From 8ec5eb4930e835b75ae29fb6a047cd64c7a0f2c0 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Sat, 26 Apr 2003 19:26:25 +0000 Subject: Adding tdbbackup manpage to Makefile, fix typos, fix incorrect syntax on author entry. (This used to be commit 144d0f5996224edc58d66379214b6e1508f57526) --- docs/docbook/Makefile.in | 2 +- docs/docbook/manpages/tdbbackup.8.sgml | 19 +++++++++++-------- docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml | 2 +- 3 files changed, 13 insertions(+), 10 deletions(-) diff --git a/docs/docbook/Makefile.in b/docs/docbook/Makefile.in index ce3d009f6c0..d55d2daaecf 100644 --- a/docs/docbook/Makefile.in +++ b/docs/docbook/Makefile.in @@ -21,7 +21,7 @@ MANPAGES_NAMES=findsmb.1 smbclient.1 \ smbpasswd.8 testprns.1 \ smb.conf.5 wbinfo.1 pdbedit.8 \ smbcacls.1 smbsh.1 winbindd.8 \ - vfstest.1 \ + tdbbackup.8 vfstest.1 \ profiles.1 smbtree.1 ntlm_auth.1 \ editreg.1 smbcquotas.1 diff --git a/docs/docbook/manpages/tdbbackup.8.sgml b/docs/docbook/manpages/tdbbackup.8.sgml index 25b2c27aef0..31aa103e81f 100644 --- a/docs/docbook/manpages/tdbbackup.8.sgml +++ b/docs/docbook/manpages/tdbbackup.8.sgml @@ -42,27 +42,30 @@ + + -h + + Get help information. + + + -s suffix - The -s option allows the adminisistrator to specify a file + The -s option allows the adminisistrator to specify a file backup extension. This way it is possible to keep a history of tdb backup files by using a new suffix for each backup. - &stdarg.help; - -v - The -v will check the database for damages (currupt data) + The -v will check the database for damages (currupt data) which if detected causes the backup to be restored. - &popt.common.samba; - @@ -88,8 +91,9 @@ Samba .tdb files are stored in various locations, be sure to run backup all .tdb file on the system. Imporatant files includes: + - + secrets.tdb - usual location is in the /usr/local/samba/private directory, or on some systems in /etc/samba. @@ -104,7 +108,6 @@ *.tdb located in the /usr/local/samba/var directory or on some systems in the /var/cache or /var/lib/samba directories. - diff --git a/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml index 7250bca824a..af6ddff9bf9 100644 --- a/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml +++ b/docs/docbook/projdoc/GROUP-MAPPING-HOWTO.sgml @@ -3,8 +3,8 @@ Jean FrançoisMicouleau - &author.jerry; + &author.jerry; Configuring Group Mapping -- cgit From 8657fc91da1c578614b8309e580feeb1e29b41b6 Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Sat, 26 Apr 2003 19:45:07 +0000 Subject: PAtch from VORLON (This used to be commit 2f266669b22cba6771189a9eb4503bf64ebb744b) --- source3/pam_smbpass/README | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/source3/pam_smbpass/README b/source3/pam_smbpass/README index cf208a99140..6cdb76f9c3f 100644 --- a/source3/pam_smbpass/README +++ b/source3/pam_smbpass/README @@ -11,13 +11,7 @@ For more information on PAM, see http://ftp.kernel.org/pub/linux/libs/pam/ This module authenticates a local smbpasswd user database. If you require support for authenticating against a remote SMB server, or if you're concerned about the presence of suid root binaries on your system, it is -recommended that you use one of the other two following modules - - pam_smb - http://www.csn.ul.ie/~airlied/pam_smb/ - authenticates against any remote SMB server - - pam_ntdom - ftp://ftp.samba.org/pub/samba/pam_ntdom/ - authenticates against an NT or Samba domain controller +recommended that you use pam_winbind instead. Options recognized by this module are as follows: -- cgit From c89d1d71c14a772e6aa0b7f3db947474bf37fa7b Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Sat, 26 Apr 2003 19:45:30 +0000 Subject: Patch from Vorlon. (This used to be commit c5ca926f8fae2d725b56d252b5944e9f96065cb6) --- docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml | 8 +------- 1 file changed, 1 insertion(+), 7 deletions(-) diff --git a/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml b/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml index 9f03f98b5f6..90a07a13bd3 100644 --- a/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml +++ b/docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml @@ -211,16 +211,10 @@ For more information on PAM, see http://ftp.kernel.org/pub/linux/libs/pam/ This module authenticates a local smbpasswd user database. If you require support for authenticating against a remote SMB server, or if you're concerned about the presence of suid root binaries on your system, it is -recommended that you use one of the other two following modules +recommended that you use pam_winbind instead. - pam_smb - http://www.csn.ul.ie/~airlied/pam_smb/ - authenticates against any remote SMB server - - pam_ntdom - ftp://ftp.samba.org/pub/samba/pam_ntdom/ - authenticates against an NT or Samba domain controller - Options recognized by this module are as follows: debug - log more debugging info -- cgit From d2fd4707ab6c53d1dd886c6ec189163d12c8ce8b Mon Sep 17 00:00:00 2001 From: John Terpstra Date: Sat, 26 Apr 2003 20:40:13 +0000 Subject: Fixed typo - tdbbackup is man sect 8 not 1 (This used to be commit 451f32f1fadbe3474e3e52a21ce77c23d106d03b) --- docs/docbook/manpages/tdbbackup.8.sgml | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/docs/docbook/manpages/tdbbackup.8.sgml b/docs/docbook/manpages/tdbbackup.8.sgml index 31aa103e81f..9b885e0af78 100644 --- a/docs/docbook/manpages/tdbbackup.8.sgml +++ b/docs/docbook/manpages/tdbbackup.8.sgml @@ -1,11 +1,11 @@ %globalentities; ]> - + tdbbackup - 1 + 8 -- cgit From c737b1f7587ca7d32a974c6249eec9510e566a9c Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 27 Apr 2003 12:07:20 +0000 Subject: make winbind use idmap as well. change idmap_init call removed ldap backend for winbind idmap, seem it had problems anyway and it have to be reworked to work with idmap without calling winbind code. simo (This used to be commit 9d7d007443fc75264b2764b90f272ffc40c9be6c) --- source3/Makefile.in | 5 +- source3/nsswitch/winbindd.c | 5 +- source3/nsswitch/winbindd_group.c | 31 ++- source3/nsswitch/winbindd_idmap.c | 195 -------------- source3/nsswitch/winbindd_idmap_ldap.c | 395 ---------------------------- source3/nsswitch/winbindd_idmap_tdb.c | 459 --------------------------------- source3/nsswitch/winbindd_sid.c | 20 +- source3/nsswitch/winbindd_user.c | 28 +- source3/sam/idmap.c | 7 +- source3/sam/idmap_winbind.c | 155 ----------- source3/smbd/server.c | 2 +- 11 files changed, 59 insertions(+), 1243 deletions(-) delete mode 100644 source3/nsswitch/winbindd_idmap.c delete mode 100644 source3/nsswitch/winbindd_idmap_ldap.c delete mode 100644 source3/nsswitch/winbindd_idmap_tdb.c delete mode 100644 source3/sam/idmap_winbind.c diff --git a/source3/Makefile.in b/source3/Makefile.in index 7291b4b3c5a..a73f8c96827 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -288,7 +288,7 @@ DEVEL_HELP_OBJ = modules/developer.o SAM_STATIC_MODULES = sam/sam_plugin.o sam/sam_skel.o sam/sam_ads.o -IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o sam/idmap_winbind.o +IDMAP_OBJ = sam/idmap.o sam/idmap_tdb.o SAM_OBJ = sam/account.o sam/get_set_account.o sam/get_set_group.o \ sam/get_set_domain.o sam/interface.o $(SAM_STATIC_MODULES) @@ -590,9 +590,6 @@ WINBINDD_OBJ1 = \ nsswitch/winbindd.o \ nsswitch/winbindd_user.o \ nsswitch/winbindd_group.o \ - nsswitch/winbindd_idmap.o \ - nsswitch/winbindd_idmap_tdb.o \ - nsswitch/winbindd_idmap_ldap.o \ nsswitch/winbindd_util.o \ nsswitch/winbindd_cache.o \ nsswitch/winbindd_pam.o \ diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index ff21a4644f8..1be5a18c7c3 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -128,7 +128,6 @@ static void winbindd_status(void) static void print_winbindd_status(void) { winbindd_status(); - winbindd_idmap_status(); winbindd_cm_status(); } @@ -146,7 +145,7 @@ static void terminate(void) { pstring path; - winbindd_idmap_close(); + idmap_close(); /* Remove socket file */ snprintf(path, sizeof(path), "%s/%s", @@ -755,7 +754,7 @@ BOOL winbind_setup_common(void) /* Winbind daemon initialisation */ - if (!winbindd_idmap_init()) + if (!idmap_init()) return False; /* Unblock all signals we are interested in as they may have been diff --git a/source3/nsswitch/winbindd_group.c b/source3/nsswitch/winbindd_group.c index d06db5943c7..02114a38910 100644 --- a/source3/nsswitch/winbindd_group.c +++ b/source3/nsswitch/winbindd_group.c @@ -193,8 +193,9 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) enum SID_NAME_USE name_type; fstring name_domain, name_group; char *tmp, *gr_mem; - gid_t gid; int gr_mem_len; + unid_t id; + int id_type; /* Ensure null termination */ state->request.data.groupname[sizeof(state->request.data.groupname)-1]='\0'; @@ -233,13 +234,14 @@ enum winbindd_result winbindd_getgrnam(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - if (!winbindd_idmap_get_gid_from_sid(&group_sid, &gid)) { + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &group_sid))) { DEBUG(1, ("error converting unix gid to sid\n")); return WINBINDD_ERROR; } if (!fill_grent(&state->response.data.gr, name_domain, - name_group, gid) || + name_group, id.gid) || !fill_grent_mem(domain, &group_sid, name_type, &state->response.data.gr.num_gr_mem, &gr_mem, &gr_mem_len)) { @@ -267,6 +269,7 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) fstring group_name; int gr_mem_len; char *gr_mem; + unid_t id; DEBUG(3, ("[%5d]: getgrgid %d\n", state->pid, state->request.data.gid)); @@ -278,8 +281,8 @@ enum winbindd_result winbindd_getgrgid(struct winbindd_cli_state *state) return WINBINDD_ERROR; /* Get rid from gid */ - - if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &group_sid)) { + id.gid = state->request.data.gid; + if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&group_sid, id, ID_GROUPID))) { DEBUG(1, ("could not convert gid %d to rid\n", state->request.data.gid)); return WINBINDD_ERROR; @@ -544,6 +547,8 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) char *gr_mem, *new_gr_mem_list; DOM_SID group_sid; struct winbindd_domain *domain; + unid_t id; + int id_type; /* Do we need to fetch another chunk of groups? */ @@ -590,9 +595,8 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) sid_copy(&group_sid, &domain->sid); sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid); - if (!winbindd_idmap_get_gid_from_sid( - &group_sid, - &group_gid)) { + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &group_sid))) { DEBUG(1, ("could not look up gid for group %s\n", name_list[ent->sam_entry_index].acct_name)); @@ -600,6 +604,7 @@ enum winbindd_result winbindd_getgrent(struct winbindd_cli_state *state) ent->sam_entry_index++; goto tryagain; } + group_gid = id.gid; DEBUG(10, ("got gid %d for group %x\n", group_gid, name_list[ent->sam_entry_index].rid)); @@ -869,16 +874,18 @@ enum winbindd_result winbindd_getgroups(struct winbindd_cli_state *state) goto done; for (i = 0; i < num_groups; i++) { - if (!winbindd_idmap_get_gid_from_sid( - user_gids[i], - &gid_list[num_gids])) { + unid_t id; + int id_type; + + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_gids[i]))) { fstring sid_string; DEBUG(1, ("unable to convert group sid %s to gid\n", sid_to_string(sid_string, user_gids[i]))); continue; } - + gid_list[num_gids] = id.gid; num_gids++; } diff --git a/source3/nsswitch/winbindd_idmap.c b/source3/nsswitch/winbindd_idmap.c deleted file mode 100644 index 23f4b4d0815..00000000000 --- a/source3/nsswitch/winbindd_idmap.c +++ /dev/null @@ -1,195 +0,0 @@ -/* - Unix SMB/CIFS implementation. - Winbind ID Mapping - Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -static struct { - const char *name; - /* Function to create a member of the idmap_methods list */ - BOOL (*reg_meth)(struct winbindd_idmap_methods **methods); - struct