam_account(sam_acct); @@ -278,21 +260,11 @@ static int net_sam_set_time(int argc, const char **argv, const char *field, TALLOC_FREE(sam_acct); - d_printf("Updated %s for %s\\%s to %s\n", field, dom, name, argv[1]); + d_fprintf(stderr, "Updated 'user must change password at next logon' for %s\\%s to %s\n", dom, + name, argv[1]); return 0; } -static int net_sam_set_pwdmustchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, "pwdmustchange", - pdb_set_pass_must_change_time); -} - -static int net_sam_set_pwdcanchange(int argc, const char **argv) -{ - return net_sam_set_time(argc, argv, "pwdcanchange", - pdb_set_pass_can_change_time); -} /* * Set a user's or a group's comment @@ -376,10 +348,8 @@ static int net_sam_set(int argc, const char **argv) "Disable/Enable a user's lockout flag" }, { "pwnoexp", net_sam_set_pwnoexp, "Disable/Enable whether a user's pw does not expire" }, - { "pwdmustchange", net_sam_set_pwdmustchange, - "Set a users password must change time" }, - { "pwdcanchange", net_sam_set_pwdcanchange, - "Set a users password can change time" }, + { "pwdmustchangenow", net_sam_set_pwdmustchangenow, + "Force users password must change at next logon" }, {NULL, NULL} }; diff --git a/source/utils/net_usershare.c b/source/utils/net_usershare.c index 7d6f8d56e27..6a306a99830 100644 --- a/source/utils/net_usershare.c +++ b/source/utils/net_usershare.c @@ -458,6 +458,63 @@ static int net_usershare_info(int argc, const char **argv) } /*************************************************************************** + Count the current total number of usershares. +***************************************************************************/ + +static int count_num_usershares(void) +{ + SMB_STRUCT_DIR *dp; + SMB_STRUCT_DIRENT *de; + pstring basepath; + int num_usershares = 0; + + get_basepath(basepath); + dp = sys_opendir(basepath); + if (!dp) { + d_fprintf(stderr, "count_num_usershares: cannot open usershare directory %s. Error %s\n", + basepath, strerror(errno) ); + return -1; + } + + while((de = sys_readdir(dp)) != 0) { + SMB_STRUCT_STAT sbuf; + pstring path; + const char *n = de->d_name; + + /* Ignore . and .. */ + if (*n == '.') { + if ((n[1] == '\0') || (n[1] == '.' && n[2] == '\0')) { + continue; + } + } + + if (!validate_net_name(n, INVALID_SHARENAME_CHARS, strlen(n))) { + d_fprintf(stderr, "count_num_usershares: ignoring bad share name %s\n",n); + continue; + } + pstrcpy(path, basepath); + pstrcat(path, "/"); + pstrcat(path, n); + + if (sys_lstat(path, &sbuf) != 0) { + d_fprintf(stderr, "count_num_usershares: can't lstat file %s. Error was %s\n", + path, strerror(errno) ); + continue; + } + + if (!S_ISREG(sbuf.st_mode)) { + d_fprintf(stderr, "count_num_usershares: file %s is not a regular file. Ignoring.\n", + path ); + continue; + } + num_usershares++; + } + + sys_closedir(dp); + return num_usershares; +} + +/*************************************************************************** Add a single userlevel share. ***************************************************************************/ @@ -481,6 +538,7 @@ static int net_usershare_add(int argc, const char **argv) size_t to_write; uid_t myeuid = geteuid(); BOOL guest_ok = False; + int num_usershares; us_comment = ""; arg_acl = "S-1-1-0:R"; @@ -528,6 +586,16 @@ static int net_usershare_add(int argc, const char **argv) break; } + /* Ensure we're under the "usershare max shares" number. Advisory only. */ + num_usershares = count_num_usershares(); + if (num_usershares > lp_usershare_max_shares()) { + d_fprintf(stderr, "net usershare add: too many usershares already defined (%d), " + "maximum number allowed is %d.\n", + num_usershares, lp_usershare_max_shares() ); + SAFE_FREE(sharename); + return -1; + } + if (!validate_net_name(sharename, INVALID_SHARENAME_CHARS, strlen(sharename))) { d_fprintf(stderr, "net usershare add: share name %s contains " "invalid characters (any of %s)\n", diff --git a/source/utils/ntlm_auth.c b/source/utils/ntlm_auth.c index 5695460378f..17f60345171 100644 --- a/source/utils/ntlm_auth.c +++ b/source/utils/ntlm_auth.c @@ -1816,6 +1816,33 @@ enum { } } + if (opt_username) { + char *domain = SMB_STRDUP(opt_username); + char *p = strchr_m(domain, *lp_winbind_separator()); + if (p) { + opt_username = p+1; + *p = '\0'; + if (opt_domain && !strequal(opt_domain, domain)) { + x_fprintf(x_stderr, "Domain specified in username (%s) " + "doesn't match specified domain (%s)!\n\n", + domain, opt_domain); + poptPrintHelp(pc, stderr, 0); + exit(1); + } + opt_domain = domain; + } else { + SAFE_FREE(domain); + } + } + + if (opt_domain == NULL || !*opt_domain) { + opt_domain = get_winbind_domain(); + } + + if (opt_workstation == NULL) { + opt_workstation = ""; + } + if (helper_protocol) { int i; for (i=0; i<NUM_HELPER_MODES; i++) { @@ -1833,20 +1860,12 @@ enum { exit(1); } - if (!opt_username) { + if (!opt_username || !