winbindd_idmap_methods *methods; -} builtin_winbindd_idmap_functions[] = { - { "tdb", winbind_idmap_reg_tdb, NULL }, - { "ldap", winbind_idmap_reg_ldap, NULL }, - { NULL, NULL, NULL } -}; - -/* singleton pattern: uberlazy evaluation */ -static struct winbindd_idmap_methods *impl; - -static struct winbindd_idmap_methods *get_impl(const char *name) -{ - int i = 0; - struct winbindd_idmap_methods *ret = NULL; - - while (builtin_winbindd_idmap_functions[i].name && - strcmp(builtin_winbindd_idmap_functions[i].name, name)) { - i++; - } - - if (builtin_winbindd_idmap_functions[i].name) { - if (!builtin_winbindd_idmap_functions[i].methods) { - builtin_winbindd_idmap_functions[i].reg_meth(&builtin_winbindd_idmap_functions[i].methods); - } - - ret = builtin_winbindd_idmap_functions[i].methods; - } - - return ret; -} - -/* Initialize backend */ -BOOL winbindd_idmap_init(void) -{ - BOOL ret = False; - - DEBUG(3, ("winbindd_idmap_init: using '%s' as backend\n", - lp_winbind_backend())); - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - } - - if (impl) { - ret = impl->init(); - } - - DEBUG(3, ("winbind_idmap_init: returning %s\n", ret ? "true" : "false")); - - return ret; -} - -/* Get UID from SID */ -BOOL winbindd_idmap_get_uid_from_sid(DOM_SID *sid, uid_t *uid) -{ - BOOL ret = False; - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - } - - if (impl) { - ret = impl->get_uid_from_sid(sid, uid); - } - - return ret; -} - -/* Get GID from SID */ -BOOL winbindd_idmap_get_gid_from_sid(DOM_SID *sid, gid_t *gid) -{ - BOOL ret = False; - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - } - - if (impl) { - ret = impl->get_gid_from_sid(sid, gid); - } - - return ret; -} - -/* Get SID from UID */ -BOOL winbindd_idmap_get_sid_from_uid(uid_t uid, DOM_SID *sid) -{ - BOOL ret = False; - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - if (!impl) { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - } - - if (impl) { - ret = impl->get_sid_from_uid(uid, sid); - } - - return ret; -} - -/* Get SID from GID */ -BOOL winbindd_idmap_get_sid_from_gid(gid_t gid, DOM_SID *sid) -{ - BOOL ret = False; - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } - - if (impl) { - ret = impl->get_sid_from_gid(gid, sid); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - - return ret; -} - -/* Close backend */ -BOOL winbindd_idmap_close(void) -{ - BOOL ret = False; - - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } - - if (impl) { - ret = impl->close(); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } - - return ret; -} - -/* Dump backend status */ -void winbindd_idmap_status(void) -{ - if (!impl) { - impl = get_impl(lp_winbind_backend()); - } - - if (impl) { - impl->status(); - } else { - DEBUG(0, ("winbindd_idmap_init: could not load backend '%s'\n", - lp_winbind_backend())); - } -} diff --git a/source3/nsswitch/winbindd_idmap_ldap.c b/source3/nsswitch/winbindd_idmap_ldap.c deleted file mode 100644 index 55efb7f45cc..00000000000 --- a/source3/nsswitch/winbindd_idmap_ldap.c +++ /dev/null @@ -1,395 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind daemon - user related function - - Copyright (C) Jim McDonough 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -#ifdef HAVE_LDAP - -#include -#include - -#include "smb_ldap.h" - -/* Globals */ -static struct smb_ldap_privates *ldap_state; - -static const char *attr[] = { "uid", "rid", "domain", "uidNumber", - "gidNumber", NULL }; - -static const char *pool_attr[] = {"uidNumber", "gidNumber", "cn", NULL}; - -static long ldap_allocate_id(BOOL is_user) -{ - int rc, count; - LDAPMessage *result; - int scope = LDAP_SCOPE_SUBTREE; - long ret = 0; - int sanity = 0; - - do { - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, is_user?"cn=UID Pool":"cn=GID Pool", pool_attr, 0, &result); - - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_allocate_id: No ID pool found in directory\n")); - return 0; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - - if (1 < count) { - DEBUG(0,("ldap_allocate_id: Multiple UID pools found in directory?\n")); - break; - } else if (1 == count) { - LDAPMessage *entry = - ldap_first_entry(ldap_state->ldap_struct, - result); - LDAPMod **mods = NULL; - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, is_user?"uidNumber":"gidNumber", temp)) { - return False; - } - ret = atol(temp); - smb_ldap_make_a_mod(&mods, LDAP_MOD_DELETE, - is_user?"uidNumber":"gidNumber", - temp); - slprintf(temp, sizeof(temp) - 1, "%ld", ret + 1); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, is_user?"uidNumber":"gidNumber", temp); - slprintf(temp, sizeof(temp) - 1, "cn=%cID Pool,%s", is_user?'U':'G', lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - ldap_mods_free(mods, 1); - } else { - DEBUG(0,("ldap_allocate_id: unexpected number of entries returned\n")); - break; - } - } while (LDAP_NO_SUCH_ATTRIBUTE == rc && ++sanity < 100); - - return ret; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static BOOL ldap_idmap_init(void) -{ - static struct smb_ldap_privates state; - ldap_state = &state; - -#ifdef WITH_LDAP_SAMCONFIG - { - int ldap_port = lp_ldap_port(); - char *uri; - /* remap default port if not using SSL */ - if (lp_ldap_ssl() != LDAP_SSL_ON && ldap_port == 636) { - ldap_port = 389; - } - - uri = NULL; - - asprintf(&uri, "%s://%s:%d", - lp_ldap_ssl() == LDAP_SSL_ON ? "ldaps" : "ldap", - lp_ldap_server(), ldap_port); - ldap_state->uri = uri; - if (!ldap_state->uri) { - DEBUG(0,("Out of memory\n")); - return False; - } - } -#else - ldap_state->uri = "ldap://localhost"; -#endif - return True; -} - -static BOOL ldap_get_sid_from_uid(uid_t uid, DOM_SID * sid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - - slprintf(filter, sizeof(filter) - 1, "uidNumber=%i", uid); - - DEBUG(2, ("ldap_get_sid_from_uid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_get_sid_from_uid: user search failed\n")); - return False; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one user exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - /* we found the user, get the users RID */ - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, - result); - pstring temp, domain; - uint32 rid; - struct winbindd_domain *wb_dom; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "domain", domain)) { - return False; - } - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "rid", temp)) { - return False; - } - rid = (uint32)atol(temp); - wb_dom = find_domain_from_name(domain); - - if (!wb_dom) { - DEBUG(0,("ldap_get_sid_from_uid: could not find domain %s\n", domain)); - return False; - } - - sid_copy(sid, &wb_dom->sid); - sid_append_rid(sid, rid); - } else { - /* 0 entries? that ain't right */ - DEBUG(0,("ldap_get_sid_from_uid: not user entry found for %s\n", filter)); - } - - return True; -} - -static BOOL ldap_get_uid_from_sid(DOM_SID *sid, uid_t *uid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - uint32 rid = 0; - struct winbindd_domain *wb_dom; - DOM_SID dom_sid; - - sid_copy(&dom_sid, sid); - - if (!sid_split_rid(&dom_sid, &rid)) { - DEBUG(0,("ldap_get_uid_from_sid: sid does not contain an rid\n")); - return False; - } - - if (!(wb_dom = find_domain_from_sid(&dom_sid))) { - DEBUG(0,("ldap_get_uid_from_sid: cannot lookup domain from sid\n")); - return False; - } - - slprintf(filter, sizeof(filter) - 1, "rid=%d,domain=%s,objectClass=sambaAccount", rid, wb_dom->name); - - DEBUG(2, ("ldap_get_uid_from_sid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_NO_SUCH_OBJECT == rc) { - LDAPMod **mods = NULL; - pstring temp; - fstring dom, name; - int sid_type; - - winbindd_lookup_name_by_sid(sid, dom, name, - (enum SID_USE_TYPE *)&sid_type); - slprintf(temp, sizeof(temp) - 1, "%i", rid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "rid", temp); - - *uid = ldap_allocate_id(True); - slprintf(temp, sizeof(temp) - 1, "%i", *uid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uidNumber", temp); - - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "uid", name); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaAccount"); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account"); - slprintf(temp, sizeof(temp) - 1, "uid=%s,%s", name, lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - - ldap_mods_free(mods, 1); - if (LDAP_SUCCESS != rc) { - return False; - } - } else if (LDAP_SUCCESS == rc) { - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one user exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - /* we found the user, get the idNumber */ - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result); - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "uidNumber", temp)) { - return False; - } - *uid = atol(temp); - } else { - DEBUG(0,("ldap_get_uid_from_sid: zero entries returned?\n")); - return False; - } - } else { - DEBUG(0,("ldap_get_uid_from_sid: unknown error querying user info\n")); - return False; - } - - return True; -} - -static BOOL ldap_get_sid_from_gid(gid_t gid, DOM_SID * sid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - - slprintf(filter, sizeof(filter) - 1, "gidNumber=%i,objectClass=sambaGroupMapping", gid); - - DEBUG(2, ("ldap_get_sid_from_gid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_SUCCESS != rc) { - DEBUG(0,("ldap_get_sid_from_gid: user search failed\n")); - return False; - } - - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one group exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, - result); - pstring str_sid; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "ntSid", str_sid)) { - return False; - } - - string_to_sid(sid, str_sid); - } else { - /* 0 entries? that ain't right */ - DEBUG(0,("ldap_get_sid_from_gid: not group entry found for %s\n", filter)); - } - - return True; -} - -static BOOL ldap_get_gid_from_sid(DOM_SID *sid, gid_t *gid) -{ - pstring filter; - int scope = LDAP_SCOPE_SUBTREE; - int rc, count; - LDAPMessage *result; - fstring str_sid; - - sid_to_string(str_sid, sid); - - slprintf(filter, sizeof(filter) - 1, "ntSid=%s,objectClass=sambaGroupMapping", str_sid); - - DEBUG(2, ("ldap_get_gid_from_sid: searching for:[%s]\n", filter)); - - rc = smb_ldap_search(ldap_state, lp_ldap_suffix(), scope, filter, attr, 0, &result); - if (LDAP_NO_SUCH_OBJECT == rc) { - LDAPMod **mods = NULL; - pstring temp; - - *gid = ldap_allocate_id(False); - slprintf(temp, sizeof(temp) - 1, "%i", *gid); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "gidNumber", temp); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "sambaGroupMapping"); - smb_ldap_make_a_mod(&mods, LDAP_MOD_ADD, "objectClass", "account"); - slprintf(temp, sizeof(temp) - 1, "gidNumber=%i,%s", *gid, lp_ldap_user_suffix()); - rc = smb_ldap_modify(ldap_state, temp, mods); - - ldap_mods_free(mods, 1); - if (LDAP_SUCCESS != rc) { - return False; - } - } else if (LDAP_SUCCESS == rc) { - count = ldap_count_entries(ldap_state->ldap_struct, result); - if (1 < count) { - DEBUG(0,("More than one group exists where: %s\n", filter)); - ldap_msgfree(result); - return False; - } else if (1 == count) { - LDAPMessage *entry = ldap_first_entry(ldap_state->ldap_struct, result); - pstring temp; - - if (!smb_ldap_get_single_attribute(ldap_state->ldap_struct, entry, "gidNumber", temp)) { - return False; - } - *gid = atol(temp); - } else { - DEBUG(0,("ldap_get_gid_from_sid: zero entries returned?\n")); - return False; - } - } else { - DEBUG(0,("ldap_get_gid_from_sid: unknown error querying user info\n")); - return False; - } - - return True; -} - -static BOOL ldap_idmap_close(void) -{ - smb_ldap_close(ldap_state); - ldap_state = 0; - return True; -} - -static void ldap_idmap_status(void) -{ - DEBUG(0, ("winbindd idmap status:\n")); - DEBUG(0, ("Using LDAP\n")); -} - -struct winbindd_idmap_methods ldap_idmap_methods = { - ldap_idmap_init, - - ldap_get_sid_from_uid, - ldap_get_sid_from_gid, - - ldap_get_uid_from_sid, - ldap_get_gid_from_sid, - - ldap_idmap_close, - - ldap_idmap_status -}; - -#endif - -BOOL winbind_idmap_reg_ldap(struct winbindd_idmap_methods **meth) -{ -#ifdef HAVE_LDAP - *meth = &ldap_idmap_methods; - - return True; -#else - DEBUG(0,("winbind_idmap_reg_ldap: LDAP support not compiled\n")); - return False; -#endif -} diff --git a/source3/nsswitch/winbindd_idmap_tdb.c b/source3/nsswitch/winbindd_idmap_tdb.c deleted file mode 100644 index 12d6972bae3..00000000000 --- a/source3/nsswitch/winbindd_idmap_tdb.c +++ /dev/null @@ -1,459 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - Winbind daemon - user related function - - Copyright (C) Tim Potter 2000 - Copyright (C) Anthony Liguori 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "winbindd.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_WINBIND - -/* High water mark keys */ -#define HWM_GROUP "GROUP HWM" -#define HWM_USER "USER HWM" - -/* idmap version determines auto-conversion */ -#define IDMAP_VERSION 2 - -/* Globals */ -static TDB_CONTEXT *idmap_tdb; - -/* convert one record to the new format */ -static int tdb_convert_fn(TDB_CONTEXT * tdb, TDB_DATA key, TDB_DATA data, - void *ignored) -{ - struct winbindd_domain *domain; - char *p; - DOM_SID sid; - uint32 rid; - fstring keystr; - fstring dom_name; - TDB_DATA key2; - - p = strchr(key.dptr, '/'); - if (!p) - return 0; - - *p = 0; - fstrcpy(dom_name, key.dptr); - *p++ = '/'; - - domain = find_domain_from_name(dom_name); - if (!domain) { - /* We must delete the old record. */ - DEBUG(0, - ("winbindd: tdb_convert_fn : Unable to find domain %s\n", - dom_name)); - DEBUG(0, - ("winbindd: tdb_convert_fn : deleting record %s\n", - key.dptr)); - tdb_delete(idmap_tdb, key); - return 0; - } - - rid = atoi(p); - - sid_copy(&sid, &domain->sid); - sid_append_rid(&sid, rid); - - sid_to_string(keystr, &sid); - key2.dptr = keystr; - key2.dsize = strlen(keystr) + 1; - - if (tdb_store(idmap_tdb, key2, data, TDB_INSERT) != 0) { - /* not good! */ - DEBUG(0, - ("winbindd: tdb_convert_fn : Unable to update record %s\n", - key2.dptr)); - DEBUG(0, - ("winbindd: tdb_convert_fn : conversion failed - idmap corrupt ?\n")); - return -1; - } - - if (tdb_store(idmap_tdb, data, key2, TDB_REPLACE) != 0) { - /* not good! */ - DEBUG(0, - ("winbindd: tdb_convert_fn : Unable to update record %s\n", - data.dptr)); - DEBUG(0, - ("winbindd: tdb_convert_fn : conversion failed - idmap corrupt ?\n")); - return -1; - } - - tdb_delete(idmap_tdb, key); - - return 0; -} - -/***************************************************************************** - Convert the idmap database from an older version. -*****************************************************************************/ -static BOOL tdb_idmap_convert(void) -{ - int32 vers = tdb_fetch_int32(idmap_tdb, "IDMAP_VERSION"); - BOOL bigendianheader = - (idmap_tdb->flags & TDB_BIGENDIAN) ? True : False; - - if (vers == IDMAP_VERSION) - return True; - - if (((vers == -1) && bigendianheader) - || (IREV(vers) == IDMAP_VERSION)) { - /* Arrggghh ! Bytereversed or old big-endian - make order independent ! */ - /* - * high and low records were created on a - * big endian machine and will need byte-reversing. - */ - - int32 wm; - - wm = tdb_fetch_int32(idmap_tdb, HWM_USER); - - if (wm != -1) { - wm = IREV(wm); - } else - wm = server_state.uid_low; - - if (tdb_store_int32(idmap_tdb, HWM_USER, wm) == -1) { - DEBUG(0, - ("tdb_idmap_convert: Unable to byteswap user hwm in idmap database\n")); - return False; - } - - wm = tdb_fetch_int32(idmap_tdb, HWM_GROUP); - if (wm != -1) { - wm = IREV(wm); - } else - wm = server_state.gid_low; - - if (tdb_store_int32(idmap_tdb, HWM_GROUP, wm) == -1) { - DEBUG(0, - ("tdb_idmap_convert: Unable to byteswap group hwm in idmap database\n")); - return False; - } - } - - /* the old format stored as DOMAIN/rid - now we store the SID direct */ - tdb_traverse(idmap_tdb, tdb_convert_fn, NULL); - - if (tdb_store_int32(idmap_tdb, "IDMAP_VERSION", IDMAP_VERSION) == - -1) { - DEBUG(0, - ("tdb_idmap_convert: Unable to byteswap group hwm in idmap database\n")); - return False; - } - - return True; -} - -/* Allocate either a user or group id from the pool */ -static BOOL tdb_allocate_id(uid_t * id, BOOL isgroup) -{ - int hwm; - - /* Get current high water mark */ - if ((hwm = tdb_fetch_int32(idmap_tdb, - isgroup ? HWM_GROUP : HWM_USER)) == - -1) { - return False; - } - - /* Return next available uid in list */ - if ((isgroup && (hwm > server_state.gid_high)) || - (!isgroup && (hwm > server_state.uid_high))) { - DEBUG(0, - ("winbind %sid range full!\n", isgroup ? "g" : "u")); - return False; - } - - if (id) { - *id = hwm; - } - - hwm++; - - /* Store new high water mark */ - tdb_store_int32(idmap_tdb, isgroup ? HWM_GROUP : HWM_USER, hwm); - - return True; -} - -/* Get a sid from an id */ -static BOOL tdb_get_sid_from_id(int id, DOM_SID * sid, BOOL isgroup) -{ - TDB_DATA key, data; - fstring keystr; - BOOL result = False; - - slprintf(keystr, sizeof(keystr), "%s %d", isgroup ? "GID" : "UID", - id); - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(idmap_tdb, key); - - if (data.dptr) { - result = string_to_sid(sid, data.dptr); - SAFE_FREE(data.dptr); - } - - return result; -} - -/* Get an id from a sid */ -static BOOL tdb_get_id_from_sid(DOM_SID * sid, uid_t * id, BOOL isgroup) -{ - TDB_DATA data, key; - fstring keystr; - BOOL result = False; - - /* Check if sid is present in database */ - sid_to_string(keystr, sid); - - key.dptr = keystr; - key.dsize = strlen(keystr) + 1; - - data = tdb_fetch(idmap_tdb, key); - - if (data.dptr) { - fstring scanstr; - int the_id; - - /* Parse and return existing uid */ - fstrcpy(scanstr, isgroup ? "GID" : "UID"); - fstrcat(scanstr, " %d"); - - if (sscanf(data.dptr, scanstr, &the_id) == 1) { - /* Store uid */ - if (id) { - *id = the_id; - } - - result = True; - } - - SAFE_FREE(data.dptr); - } else { - - /* Allocate a new id for this sid */ - if (id && tdb_allocate_id(id, isgroup)) { - fstring keystr2; - - /* Store new id */ - slprintf(keystr2, sizeof(keystr2), "%s %d", - isgroup ? "GID" : "UID", *id); - - data.dptr = keystr2; - data.dsize = strlen(keystr2) + 1; - - tdb_store(idmap_tdb, key, data, TDB_REPLACE); - tdb_store(idmap_tdb, data, key, TDB_REPLACE); - - result = True; - } - } - - return result; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static BOOL tdb_idmap_init(void) -{ - SMB_STRUCT_STAT stbuf; - - /* move to the new database on first startup */ - if (!file_exist(lock_path("idmap.tdb"), &stbuf)) { - if (file_exist(lock_path("winbindd_idmap.tdb"), &stbuf)) { - char *cmd = NULL; - - /* lazy file copy */ - if (asprintf(&cmd, "cp -p %s/winbindd_idmap.tdb %s/idmap.tdb", lp_lockdir(), lp_lockdir()) != -1) { - system(cmd); - free(cmd); - } - if (!file_exist(lock_path("idmap.tdb"), &stbuf)) { - DEBUG(0, ("idmap_init: Unable to make a new database copy\n")); - return False; - } - } - } - - /* Open tdb cache */ - if (!(idmap_tdb = tdb_open_log(lock_path("idmap.tdb"), 0, - TDB_DEFAULT, O_RDWR | O_CREAT, - 0600))) { - DEBUG(0, - ("winbindd_idmap_init: Unable to open idmap database\n")); - return False; - } - - /* possibly convert from an earlier version */ - if (!tdb_idmap_convert()) { - DEBUG(0, ("winbindd_idmap_init: Unable to open idmap database\n")); - return False; - } - - /* Create high water marks for group and user id */ - if (tdb_fetch_int32(idmap_tdb, HWM_USER) == -1) { - if (tdb_store_int32 - (idmap_tdb, HWM_USER, server_state.uid_low) == -1) { - DEBUG(0, - ("winbindd_idmap_init: Unable to initialise user hwm in idmap database\n")); - return False; - } - } - - if (tdb_fetch_int32(idmap_tdb, HWM_GROUP) == -1) { - if (tdb_store_int32 - (idmap_tdb, HWM_GROUP, server_state.gid_low) == -1) { - DEBUG(0, - ("winbindd_idmap_init: Unable to initialise group hwm in idmap database\n")); - return False; - } - } - - return True; -} - -/* Get a sid from a uid */ -static BOOL tdb_get_sid_from_uid(uid_t uid, DOM_SID * sid) -{ - return tdb_get_sid_from_id((int) uid, sid, False); -} - -/* Get a sid from a gid */ -static BOOL tdb_get_sid_from_gid(gid_t gid, DOM_SID * sid) -{ - return tdb_get_sid_from_id((int) gid, sid, True); -} - -/* Get a uid from a sid */ -static BOOL tdb_get_uid_from_sid(DOM_SID * sid, uid_t * uid) -{ - return tdb_get_id_from_sid(sid, uid, False); -} - -/* Get a gid from a group sid */ -static BOOL tdb_get_gid_from_sid(DOM_SID * sid, gid_t * gid) -{ - return tdb_get_id_from_sid(sid, gid, True); -} - -/* Close the tdb */ -static BOOL tdb_idmap_close(void) -{ - if (idmap_tdb) - return (tdb_close(idmap_tdb) == 0); - return True; -} - - -/* Dump status information to log file. Display different stuff based on - the debug level: - - Debug Level Information Displayed - ================================================================= - 0 Percentage of [ug]id range allocated - 0 High water marks (next allocated ids) -*/ - -#define DUMP_INFO 0 - -static void tdb_idmap_status(void) -{ - int user_hwm, group_hwm; - - DEBUG(0, ("winbindd idmap status:\n")); - - /* Get current high water marks */ - - if ((user_hwm = tdb_fetch_int32(idmap_tdb, HWM_USER)) == -1) { - DEBUG(DUMP_INFO, - ("\tCould not get userid high water mark!\n")); - } - - if ((group_hwm = tdb_fetch_int32(idmap_tdb, HWM_GROUP)) == -1) { - DEBUG(DUMP_INFO, - ("\tCould not get groupid high water mark!\n")); - } - - /* Display next ids to allocate */ - - if (user_hwm != -1) { - DEBUG(DUMP_INFO, - ("\tNext userid to allocate is %d\n", user_hwm)); - } - - if (group_hwm != -1) { - DEBUG(DUMP_INFO, - ("\tNext groupid to allocate is %d\n", group_hwm)); - } - - /* Display percentage of id range already allocated. */ - - if (user_hwm != -1) { - int num_users = user_hwm - server_state.uid_low; - int total_users = - server_state.uid_high - server_state.uid_low; - - DEBUG(DUMP_INFO, - ("\tUser id range is %d%% full (%d of %d)\n", - num_users * 100 / total_users, num_users, - total_users)); - } - - if (group_hwm != -1) { - int num_groups = group_hwm - server_state.gid_low; - int total_groups = - server_state.gid_high - server_state.gid_low; - - DEBUG(DUMP_INFO, - ("\tGroup id range is %d%% full (%d of %d)\n", - num_groups * 100 / total_groups, num_groups, - total_groups)); - } - - /* Display complete mapping of users and groups to rids */ -} - -struct winbindd_idmap_methods tdb_idmap_methods = { - tdb_idmap_init, - - tdb_get_sid_from_uid, - tdb_get_sid_from_gid, - - tdb_get_uid_from_sid, - tdb_get_gid_from_sid, - - tdb_idmap_close, - - tdb_idmap_status -}; - -BOOL winbind_idmap_reg_tdb(struct winbindd_idmap_methods **meth) -{ - *meth = &tdb_idmap_methods; - - return True; -} diff --git a/source3/nsswitch/winbindd_sid.c b/source3/nsswitch/winbindd_sid.c index 6ab2eaa6460..f01f20bb345 100644 --- a/source3/nsswitch/winbindd_sid.c +++ b/source3/nsswitch/winbindd_sid.c @@ -122,6 +122,8 @@ enum winbindd_result winbindd_lookupname(struct winbindd_cli_state *state) enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state) { DOM_SID sid; + unid_t id; + int id_type; /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; @@ -137,11 +139,13 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state) } /* Find uid for this sid and return it */ - if (!winbindd_idmap_get_uid_from_sid(&sid, &state->response.data.uid)) { + id_type = ID_USERID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &sid))) { DEBUG(1, ("Could not get uid for sid %s\n", state->request.data.sid)); return WINBINDD_ERROR; } + state->response.data.uid = id.uid; return WINBINDD_OK; } @@ -152,6 +156,8 @@ enum winbindd_result winbindd_sid_to_uid(struct winbindd_cli_state *state) enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state) { DOM_SID sid; + unid_t id; + int id_type; /* Ensure null termination */ state->request.data.sid[sizeof(state->request.data.sid)-1]='\0'; @@ -166,11 +172,13 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state) } /* Find gid for this sid and return it */ - if (!winbindd_idmap_get_gid_from_sid(&sid, &state->response.data.gid)) { + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, &sid))) { DEBUG(1, ("Could not get gid for sid %s\n", state->request.data.sid)); return WINBINDD_ERROR; } + state->response.data.gid = id.gid; return WINBINDD_OK; } @@ -180,6 +188,7 @@ enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state) enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state) { DOM_SID sid; + unid_t id; /* Bug out if the uid isn't in the winbind range */ @@ -192,7 +201,8 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state) state->request.data.uid)); /* Lookup rid for this uid */ - if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid, &sid)) { + id.uid = state->request.data.uid; + if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&sid, id, ID_USERID))) { DEBUG(1, ("Could not convert uid %d to rid\n", state->request.data.uid)); return WINBINDD_ERROR; @@ -209,6 +219,7 @@ enum winbindd_result winbindd_uid_to_sid(struct winbindd_cli_state *state) enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state) { DOM_SID sid; + unid_t id; /* Bug out if the gid isn't in the winbind range */ @@ -221,7 +232,8 @@ enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state) state->request.data.gid)); /* Lookup sid for this uid */ - if (!winbindd_idmap_get_sid_from_gid(state->request.data.gid, &sid)) { + id.gid = state->request.data.gid; + if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&sid, id, ID_GROUPID))) { DEBUG(1, ("Could not convert gid %d to sid\n", state->request.data.gid)); return WINBINDD_ERROR; diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index d2bd231918a..dd662753907 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -36,25 +36,29 @@ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name, fstring output_username; pstring homedir; fstring sid_string; + unid_t id; + int id_type; if (!pw || !dom_name || !user_name) return False; /* Resolve the uid number */ - - if (!winbindd_idmap_get_uid_from_sid(user_sid, - &pw->pw_uid)) { + + id_type = ID_USERID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_sid))) { DEBUG(1, ("error getting user id for sid %s\n", sid_to_string(sid_string, user_sid))); return False; } + pw->pw_uid = id.uid; /* Resolve the gid number */ - - if (!winbindd_idmap_get_gid_from_sid(group_sid, - &pw->pw_gid)) { + + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, group_sid))) { DEBUG(1, ("error getting group id for sid %s\n", sid_to_string(sid_string, group_sid))); return False; } + pw->pw_gid = id.gid; /* Username */ @@ -178,9 +182,10 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) fstring user_name; enum SID_NAME_USE name_type; WINBIND_USERINFO user_info; - gid_t gid; TALLOC_CTX *mem_ctx; NTSTATUS status; + unid_t id; + int id_type; /* Bug out if the uid isn't in the winbind range */ @@ -193,8 +198,8 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) /* Get rid from uid */ - if (!winbindd_idmap_get_sid_from_uid(state->request.data.uid, - &user_sid)) { + id.uid = state->request.data.uid; + if (NT_STATUS_IS_ERR(idmap_get_sid_from_id(&user_sid, id, ID_USERID))) { DEBUG(1, ("could not convert uid %d to SID\n", state->request.data.uid)); return WINBINDD_ERROR; @@ -236,9 +241,10 @@ enum winbindd_result winbindd_getpwuid(struct winbindd_cli_state *state) return WINBINDD_ERROR; } - /* Resolve gid number */ + /* Check group has a gid number */ - if (!winbindd_idmap_get_gid_from_sid(user_info.group_sid, &gid)) { + id_type = ID_GROUPID; + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &id_type, user_info.group_sid))) { DEBUG(1, ("error getting group id for user %s\n", user_name)); talloc_destroy(mem_ctx); return WINBINDD_ERROR; diff --git a/source3/sam/idmap.c b/source3/sam/idmap.c index c2b966cfbec..45a1d324b10 100644 --- a/source3/sam/idmap.c +++ b/source3/sam/idmap.c @@ -32,10 +32,7 @@ static struct { struct idmap_methods *methods; } remote_idmap_functions[] = { - - { "winbind", idmap_reg_winbind, NULL }, { NULL, NULL, NULL } - }; static struct idmap_methods *local_map; @@ -63,8 +60,10 @@ static struct idmap_methods *get_methods(const char *name) } /* Initialize backend */ -BOOL idmap_init(const char *remote_backend) +BOOL idmap_init(void) { + const char *remote_backend = lp_idmap_backend(); + if (!local_map) { idmap_reg_tdb(&local_map); if (NT_STATUS_IS_ERR(local_map->init())) { diff --git a/source3/sam/idmap_winbind.c b/source3/sam/idmap_winbind.c deleted file mode 100644 index d89c9e7bac2..00000000000 --- a/source3/sam/idmap_winbind.c +++ /dev/null @@ -1,155 +0,0 @@ -/* - Unix SMB/CIFS implementation. - - idmap Winbind backend - - Copyright (C) Simo Sorce 2003 - - This program is free software; you can redistribute it and/or modify - it under the terms of the GNU General Public License as published by - the Free Software Foundation; either version 2 of the License, or - (at your option) any later version. - - This program is distributed in the hope that it will be useful, - but WITHOUT ANY WARRANTY; without even the implied warranty of - MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the - GNU General Public License for more details. - - You should have received a copy of the GNU General Public License - along with this program; if not, write to the Free Software - Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. -*/ - -#include "includes.h" -#include "nsswitch/winbind_nss.h" - -#undef DBGC_CLASS -#define DBGC_CLASS DBGC_IDMAP - -extern DOM_SID global_sid_NULL; /* NULL sid */ - -NSS_STATUS winbindd_request(int req_type, - struct winbindd_request *request, - struct winbindd_response *response); - -/* Get a sid from an id */ -static NTSTATUS db_get_sid_from_id(DOM_SID *sid, unid_t id, int id_type) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (id_type & ID_TYPEMASK) { - case ID_USERID: - request.data.uid = id.uid; - operation = WINBINDD_UID_TO_SID; - break; - case ID_GROUPID: - request.data.gid = id.gid; - operation = WINBINDD_GID_TO_SID; - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - if (result == NSS_STATUS_SUCCESS) { - if (!string_to_sid(sid, response.data.sid.sid)) { - return NT_STATUS_INVALID_SID; - } - return NT_STATUS_OK; - } else { - sid_copy(sid, &global_sid_NULL); - } - - return NT_STATUS_UNSUCCESSFUL; -} - -/* Get an id from a sid */ -static NTSTATUS db_get_id_from_sid(unid_t *id, int *id_type, const DOM_SID *sid) -{ - struct winbindd_request request; - struct winbindd_response response; - int result, operation; - fstring sid_str; - - if (!id || !id_type) { - return NT_STATUS_INVALID_PARAMETER; - } - - /* setup request */ - - ZERO_STRUCT(request); - ZERO_STRUCT(response); - - switch (*id_type & ID_TYPEMASK) { - case ID_USERID: - operation = WINBINDD_SID_TO_UID; - break; - case ID_GROUPID: - operation = WINBINDD_SID_TO_GID; - break; - default: - return NT_STATUS_INVALID_PARAMETER; - } - - sid_to_string(sid_str, sid); - fstrcpy(request.data.sid, sid_str); - - /* Make The Request */ - result = winbindd_request(operation, &request, &response); - - if (result == NSS_STATUS_SUCCESS) { - if (operation == WINBINDD_SID_TO_UID) { - (*id).uid = response.data.uid; - } else { - (*id).gid = response.data.gid; - } - return NT_STATUS_OK; - } - - return NT_STATUS_UNSUCCESSFUL; -} - -static NTSTATUS db_set_mapping(DOM_SID *sid, unid_t id, int id_type) { - return NT_STATUS_UNSUCCESSFUL; -} - -/***************************************************************************** - Initialise idmap database. -*****************************************************************************/ -static NTSTATUS db_init(void) { - return NT_STATUS_OK; -} - -/* Close the tdb */ -static NTSTATUS db_close(void) { - return NT_STATUS_OK; -} - -static void db_status(void) { - return; -} - -struct idmap_methods winbind_methods = { - - db_init, - db_get_sid_from_id, - db_get_id_from_sid, - db_set_mapping, - db_close, - db_status - -}; - -NTSTATUS idmap_reg_winbind(struct idmap_methods **meth) -{ - *meth = &winbind_methods; - - return NT_STATUS_OK; -} - diff --git a/source3/smbd/server.c b/source3/smbd/server.c index 8ce20c87a43..b1b9192c096 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -833,7 +833,7 @@ static BOOL init_structs(void ) if (!init_registry()) exit(1); - if (!idmap_init(lp_idmap_backend())) + if (!idmap_init()) exit(1); if(!initialize_password_db(False)) -- cgit From e06940968abc20336e4eecc93ac2bdb1b1639855 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 27 Apr 2003 12:25:53 +0000 Subject: default remote idmap backend is null (This used to be commit 16302b080a572a1cb0983f5044a7ebf51cdf2fa3) --- source3/param/loadparm.c | 1 - 1 file changed, 1 deletion(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 60ba76a32fb..065bc51e5c5 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -1481,7 +1481,6 @@ static void init_globals(void) Globals.bWinbindUseDefaultDomain = False; Globals.bIdmapOnly = False; - string_set(&Globals.szWinbindBackend, "tdb"); Globals.name_cache_timeout = 660; /* In seconds */ -- cgit From 88e41f9e20c3498fe12190da71b9c154332a7cd8 Mon Sep 17 00:00:00 2001 From: Simo Sorce Date: Sun, 27 Apr 2003 12:47:41 +0000 Subject: prepare to get _nua out of the door (but back in from the window ;-) (This used to be commit 09eb02cba0747ae47aa4a76f4fac69af293a774a) --- source3/param/loadparm.c | 40 ---------------------------------------- source3/passdb/pdb_ldap.c | 32 +++++++------------------------- source3/passdb/pdb_smbpasswd.c | 25 +++---------------------- source3/passdb/pdb_tdb.c | 39 +++++++-------------------------------- 4 files changed, 17 insertions(+), 119 deletions(-) diff --git a/source3/param/loadparm.c b/source3/param/loadparm.c index 065bc51e5c5..c0c8757105d 100644 --- a/source3/param/loadparm.c +++ b/source3/param/loadparm.c @@ -557,7 +557,6 @@ static BOOL handle_source_env(const char *pszParmValue, char **ptr); static BOOL handle_netbios_name(const char *pszParmValue, char **ptr); static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr); static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr); -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr); static BOOL handle_debug_list( const char *pszParmValue, char **ptr ); static BOOL handle_workgroup( const char *pszParmValue, char **ptr ); static BOOL handle_netbios_aliases( const char *pszParmValue, char **ptr ); @@ -766,7 +765,6 @@ static struct parm_struct parm_table[] = { {"smb passwd file", P_STRING, P_GLOBAL, &Globals.szSMBPasswdFile, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"private dir", P_STRING, P_GLOBAL, &Globals.szPrivateDir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"passdb backend", P_LIST, P_GLOBAL, &Globals.szPassdbBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"non unix account range", P_STRING, P_GLOBAL, &Globals.szNonUnixAccountRange, handle_non_unix_account_range, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"algorithmic rid base", P_INTEGER, P_GLOBAL, &Globals.AlgorithmicRidBase, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root directory", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"root dir", P_STRING, P_GLOBAL, &Globals.szRootdir, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, @@ -1133,7 +1131,6 @@ static struct parm_struct parm_table[] = { {"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, - {"winbind backend", P_STRING, P_GLOBAL, &Globals.szWinbindBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEVELOPER}, {NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0} }; @@ -1656,7 +1653,6 @@ FN_GLOBAL_STRING(lp_acl_compatibility, &Globals.szAclCompat) FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers) FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups) FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain) -FN_GLOBAL_STRING(lp_winbind_backend, &Globals.szWinbindBackend) FN_GLOBAL_STRING(lp_idmap_backend, &Globals.szIdmapBackend) FN_GLOBAL_BOOL(lp_idmap_only, &Globals.bIdmapOnly) @@ -2881,7 +2877,6 @@ static BOOL handle_copy(const char *pszParmValue, char **ptr) static uid_t idmap_uid_low, idmap_uid_high; static gid_t idmap_gid_low, idmap_gid_high; -static uint32 non_unix_account_low, non_unix_account_high; BOOL lp_idmap_uid(uid_t *low, uid_t *high) { @@ -2911,20 +2906,6 @@ BOOL lp_idmap_gid(gid_t *low, gid_t *high) return True; } -BOOL lp_non_unix_account_range(uint32 *low, uint32 *high) -{ - if (non_unix_account_low == 0 || non_unix_account_high == 0) - return False; - - if (low) - *low = non_unix_account_low; - - if (high) - *high = non_unix_account_high; - - return True; -} - /* Do some simple checks on "idmap [ug]id" parameter values */ static BOOL handle_idmap_uid(const char *pszParmValue, char **ptr) @@ -2961,27 +2942,6 @@ static BOOL handle_idmap_gid(const char *pszParmValue, char **ptr) return True; } -/*************************************************************************** - Do some simple checks on "non unix account range" parameter values. -***************************************************************************/ - -static BOOL handle_non_unix_account_range(const char *pszParmValue, char **ptr) -{ - uint32 low, high; - - if (sscanf(pszParmValue, "%u-%u", &low, &high) != 2 || high < low) - return False; - - /* Parse OK */ - - string_set(ptr, pszParmValue); - - non_unix_account_low = low; - non_unix_account_high = high; - - return True; -} - /*************************************************************************** Handle the DEBUG level list. ***************************************************************************/ diff --git a/source3/passdb/pdb_ldap.c b/source3/passdb/pdb_ldap.c index 6d747ef9115..0ebbd446ec7 100644 --- a/source3/passdb/pdb_ldap.c +++ b/source3/passdb/pdb_ldap.c @@ -1993,6 +1993,7 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co { NTSTATUS nt_status; struct smb_ldap_privates *ldap_state; + uint32 low_nua_uid, high_nua_uid; if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { return nt_status; @@ -2051,40 +2052,21 @@ NTSTATUS pdb_init_ldapsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, co (*pdb_method)->free_private_data = free_private_data; - return NT_STATUS_OK; -} + if (lp_idmap_uid(&low_nua_uid, &high_nua_uid)) { + DEBUG(0, ("idmap uid range defined, non unix accounts enabled\n")); -NTSTATUS pdb_init_ldapsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) -{ - NTSTATUS nt_status; - struct smb_ldap_privates *ldap_state; - uint32 low_nua_uid, high_nua_uid; - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_ldapsam(pdb_context, pdb_method, location))) { - return nt_status; - } - - (*pdb_method)->name = "ldapsam_nua"; - - ldap_state = (*pdb_method)->private_data; - - ldap_state->permit_non_unix_accounts = True; + ldap_state->permit_non_unix_accounts = True; + + ldap_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid); - if (!lp_non_unix_account_range(&low_nua_uid, &high_nua_uid)) { - DEBUG(0, ("cannot use ldapsam_nua without 'non unix account range' in smb.conf!\n")); - return NT_STATUS_UNSUCCESSFUL; + ldap_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid); } - ldap_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid); - - ldap_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid); - return NT_STATUS_OK; } int pdb_ldap_init(void) { smb_register_passdb("ldapsam", pdb_init_ldapsam, PASSDB_INTERFACE_VERSION); - smb_register_passdb("ldapsam_nua", pdb_init_ldapsam_nua, PASSDB_INTERFACE_VERSION); return True; } diff --git a/source3/passdb/pdb_smbpasswd.c b/source3/passdb/pdb_smbpasswd.c index 7f74196633f..38bb61957c5 100644 --- a/source3/passdb/pdb_smbpasswd.c +++ b/source3/passdb/pdb_smbpasswd.c @@ -1554,27 +1554,9 @@ NTSTATUS pdb_init_smbpasswd(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, (*pdb_method)->free_private_data = free_private_data; - return NT_STATUS_OK; -} - -NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) -{ - NTSTATUS nt_status; - struct smbpasswd_privates *privates; - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_smbpasswd(pdb_context, pdb_method, location))) { - return nt_status; - } - - (*pdb_method)->name = "smbpasswd_nua"; - - privates = (*pdb_method)->private_data; - - privates->permit_non_unix_accounts = True; - - if (!lp_non_unix_account_range(&privates->low_nua_userid, &privates->high_nua_userid)) { - DEBUG(0, ("cannot use smbpasswd_nua without 'non unix account range' in smb.conf!\n")); - return NT_STATUS_UNSUCCESSFUL; + if (lp_idmap_uid(&privates->low_nua_userid, &privates->high_nua_userid)) { + DEBUG(0, ("idmap uid range defined, non unix accounts enabled\n")); + privates->permit_non_unix_accounts = True; } return NT_STATUS_OK; @@ -1583,6 +1565,5 @@ NTSTATUS pdb_init_smbpasswd_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_meth int pdb_smbpasswd_init(void) { smb_register_passdb("smbpasswd", pdb_init_smbpasswd, PASSDB_INTERFACE_VERSION); - smb_register_passdb("smbpasswd_nua", pdb_init_smbpasswd_nua, PASSDB_INTERFACE_VERSION); return True; } diff --git a/source3/passdb/pdb_tdb.c b/source3/passdb/pdb_tdb.c index 3a1702a4e07..41c6bbd4297 100644 --- a/source3/passdb/pdb_tdb.c +++ b/source3/passdb/pdb_tdb.c @@ -912,14 +912,7 @@ NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, con { NTSTATUS nt_status; struct tdbsam_privates *tdb_state; - -#if 0 /* when made a module use this */ - tdbsam_debug_level = debug_add_class("tdbsam"); - if(tdbsam_debug_level == -1) { - tdbsam_debug_level = DBGC_ALL; - DEBUG(0, ("tdbsam: Couldn't register custom debugging class!\n")); - } -#endif + uint32 low_nua_uid, high_nua_uid; if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) { return nt_status; @@ -959,41 +952,23 @@ NTSTATUS pdb_init_tdbsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, con (*pdb_method)->free_private_data = free_private_data; - return NT_STATUS_OK; -} - -NTSTATUS pdb_init_tdbsam_nua(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location) -{ - NTSTATUS nt_status; - struct tdbsam_privates *tdb_state; - uint32 low_nua_uid, high_nua_uid; - - if (!NT_STATUS_IS_OK(nt_status = pdb_init_tdbsam(pdb_context, pdb_method, location))) { - return nt_status; - } + if (lp_idmap_uid(&low_nua_uid, &high_nua_uid)) { + DEBUG(0, ("idmap uid range defined, non unix accounts enabled\n")); - (*pdb_method)->name = "tdbsam_nua"; + tdb_state->permit_non_unix_accounts = True; - tdb_state = (*pdb_method)->private_data; + tdb_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid); - tdb_state->permit_non_unix_accounts = True; + tdb_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid); - if (!lp_non_unix_account_range(&low_nua_uid, &high_nua_uid)) { - DEBUG(0, ("cannot use tdbsam_nua without 'non unix account range' in smb.conf!\n")); - return NT_STATUS_UNSUCCESSFUL; } - tdb_state->low_nua_rid=fallback_pdb_uid_to_user_rid(low_nua_uid); - - tdb_state->high_nua_rid=fallback_pdb_uid_to_user_rid(high_nua_uid); - return NT_STATUS_OK; } int pdb_tdbsam_init(void) { - smb_register_passdb("tdbsam", pdb_init_tdbsam, PASSDB_INTERFACE_VERSION); - smb_register_passdb("tdbsam_nua", pdb_init_tdbsam_nua, PASSDB_INTERFACE_VERSION); + smb_register_passdb("tdbsam", pdb_init_tdbsam, PASSDB_INTERFACE_VERSION); return True; } -- cgit From dcd2dcd05fa8fc877b409dbc669c83e55218df7a Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 27 Apr 2003 14:03:48 +0000 Subject: Remove documentation for unixsam and plugin. (This used to be commit fa7b703da7bba9cf7daf61039fb495e72fbf7a13) --- docs/docbook/manpages/smb.conf.5.sgml | 29 +++--------------- docs/docbook/smbdotconf/security/passdbbackend.xml | 34 +++------------------- 2 files changed, 8 insertions(+), 55 deletions(-) diff --git a/docs/docbook/manpages/smb.conf.5.sgml b/docs/docbook/manpages/smb.conf.5.sgml index fa61121f4bf..3e98d3f25f2 100644 --- a/docs/docbook/manpages/smb.conf.5.sgml +++ b/docs/docbook/manpages/smb.conf.5.sgml @@ -5477,34 +5477,13 @@ df $1 | tail -1 | awk '{print $2" "$4}' nisplussam - The NIS+ based passdb backend. Takes name NIS domain as an optional argument. Only works with sun NIS+ servers. - plugin - Allows Samba to load an - arbitary passdb backend from the .so specified as a compulsary argument. - - - Any characters after the (optional) second : are passed to the plugin - for its own processing - - - unixsam - Allows samba to map all (other) available unix users - - This backend uses the standard unix database for retrieving users. Users included - in this pdb are NOT listed in samba user listings and users included in this pdb won't be - able to login. The use of this backend is to always be able to display the owner of a file - on the samba server - even when the user doesn't have a 'real' samba account in one of the - other passdb backends. - - - This backend should always be the last backend listed, since it contains all users in - the unix passdb and might 'override' mappings if specified earlier. It's meant to only return - accounts for users that aren't covered by the previous backends. - - Default: passdb backend = smbpasswd unixsam - Example: passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd unixsam - Example: passdb backend = ldapsam_nua:ldaps://ldap.example.com unixsam - Example: passdb backend = plugin:/usr/local/samba/lib/my_passdb.so:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb + Default: passdb backend = smbpasswd guest + Example: passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest + Example: passdb backend = ldapsam_nua:ldaps://ldap.example.com guest + Example: passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb diff --git a/docs/docbook/smbdotconf/security/passdbbackend.xml b/docs/docbook/smbdotconf/security/passdbbackend.xml index 256b6c97099..d755cfc3138 100644 --- a/docs/docbook/smbdotconf/security/passdbbackend.xml +++ b/docs/docbook/smbdotconf/security/passdbbackend.xml @@ -9,8 +9,7 @@ smbpasswd and tdbsam to be used without a recompile. Multiple backends can be specified, separated by spaces. The backends will be searched in the order they are specified. New users are always added - to the first backend specified. Experimental backends must still be - selected (eg --with-tdbsam) at configure time. + to the first backend specified. This parameter is in two parts, the backend's name, and a 'location' string that has meaning only to that particular backed. These are separated @@ -79,41 +78,16 @@ an optional argument. Only works with sun NIS+ servers. - - - plugin - Allows Samba to load an - arbitary passdb backend from the .so specified as a compulsary argument. - - - Any characters after the (optional) second : are passed to the plugin - for its own processing - - - - unixsam - Allows samba to map all (other) - available unix users - This backend uses the standard unix database for retrieving users. Users included - in this pdb are NOT listed in samba user listings and users included in this pdb won't be - able to login. The use of this backend is to always be able to display the owner of a file - on the samba server - even when the user doesn't have a 'real' samba account in one of the - other passdb backends. - - - This backend should always be the last backend listed, since it contains all users in - the unix passdb and might 'override' mappings if specified earlier. It's meant to only return - accounts for users that aren't covered by the previous backends. - - Default: passdb backend = smbpasswd unixsam - Example: passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd unixsam + Example: passdb backend = tdbsam:/etc/samba/private/passdb.tdb smbpasswd:/etc/samba/smbpasswd guest - Example: passdb backend = ldapsam_nua:ldaps://ldap.example.com unixsam + Example: passdb backend = ldapsam_nua:ldaps://ldap.example.com guest - Example: passdb backend = plugin:/usr/local/samba/lib/my_passdb.so:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb + Example: passdb backend = mysql:my_plugin_args tdbsam:/etc/samba/private/passdb.tdb -- cgit From e064ab7b884ffba964138e83084128dcee63f563 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 27 Apr 2003 14:59:54 +0000 Subject: Update for 3.0 (update information about the docs and ./configure) (This used to be commit 38fed08397706e76a4f19e091b910cfbc6827a08) --- Manifest | 47 +++++++++++++++-------------------------------- 1 file changed, 15 insertions(+), 32 deletions(-) diff --git a/Manifest b/Manifest index 18e2d89c3e9..608c7b1be98 100644 --- a/Manifest +++ b/Manifest @@ -1,4 +1,4 @@ -Copyright (C) 1997-1998 - Samba-Team +Copyright (C) 1997-2003 - Samba-Team The Samba package you have just unpacked contains the following: @@ -8,36 +8,19 @@ Directory Notes: docs (Samba Documentation): ---- ---------------------- - The Samba documentation for the 2.0 release has had all the man pages - converted to YODL source format. Because of this the man pages - are now available in both traditional man page format (in - the doc/manpages directory) and in HTML format (in the - docs/htmldocs directory). - - The text documentation files have been moved into a - docs/textdocs directory and are in the (slow) process - of being converted to YODL source format to allow them - to be easily converted to HTML/SGML. - - Note in particular two files - docs/textdocs/_INSTALL.txt - and docs/textdocs/DIAGNOSIS.txt. - - There is the potential for there to be many *INSTALL.txt files, one - for each OS that Samba supports. However we are moving all this into - the new structure. For now, most people will be using UNIX_INSTALL.txt. - - Please pay close attention to all the files with a .txt extension - in the docs/textdocs directory. Most problems can be solved by reference - to the two files mentioned. - - The FAQ documentation can be accessed starting from Samba-meta-FAQ.html, - in the docs/faq directory. This is incomplete, but to quote from the - abstract, it: - - "contains overview information for the Samba suite of programs, - a quick-start guide, and pointers to all other Samba documentation. - Other FAQs exist for specific client and server issues, and HOWTO - documents for more extended topics to do with Samba software." + All the Samba documentation for the 3.0 release have been converted to + docbook format. Because of this the man pages are now available + in both traditional man page format (in the docs/manpages directory) + and in HTML format (in the docs/htmldocs directory). + + The Samba HOWTO Collection has undergone some rather large changes + and covers all parts of configuration now. It is available + as PDF (docs/Samba-HOWTO-Collection.pdf) or in HTML format (in + the docs/htmldocs directory). Those with the docbook utilities installed + can generate PostScript and text versions of the HOWTO as well. + + The Samba FAQ is still a work in progress, but can be found in + HTML format in docs/htmldocs. examples (Example configuration files): @@ -71,7 +54,7 @@ source (The official Samba source files - expect more of these!): To build your own binary files you will need a suitable ansi C compiler. - For Samba 2.0 the GNU autoconf system has been adopted. In + Samba uses the GNU autoconf system. In order to build a default Samba for your platform cd into the source/ directory and then type : -- cgit From c6367d40faca2148689e4b43fc3edb4199e15ea0 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 27 Apr 2003 15:52:34 +0000 Subject: Remove docs-status - all it's contents are in bugzilla now (This used to be commit 3f36b589b0b8947d31e6adddd29efb3fd3c0c8f7) --- docs/docs-status | 53 ----------------------------------------------------- 1 file changed, 53 deletions(-) delete mode 100644 docs/docs-status diff --git a/docs/docs-status b/docs/docs-status deleted file mode 100644 index 0f92f8af9b4..00000000000 --- a/docs/docs-status +++ /dev/null @@ -1,53 +0,0 @@ -If you'd like to work on any of these, please contact jerry@samba.org or jelmer@samba.org. - -Outdated docs: -Manifest - - this should be updated -docs/announce - out of date (announces 2.2.0) - - this should be updated -docs/docbook/projdoc/Integrating-with-Windows.sgml - Should slowly go a way. Contains a little bit information about wins, a little bit about domain membership, a little about winbind, etc - - Has been cleaned up now - more to go. -docs/docbook/projdoc/PAM-Authentication-And-Samba.sgml - - this should be updated -docs/docbook/projdoc/Printing.sgml - Cups is not documented, smbprint, printing /to/ a windows server... - worked on by Kurt Pfeifle -docs/docbook/projdoc/Samba-BDC-HOWTO.sgml - Needs update to 3.0 - - still being worked on -docs/docbook/projdoc/passdb.sgml - LDAP part needs update to 3.0 ( http://www.unav.es/cti/ldap-smb/smb-ldap-3-howto.html ) - - this should be updated -docs/docbook/projdoc/printer_driver2.sgml - Needs integration with printing.sgml, still up to date? - Worked on by Kurt Pfeifle -docs/docbook/projdoc/upgrading-to-3.0.sgml - not finished yet - - this should be updated -docs/docbook/manpages/ntlm_auth.1.sgml - Is very basic at the moment, parameters need better descriptions - Worked on by Andrew Bartlett - -Stuff that needs to be documented: -wrepld - - I will do this - jht -Windows NT 4.0 Style Trust Relationship - - Done (mimir / jht) - not finished. -Winbind in a samba controlled domain - Worked on by Jelmer -One Time Migration script from a Windows NT 4.0 PDC to a Samba PDC - Worked on by jht -ldap passwd sync - - not yet reviewed - needs attention - -Not release-critical: -docs/docbook/devdoc/* - most of these docs are outdated and need updates... -docs/docbook/projdoc/Diagnosis.sgml - Needs extension - - jht will look at this towards the end of updating the HOWTO -docs/docbook/manpages/rpcclient.1.sgml - Some commands could be documented more extensively -docs/history - needs updating (is current up to 1998 - merge with 10year.html ?) - -Documentation for following smb.conf.5 parameters does not exist: -max reported print jobs // printing -acl compatibility // protocol -client signing // protocol -client use spnego // protocol -profile acls // protocol -client lanman auth // security -client NTLMv2 auth // security -idmap backend // security -kernel change notify // tuning -lpq cache time // tuning --valid // misc -idmap uid // winbind -idmap gid // winbind -'restrict anonymous' isn't documented properly -- cgit From 1914b3ba9f215815ef8a21d2ce8ac07ebf129de9 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 27 Apr 2003 20:49:18 +0000 Subject: Add 'smbiconv' program - a clone of the 'iconv' utility that uses samba's internal iconv() functions. Useful for testing purposes. (This used to be commit 674b67198311b4e0fb2d8afd8b56b499286fc370) --- source3/Makefile.in | 6 ++ source3/torture/smbiconv.c | 243 +++++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 249 insertions(+) create mode 100644 source3/torture/smbiconv.c diff --git a/source3/Makefile.in b/source3/Makefile.in index a73f8c96827..9d034925596 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -525,6 +525,8 @@ NSSTEST_OBJ = torture/nsstest.o $(PARAM_OBJ) $(LIBSMB_OBJ) $(KRBCLIENT_OBJ) \ VFSTEST_OBJ = torture/cmd_vfs.o torture/vfstest.o $(SMBD_OBJ_BASE) $(READLINE_OBJ) +SMBICONV_OBJ = $(PARAM_OBJ) torture/smbiconv.o $(LIB_OBJ) $(UBIQX_OBJ) $(POPT_LIB_OBJ) + LOCKTEST2_OBJ = torture/locktest2.o $(PARAM_OBJ) $(LOCKING_OBJ) $(LIBSMB_OBJ) \ $(KRBCLIENT_OBJ) $(UBIQX_OBJ) $(LIB_OBJ) @@ -861,6 +863,10 @@ bin/vfstest@EXEEXT@: $(VFSTEST_OBJ) @BUILD_POPT@ bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(VFSTEST_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(PRINTLIBS) $(AUTHLIBS) $(ACLLIBS) $(LIBS) @POPTLIBS@ $(ADSLIBS) +bin/smbiconv@EXEEXT@: $(SMBICONV_OBJ) @BUILD_POPT@ bin/.dummy + @echo Linking $@ + @$(CC) $(FLAGS) -o $@ $(SMBICONV_OBJ) $(LDFLAGS) $(TERMLDFLAGS) $(TERMLIBS) $(DYNEXP) $(LIBS) @POPTLIBS@ + bin/locktest2@EXEEXT@: $(LOCKTEST2_OBJ) bin/.dummy @echo Linking $@ @$(CC) $(FLAGS) -o $@ $(LOCKTEST2_OBJ) $(LDFLAGS) $(LIBS) $(KRB5LIBS) diff --git a/source3/torture/smbiconv.c b/source3/torture/smbiconv.c new file mode 100644 index 00000000000..ce21a09025e --- /dev/null +++ b/source3/torture/smbiconv.c @@ -0,0 +1,243 @@ +/* + Unix SMB/CIFS implementation. + Charset module tester + + Copyright (C) Jelmer Vernooij 2003 + Based on iconv/icon_prog.c from the GNU C Library, + Contributed by Ulrich Drepper , 1998. + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +#include "includes.h" + +static int +process_block (smb_iconv_t cd, char *addr, size_t len, FILE *output) +{ +#define OUTBUF_SIZE 32768 + const char *start = addr; + char outbuf[OUTBUF_SIZE]; + char *outptr; + size_t outlen; + size_t n; + + while (len > 0) + { + outptr = outbuf; + outlen = OUTBUF_SIZE; + n = smb_iconv (cd, &addr, &len, &outptr, &outlen); + + if (outptr != outbuf) + { + /* We have something to write out. */ + int errno_save = errno; + + if (fwrite (outbuf, 1, outptr - outbuf, output) + < (size_t) (outptr - outbuf) + || ferror (output)) + { + /* Error occurred while printing the result. */ + DEBUG (0, ("conversion stopped due to problem in writing the output")); + return -1; + } + + errno = errno_save; + } + + if (errno != E2BIG) + { + /* iconv() ran into a problem. */ + switch (errno) + { + case EILSEQ: + DEBUG(0,("illegal input sequence at position %ld", + (long) (addr - start))); + break; + case EINVAL: + DEBUG(0, ("\ +incomplete character or shift sequence at end of buffer")); + break; + case EBADF: + DEBUG(0, ("internal error (illegal descriptor)")); + break; + default: + DEBUG(0, ("unknown iconv() error %d", errno)); + break; + } + + return -1; + } + } + + return 0; +} + + +static int +process_fd (iconv_t cd, int fd, FILE *output) +{ + /* we have a problem with reading from a descriptor since we must not + provide the iconv() function an incomplete character or shift + sequence at the end of the buffer. Since we have to deal with + arbitrary encodings we must read the whole text in a buffer and + process it in one step. */ + static char *inbuf = NULL; + static size_t maxlen = 0; + char *inptr = NULL; + size_t actlen = 0; + + while (actlen < maxlen) + { + ssize_t n = read (fd, inptr, maxlen - actlen); + + if (n == 0) + /* No more text to read. */ + break; + + if (n == -1) + { + /* Error while reading. */ + DEBUG(0, ("error while reading the input")); + return -1; + } + + inptr += n; + actlen += n; + } + + if (actlen == maxlen) + while (1) + { + ssize_t n; + char *new_inbuf; + + /* Increase the buffer. */ + new_inbuf = (char *) realloc (inbuf, maxlen + 32768); + if (new_inbuf == NULL) + { + DEBUG(0, ("unable to allocate buffer for input")); + return -1; + } + inbuf = new_inbuf; + maxlen += 32768; + inptr = inbuf + actlen; + + do + { + n = read (fd, inptr, maxlen - actlen); + + if (n == 0) + /* No more text to read. */ + break; + + if (n == -1) + { + /* Error while reading. */ + DEBUG(0, ("error while reading the input")); + return -1; + } + + inptr += n; + actlen += n; + } + while (actlen < maxlen); + + if (n == 0) + /* Break again so we leave both loops. */ + break; + } + + /* Now we have all the input in the buffer. Process it in one run. */ + return process_block (cd, inbuf, actlen, output); +} + +/* Main function */ + +int main(int argc, char *argv[]) +{ + const char *file = NULL; + char *from = ""; + char *to = ""; + char *output = NULL; + char *preload = NULL; + FILE *out = stdout; + int fd; + smb_iconv_t cd; + + /* make sure the vars that get altered (4th field) are in + a fixed location or certain compilers complain */ + poptContext pc; + struct poptOption long_options[] = { + POPT_AUTOHELP + { "from-code", 'f', POPT_ARG_STRING, &from, 0, "Encoding of original text" }, + { "to-code", 't', POPT_ARG_STRING, &to, 0, "Encoding for output" }, + { "output", 'o', POPT_ARG_STRING, &output, 0, "Write output to this file" }, + { "preload-modules", 'p', POPT_ARG_STRING, &preload, 0, "Modules to load" }, + POPT_COMMON_SAMBA + POPT_TABLEEND + }; + + setlinebuf(stdout); + + pc = poptGetContext("smbiconv", argc, (const char **) argv, + long_options, 0); + + poptSetOtherOptionHelp(pc, "[FILE] ..."); + + while(poptGetNextOpt(pc) != -1); + + if(preload)smb_load_modules(str_list_make(preload, NULL)); + + if(output) { + output = fopen(output, "w"); + + if(!output) { + DEBUG(0, ("Can't open output file '%s': %s, exiting...