*opt_username) { x_fprintf(x_stderr, "username must be specified!\n\n"); poptPrintHelp(pc, stderr, 0); exit(1); } - if (opt_domain == NULL) { - opt_domain = get_winbind_domain(); - } - - if (opt_workstation == NULL) { - opt_workstation = ""; - } - if (opt_challenge.length) { if (!check_auth_crap()) { exit(1); diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c index 0a6fb7e8bec..db8661ecad5 100644 --- a/source/utils/pdbedit.c +++ b/source/utils/pdbedit.c @@ -419,8 +419,7 @@ static int set_user_info (struct pdb_methods *in, const char *username, const char *drive, const char *script, const char *profile, const char *account_control, const char *user_sid, const char *user_domain, - const BOOL badpw, const BOOL hours, - time_t pwd_can_change, time_t pwd_must_change) + const BOOL badpw, const BOOL hours) { BOOL updated_autolock = False, updated_badpw = False; struct samu *sam_pwent=NULL; @@ -447,14 +446,6 @@ static int set_user_info (struct pdb_methods *in, const char *username, pdb_set_hours(sam_pwent, hours_array, PDB_CHANGED); } - if (pwd_can_change != -1) { - pdb_set_pass_can_change_time(sam_pwent, pwd_can_change, PDB_CHANGED); - } - - if (pwd_must_change != -1) { - pdb_set_pass_must_change_time(sam_pwent, pwd_must_change, PDB_CHANGED); - } - if (!pdb_update_autolock_flag(sam_pwent, &updated_autolock)) { DEBUG(2,("pdb_update_autolock_flag failed.\n")); } @@ -778,8 +769,6 @@ int main (int argc, char **argv) BOOL account_policy_value_set = False; static BOOL badpw_reset = False; static BOOL hours_reset = False; - static char *pwd_can_change_time = NULL; - static char *pwd_must_change_time = NULL; static char *pwd_time_format = NULL; static BOOL pw_from_stdin = False; struct pdb_methods *bin, *bout, *bdef; @@ -814,8 +803,6 @@ int main (int argc, char **argv) {"force-initialized-passwords", 0, POPT_ARG_NONE, &force_initialised_password, 0, "Force initialization of corrupt password strings in a passdb backend", NULL}, {"bad-password-count-reset", 'z', POPT_ARG_NONE, &badpw_reset, 0, "reset bad password count", NULL}, {"logon-hours-reset", 'Z', POPT_ARG_NONE, &hours_reset, 0, "reset logon hours", NULL}, - {"pwd-can-change-time", 0, POPT_ARG_STRING, &pwd_can_change_time, 0, "Set password can change time (unix time in seconds since 1970 if time format not provided)", NULL }, - {"pwd-must-change-time", 0, POPT_ARG_STRING, &pwd_must_change_time, 0, "Set password must change time (unix time in seconds since 1970 if time format not provided)", NULL }, {"time-format", 0, POPT_ARG_STRING, &pwd_time_format, 0, "The time format for time parameters", NULL }, {"password-from-stdin", 't', POPT_ARG_NONE, &pw_from_stdin, 0, "get password from standard in", NULL}, POPT_COMMON_SAMBA @@ -878,9 +865,7 @@ int main (int argc, char **argv) (backend_in ? BIT_IMPORT : 0) + (backend_out ? BIT_EXPORT : 0) + (badpw_reset ? BIT_BADPWRESET : 0) + - (hours_reset ? BIT_LOGONHOURS : 0) + - (pwd_can_change_time ? BIT_CAN_CHANGE: 0) + - (pwd_must_change_time ? BIT_MUST_CHANGE: 0); + (hours_reset ? BIT_LOGONHOURS : 0); if (setparms & BIT_BACKEND) { if (!NT_STATUS_IS_OK(make_pdb_method_name( &bdef, backend ))) { @@ -1052,67 +1037,9 @@ int main (int argc, char **argv) /* account modification operations */ if (!(checkparms & ~(BIT_MODIFY + BIT_USER))) { - time_t pwd_can_change = -1; - time_t pwd_must_change = -1; - const char *errstr; - - if (pwd_can_change_time) { - errstr = "can"; - if (pwd_time_format) { - struct tm tm; - char *ret; - - memset(&tm, 0, sizeof(struct tm)); - ret = strptime(pwd_can_change_time, pwd_time_format, &tm); - if (ret == NULL || *ret != '\0') { - goto error; - } - - pwd_can_change = mktime(&tm); - - if (pwd_can_change == -1) { - goto error; - } - } else { /* assume it is unix time */ - errno = 0; - pwd_can_change = strtol(pwd_can_change_time, NULL, 10); - if (errno) { - goto error; - } - } - } - if (pwd_must_change_time) { - errstr = "must"; - if (pwd_time_format) { - struct tm tm; - char *ret; - - memset(&tm, 0, sizeof(struct tm)); - ret = strptime(pwd_must_change_time, pwd_time_format, &tm); - if (ret == NULL || *ret != '\0') { - goto error; - } - - pwd_must_change = mktime(&tm); - - if (pwd_must_change == -1) { - goto error; - } - } else { /* assume it is unix time */ - errno = 0; - pwd_must_change = strtol(pwd_must_change_time, NULL, 10); - if (errno) { - goto error; - } - } - } return set_user_info (bdef, user_name, full_name, home_dir, acct_desc, home_drive, logon_script, profile_path, account_control, - user_sid, user_domain, badpw_reset, hours_reset, pwd_can_change, - pwd_must_change); -error: - fprintf (stderr, "Error parsing the time in pwd-%s-change-time!\n", errstr); - return -1; + user_sid, user_domain, badpw_reset, hours_reset); } } |