\n", output, strerror(errno))); + return 1; + } + } + + /* the following functions are part of the Samba debugging + facilities. See lib/debug.c */ + setup_logging("smbiconv", True); + + cd = smb_iconv_open(to, from); + if((int)cd == -1) { + DEBUG(0,("unable to find from or to encoding, exiting...\n")); + return 1; + } + + while((file = poptGetArg(pc))) { + if(strcmp(file, "-") == 0) fd = 0; + else { + fd = open(file, O_RDONLY); + + if(!fd) { + DEBUG(0, ("Can't open input file '%s': %s, ignoring...\n", file, strerror(errno))); + continue; + } + } + + /* Loop thru all arguments */ + process_fd(cd, fd, stdout); + + close(fd); + } + poptFreeContext(pc); + + fclose(out); + + return 0; +} -- cgit From 4f6e82c669da87680c5125a480ad80fd9db74c14 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Sun, 27 Apr 2003 21:46:35 +0000 Subject: Document 'nmblookup -M -- -' (This used to be commit 3df125fd50a5efff97535814f1f4fd9f33dd07e5) --- docs/docbook/manpages/nmblookup.1.sgml | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/docs/docbook/manpages/nmblookup.1.sgml b/docs/docbook/manpages/nmblookup.1.sgml index 176050b9c8a..b4a96e96bae 100644 --- a/docs/docbook/manpages/nmblookup.1.sgml +++ b/docs/docbook/manpages/nmblookup.1.sgml @@ -58,7 +58,10 @@ up the NetBIOS name name with a type of 0x1d. If name is "-" then it does a lookup on the special name - __MSBROWSE__. + __MSBROWSE__. Please note that in order to + use the name "-", you need to make sure "-" isn't parsed as an + argument, e.g. use : + nmblookup -M -- -. -- cgit From ed12657e772d78e65dc34236de3d866067b5f1f6 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 00:29:00 +0000 Subject: Fix number of arguments to asprintf() (This used to be commit 5e4e6a6ed08f1b4fe97bbd91f983039143cc9939) --- source3/passdb/pdb_mysql.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/passdb/pdb_mysql.c b/source3/passdb/pdb_mysql.c index 4e91994418c..ca1c239d73d 100644 --- a/source3/passdb/pdb_mysql.c +++ b/source3/passdb/pdb_mysql.c @@ -442,7 +442,7 @@ static NTSTATUS mysqlsam_select_by_field(struct pdb_methods * methods, SAM_ACCOU } asprintf(&query, - "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'", + "SELECT %s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s,%s FROM %s WHERE %s = '%s'", config_value_read(data, "logon time column", CONFIG_LOGON_TIME_DEFAULT), config_value_read(data, "logoff time column", -- cgit From 1c34cd359a9977ede758079d1989a49f00f39a67 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 00:49:49 +0000 Subject: Update for the new modules system. Also, use Makefile rather then Makefile.in because we don't generate Makefile from configure anymore. (This used to be commit 29ba1e163f85aeaa3cd48a13e4f0a039fa80e7b0) --- examples/VFS/Makefile | 23 +++++++++++++++++++++++ examples/VFS/Makefile.in | 24 ------------------------ examples/VFS/skel.c | 8 +++----- 3 files changed, 26 insertions(+), 29 deletions(-) create mode 100644 examples/VFS/Makefile delete mode 100644 examples/VFS/Makefile.in diff --git a/examples/VFS/Makefile b/examples/VFS/Makefile new file mode 100644 index 00000000000..ac5a93b49ba --- /dev/null +++ b/examples/VFS/Makefile @@ -0,0 +1,23 @@ +CFLAGS = +CPPFLAGS = +LDFLAGS = +LDSHFLAGS = -shared +srcdir = ../../source/ +FLAGS = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir) + +# Auto target +default: $(patsubst %.c,%.so,$(wildcard *.c)) + +# Pattern rules + +%.so: %.o + $(CC) $(LDSHFLAGS) $(LDFLAGS) -o $@ $< + +%.o: %.c + $(CC) $(FLAGS) -c $< + +# Misc targets + +clean: + rm -rf .libs + rm -f core *~ *% *.bak *.o *.so diff --git a/examples/VFS/Makefile.in b/examples/VFS/Makefile.in deleted file mode 100644 index 30019caccd1..00000000000 --- a/examples/VFS/Makefile.in +++ /dev/null @@ -1,24 +0,0 @@ -CC = @CC@ -CFLAGS = @CFLAGS@ -CPPFLAGS = @CPPFLAGS@ -LDFLAGS = @LDFLAGS@ -LDSHFLAGS = -shared -srcdir = ../../source/ -FLAGS = $(CFLAGS) -Iinclude -I$(srcdir)/include -I$(srcdir)/ubiqx -I$(srcdir)/smbwrapper -I. $(CPPFLAGS) -I$(srcdir) - -# Auto target -default: $(patsubst %.c,%.so,$(wildcard *.c)) - -# Pattern rules - -%.so: %.o - $(CC) $(LDSHFLAGS) $(LDFLAGS) -o $@ $< - -%.o: %.c - $(CC) $(FLAGS) -c $< - -# Misc targets - -clean: - rm -rf .libs - rm -f core *~ *% *.bak *.o *.so diff --git a/examples/VFS/skel.c b/examples/VFS/skel.c index b9376828225..f19323480fc 100644 --- a/examples/VFS/skel.c +++ b/examples/VFS/skel.c @@ -437,12 +437,11 @@ static vfs_op_tuple skel_ops[] = { /* VFS initialisation - return initialized vfs_op_tuple array back to Samba */ -vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, +static vfs_op_tuple *skel_init(const struct vfs_ops *def_vfs_ops, struct smb_vfs_handle_struct *vfs_handle) { DEBUG(3, ("Initialising default vfs hooks\n")); - *vfs_version = SMB_VFS_INTERFACE_VERSION; memcpy(&default_vfs_ops, def_vfs_ops, sizeof(struct vfs_ops)); /* Remember vfs_handle for further allocation and referencing of private @@ -452,8 +451,7 @@ vfs_op_tuple *vfs_init(int *vfs_version, struct vfs_ops *def_vfs_ops, return skel_ops; } -/* VFS finalization function */ -void vfs_done(connection_struct *conn) +int init_module(void) { - DEBUG(3, ("Finalizing default vfs hooks\n")); + return smb_register_vfs("skel", skel_init, SMB_VFS_INTERFACE_VERSION); } -- cgit From 616f6b6ffe6db63461f33ce398aa918bae632393 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 00:58:10 +0000 Subject: Replace references to the old textdocs by references to chapters in the HOWTO Collection. CVS: ---------------------------------------------------------------------- CVS: Enter Log. Lines beginning with `CVS:' are removed automatically CVS: CVS: Committing in . CVS: CVS: Modified Files: CVS: Tag: SAMBA_3_0 CVS: smb.conf.default CVS: ---------------------------------------------------------------------- (This used to be commit 280d627adb5305e8b814102aaa73825023c00571) --- examples/smb.conf.default | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) diff --git a/examples/smb.conf.default b/examples/smb.conf.default index d299f017140..89847c58f9f 100644 --- a/examples/smb.conf.default +++ b/examples/smb.conf.default @@ -3,6 +3,9 @@ # here. Samba has a huge number of configurable options (perhaps too # many!) most of which are not shown in this example # +# For a step to step guide on installing, configuring and using samba, +# read the Samba HOWTO Collection. +# # Any line which starts with a ; (semi-colon) or a # (hash) # is a comment and is ignored. In this example we will use a # # for commentry and a ; for parts of the config file that you @@ -70,7 +73,7 @@ # This option is no longer implemented. # You may wish to use password encryption. Please read -# ENCRYPTION.txt, Win95.txt and WinNT.txt in the Samba documentation. +# the 'User database' chapter in the Samba HOWTO Collection # Do not enable this option unless you have read those documents ; encrypt passwords = yes @@ -82,7 +85,8 @@ ; include = /usr/local/samba/lib/smb.conf.%m # Most people will find that this option gives better performance. -# See speed.txt and the manual pages for details +# See the chapter 'Samba performance issues' in the Samba HOWTO Collection +# and the manual pages for details. # You may want to add the following on a Linux system: # SO_RCVBUF=8192 SO_SNDBUF=8192 socket options = TCP_NODELAY -- cgit From 9b93eb6f82a349273b6e402d9623179785cadce1 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 01:21:28 +0000 Subject: Update for new modules system (This used to be commit 765d87838dbf25ba69dc11f7956ce5814555bcc7) --- examples/pdb/README | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/examples/pdb/README b/examples/pdb/README index 7fe45248824..c18e128e782 100644 --- a/examples/pdb/README +++ b/examples/pdb/README @@ -8,8 +8,9 @@ a pdb plugin. It just prints the name of the function that is executed using DEBUG. Maybe it's nice to include some of the arguments to the function in the future too.. -To debug passdb backends, try to run gdb on the 'pdbedit' executable. That's really much easier than restarting smbd constantly and attaching with your debugger. - -New passdb plugins should go into the samba lib directory, (/usr/lib/samba/ for -most distributions). An example would be: /usr/lib/samba/test.so +To debug passdb backends, try to run gdb on the 'pdbedit' executable. That's +really much easier than restarting smbd constantly and attaching with your +debugger. +New passdb plugins should go into the samba lib directory, (/usr/lib/samba/pdb/ +for most distributions). An example would be: /usr/lib/samba/pdb/test.so -- cgit From 39fbda7f036fa615ac46a7c9729e1f420972208b Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 28 Apr 2003 03:33:56 +0000 Subject: Return NT_STATUS_UNSUCCESSFUL if the sourcedata and echodata rpcs return unexpected data. Closes bug #2. (This used to be commit 0c3314ab97331aa709216e7ad2a1a0c8605eb160) --- source3/rpcclient/cmd_echo.c | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source3/rpcclient/cmd_echo.c b/source3/rpcclient/cmd_echo.c index 79ba744a55a..fa4e6916633 100644 --- a/source3/rpcclient/cmd_echo.c +++ b/source3/rpcclient/cmd_echo.c @@ -74,6 +74,7 @@ static NTSTATUS cmd_echo_data(struct cli_state *cli, TALLOC_CTX *mem_ctx, if (in_data[i] != out_data[i]) { printf("mismatch at offset %d, %d != %d\n", i, in_data[i], out_data[i]); + result = NT_STATUS_UNSUCCESSFUL; } } @@ -107,6 +108,7 @@ static NTSTATUS cmd_echo_source_data(struct cli_state *cli, if (out_data && out_data[i] != (i & 0xff)) { printf("mismatch at offset %d, %d != %d\n", i, out_data[i], i & 0xff); + result = NT_STATUS_UNSUCCESSFUL; } } -- cgit From 29ac5d287314160e9b1ab92bf61a1c4b74767d95 Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 28 Apr 2003 05:40:46 +0000 Subject: Two character tabs - I don't think so. (This used to be commit 40d370bec6ef14cfa85e75cdb2f9122110ae9f1d) --- source3/lib/util_sid.c | 19 +++++++++---------- 1 file changed, 9 insertions(+), 10 deletions(-) diff --git a/source3/lib/util_sid.c b/source3/lib/util_sid.c index dfd3b312e06..9dc0c8ca18d 100644 --- a/source3/lib/util_sid.c +++ b/source3/lib/util_sid.c @@ -637,14 +637,13 @@ void print_guid(GUID *guid) DOM_SID *sid_dup_talloc(TALLOC_CTX *ctx, DOM_SID *src) { - DOM_SID *dst; - - if(!src) - return NULL; - - if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) { - sid_copy( dst, src); - } - - return dst; + DOM_SID *dst; + + if(!src) + return NULL; + + if((dst = talloc_zero(ctx, sizeof(DOM_SID))) != NULL) + sid_copy( dst, src); + + return dst; } -- cgit From 67d0f802a50d46e717393f7188d2489e33ecf1b8 Mon Sep 17 00:00:00 2001 From: Richard Sharpe Date: Mon, 28 Apr 2003 06:16:01 +0000 Subject: Getting ready for code that actually writes a registry file out. (This used to be commit 22e61a7e77eabd462f192fb03b5adb1d07fa7409) --- source3/utils/editreg.c | 39 ++++++++++++++++++++++++++++++++------- 1 file changed, 32 insertions(+), 7 deletions(-) diff --git a/source3/utils/editreg.c b/source3/utils/editreg.c index 641c7070ad5..c45959799be 100644 --- a/source3/utils/editreg.c +++ b/source3/utils/editreg.c @@ -2983,7 +2983,7 @@ REGF_HDR *nt_get_reg_header(REGF *regf) int nt_store_registry(REGF *regf) { REGF_HDR *reg; - int fkey; + int fkey, fd; /* * Get a header ... and partially fill it in ... @@ -2991,10 +2991,26 @@ int nt_store_registry(REGF *regf) reg = nt_get_reg_header(regf); /* - * Store the first key + * Store the first key, which will store the whole thing */ fkey = nt_store_reg_key(regf, regf->root); + /* + * At this point we have the registry as a series of blocks, so + * run down that series of blocks and save them ... + */ + + if (!regf->outfile_name) { + fprintf(stderr, "Cannot write file without a name!\n"); + return 0; + } + + if ((fd = open(regf->outfile_name, O_WRONLY, 0666)) < 0) { + fprintf(stderr, "Unable to create file %s: %s\n", regf->outfile_name, + strerror(errno)); + return 0; + } + return 1; } @@ -3870,7 +3886,7 @@ int main(int argc, char *argv[]) extern int optind; int opt, print_keys = 0; int regf_opt = 1; /* Command name */ - int commands = 0; + int commands = 0, modified = 0; char *cmd_file_name = NULL; char *out_file_name = NULL; CMD_FILE *cmd_file = NULL; @@ -4001,11 +4017,9 @@ int main(int argc, char *argv[]) /* If we found it, apply the other bits, else create such a key */ - if (!tmp) + if (!tmp) { tmp = nt_add_reg_key(regf, cmd->key, True); - - if (tmp) { - + modified = 1; } while (cmd->val_count) { @@ -4015,10 +4029,12 @@ int main(int argc, char *argv[]) if (val->type == REG_TYPE_DELETE) { reg_val = nt_delete_reg_value(tmp, val -> name); if (reg_val) nt_delete_val_key(reg_val); + modified = 1; } else { reg_val = nt_add_reg_value(tmp, val->name, val->type, val->val); + modified = 1; } cmd->val_spec_list = val->next; @@ -4036,6 +4052,7 @@ int main(int argc, char *argv[]) */ nt_delete_key_by_name(regf, cmd->key); + modified = 1; break; } } @@ -4051,5 +4068,13 @@ int main(int argc, char *argv[]) nt_key_iterator(regf, regf->root, 0, "", print_key, print_sec, print_val); } + /* + * If there was an out_file_name and the tree was modified, print it + */ + if (modified && out_file_name) + if (!nt_store_registry(regf)) { + fprintf(stdout, "Error storing registry\n"); + } + return 0; } -- cgit From 5ef616cd5ec8d604bb5cdd14bb644a9c0b0c1bca Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 28 Apr 2003 06:18:44 +0000 Subject: Fix compiler warning. (This used to be commit 6a783ca81cead3eed556570152608fd7a224f1ee) --- source3/utils/ntlm_auth.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index 88913c80512..ddb7053cdbb 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -656,7 +656,7 @@ static BOOL test_ntlm(void) */ struct ntlm_tests { - BOOL (*fn)(); + BOOL (*fn)(void); const char *name; } test_table[] = { {test_lm, "test LM"}, -- cgit From a2e4ac9eef9eba7eafbab8731f23a5146ee4221f Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 28 Apr 2003 06:59:08 +0000 Subject: Merge of -W fixes for bug #39: >Replace workgroup global variable with lp_workgroup() > >Call lp_load() before parsing command line options so we can override >the workgroup value with the -W switch. (This used to be commit 272d06369d79250b484a22bc7e531eecd03e7c90) --- source3/client/client.c | 18 ++++++++---------- 1 file changed, 8 insertions(+), 10 deletions(-) diff --git a/source3/client/client.c b/source3/client/client.c index 167f91ae16f..f8851062756 100644 --- a/source3/client/client.c +++ b/source3/client/client.c @@ -37,7 +37,6 @@ static pstring service; static pstring desthost; static pstring username; static pstring password; -static pstring workgroup; static BOOL use_kerberos; static BOOL got_pass; static char *cmdstr = NULL; @@ -2552,10 +2551,10 @@ static struct cli_state *do_connect(const char *server, const char *share) if (!cli_session_setup(c, username, password, strlen(password), password, strlen(password), - workgroup)) { + lp_workgroup())) { /* if a password was not supplied then try again with a null username */ if (password[0] || !username[0] || use_kerberos || - !cli_session_setup(c, "", "", 0, "", 0, workgroup)) { + !cli_session_setup(c, "", "", 0, "", 0, lp_workgroup())) { d_printf("session setup failed: %s\n", cli_errstr(c)); cli_shutdown(c); return NULL; @@ -2620,7 +2619,7 @@ static int do_host_query(char *query_host) return 1; browse_host(True); - list_servers(workgroup); + list_servers(lp_workgroup()); cli_shutdown(cli); @@ -2761,6 +2760,11 @@ static void remember_query_host(const char *arg, setup_logging(argv[0],True); + if (!lp_load(dyn_CONFIGFILE,True,False,False)) { + fprintf(stderr, "%s: Can't load %s - run testparm to debug it\n", + argv[0], dyn_CONFIGFILE); + } + pc = poptGetContext("smbclient", argc, (const char **) argv, long_options, POPT_CONTEXT_KEEP_FIRST); poptSetOtherOptionHelp(pc, "service "); @@ -2816,11 +2820,6 @@ static void remember_query_host(const char *arg, } } - if (!lp_load(dyn_CONFIGFILE,True,False,False)) { - fprintf(stderr, "%s: Can't load %s - run testparm to debug it\n", - argv[0], dyn_CONFIGFILE); - } - poptGetArg(pc); load_interfaces(); @@ -2856,7 +2855,6 @@ static void remember_query_host(const char *arg, pstrcpy(username, cmdline_auth_info.username); pstrcpy(password, cmdline_auth_info.password); - pstrcpy(workgroup, lp_workgroup()); use_kerberos = cmdline_auth_info.use_kerberos; got_pass = cmdline_auth_info.got_pass; -- cgit From d31cb1b4684e7b3288d5841bf206379ba8149e8a Mon Sep 17 00:00:00 2001 From: Tim Potter Date: Mon, 28 Apr 2003 07:03:08 +0000 Subject: Perform lp_load() before popt to fix -W option. (This used to be commit d20f4bf5d84f435a7b4b692bf33f05f4ec871a50) --- source3/rpcclient/rpcclient.c | 22 +++++++++++----------- 1 file changed, 11 insertions(+), 11 deletions(-) diff --git a/source3/rpcclient/rpcclient.c b/source3/rpcclient/rpcclient.c index 0411212e8c8..b01e2d694c5 100644 --- a/source3/rpcclient/rpcclient.c +++ b/source3/rpcclient/rpcclient.c @@ -537,6 +537,17 @@ out_free: setlinebuf(stdout); + /* the following functions are part of the Samba debugging + facilities. See lib/debug.c */ + setup_logging("rpcclient", interactive); + if (!interactive) + reopen_logs(); + + /* Load smb.conf file */ + + if (!lp_load(dyn_CONFIGFILE,True,False,False)) + fprintf(stderr, "Can't load %s\n", dyn_CONFIGFILE); + /* Parse options */ pc = poptGetContext("rpcclient", argc, (const char **) argv, @@ -571,17 +582,6 @@ out_free: poptFreeContext(pc); - /* the following functions are part of the Samba debugging - facilities. See lib/debug.c */ - setup_logging("rpcclient", interactive); - if (!interactive) - reopen_logs(); - - /* Load smb.conf file */ - - if (!lp_load(dyn_CONFIGFILE,True,False,False)) - fprintf(stderr, "Can't load %s\n", dyn_CONFIGFILE); - load_interfaces(); if (!init_names()) -- cgit From d031ba5c83d3243a7509692097c3a1a25aa34553 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 28 Apr 2003 08:54:51 +0000 Subject: Merge compile and other fixes from 3.0 to HEAD. Including smbtorture bugfixes, and a better TCONDEV test. Andrew Bartlett (This used to be commit 52c5806004022f153af7d022afdb3ec7cc0d2548) --- source3/torture/nbio.c | 14 +++++++------- source3/torture/scanner.c | 28 ++++++++++++++-------------- source3/torture/torture.c | 39 ++++++++++++++++++++++++--------------- source3/utils/ntlm_auth.c | 2 +- source3/utils/smbcontrol.c | 2 +- source3/utils/smbcquotas.c | 2 +- 6 files changed, 48 insertions(+), 39 deletions(-) diff --git a/source3/torture/nbio.c b/source3/torture/nbio.c index d8d3ca0c098..6c51db3cf30 100644 --- a/source3/torture/nbio.c +++ b/source3/torture/nbio.c @@ -125,7 +125,7 @@ void nb_setup(struct cli_state *cli) } -void nb_unlink(char *fname) +void nb_unlink(const char *fname) { if (!cli_unlink(c, fname)) { #if NBDEBUG @@ -136,7 +136,7 @@ void nb_unlink(char *fname) } -void nb_createx(char *fname, +void nb_createx(const char *fname, unsigned create_options, unsigned create_disposition, int handle) { int fd, i; @@ -217,7 +217,7 @@ void nb_close(int handle) ftable[i].handle = 0; } -void nb_rmdir(char *fname) +void nb_rmdir(const char *fname) { if (!cli_rmdir(c, fname)) { printf("ERROR: rmdir %s failed (%s)\n", @@ -226,7 +226,7 @@ void nb_rmdir(char *fname) } } -void nb_rename(char *old, char *new) +void nb_rename(const char *old, const char *new) { if (!cli_rename(c, old, new)) { printf("ERROR: rename %s %s failed (%s)\n", @@ -236,7 +236,7 @@ void nb_rename(char *old, char *new) } -void nb_qpathinfo(char *fname) +void nb_qpathinfo(const char *fname) { cli_qpathinfo(c, fname, NULL, NULL, NULL, NULL, NULL); } @@ -260,7 +260,7 @@ static void find_fn(file_info *finfo, const char *name, void *state) /* noop */ } -void nb_findfirst(char *mask) +void nb_findfirst(const char *mask) { cli_list(c, mask, 0, find_fn, NULL); } @@ -295,7 +295,7 @@ static void delete_fn(file_info *finfo, const char *name, void *state) free(n); } -void nb_deltree(char *dname) +void nb_deltree(const char *dname) { char *mask; asprintf(&mask, "%s\\*", dname); diff --git a/source3/torture/scanner.c b/source3/torture/scanner.c index 7db3dde9c09..93f89c105cf 100644 --- a/source3/torture/scanner.c +++ b/source3/torture/scanner.c @@ -191,7 +191,7 @@ static BOOL scan_trans2(struct cli_state *cli, int op, int level, BOOL torture_trans2_scan(int dummy) { - static struct cli_state cli; + static struct cli_state *cli; int op, level; const char *fname = "\\scanner.dat"; int fnum, dnum; @@ -202,26 +202,26 @@ BOOL torture_trans2_scan(int dummy) return False; } - fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, + fnum = cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - dnum = cli_open(&cli, "\\", O_RDONLY, DENY_NONE); + dnum = cli_open(cli, "\\", O_RDONLY, DENY_NONE); for (op=OP_MIN; op<=OP_MAX; op++) { printf("Scanning op=%d\n", op); for (level = 0; level <= 50; level++) { - scan_trans2(&cli, op, level, fnum, dnum, fname); + scan_trans2(cli, op, level, fnum, dnum, fname); } for (level = 0x100; level <= 0x130; level++) { - scan_trans2(&cli, op, level, fnum, dnum, fname); + scan_trans2(cli, op, level, fnum, dnum, fname); } for (level = 1000; level < 1050; level++) { - scan_trans2(&cli, op, level, fnum, dnum, fname); + scan_trans2(cli, op, level, fnum, dnum, fname); } } - torture_close_connection(&cli); + torture_close_connection(cli); printf("trans2 scan finished\n"); return True; @@ -393,7 +393,7 @@ static BOOL scan_nttrans(struct cli_state *cli, int op, int level, BOOL torture_nttrans_scan(int dummy) { - static struct cli_state cli; + static struct cli_state *cli; int op, level; const char *fname = "\\scanner.dat"; int fnum, dnum; @@ -404,26 +404,26 @@ BOOL torture_nttrans_scan(int dummy) return False; } - fnum = cli_open(&cli, fname, O_RDWR | O_CREAT | O_TRUNC, + fnum = cli_open(cli, fname, O_RDWR | O_CREAT | O_TRUNC, DENY_NONE); - dnum = cli_open(&cli, "\\", O_RDONLY, DENY_NONE); + dnum = cli_open(cli, "\\", O_RDONLY, DENY_NONE); for (op=OP_MIN; op<=OP_MAX; op++) { printf("Scanning op=%d\n", op); for (level = 0; level <= 50; level++) { - scan_nttrans(&cli, op, level, fnum, dnum, fname); + scan_nttrans(cli, op, level, fnum, dnum, fname); } for (level = 0x100; level <= 0x130; level++) { - scan_nttrans(&cli, op, level, fnum, dnum, fname); + scan_nttrans(cli, op, level, fnum, dnum, fname); } for (level = 1000; level < 1050; level++) { - scan_nttrans(&cli, op, level, fnum, dnum, fname); + scan_nttrans(cli, op, level, fnum, dnum, fname); } } - torture_close_connection(&cli); + torture_close_connection(cli); printf("nttrans scan finished\n"); return True; diff --git a/source3/torture/torture.c b/source3/torture/torture.c index f85569b2afe..840b6ad2947 100644 --- a/source3/torture/torture.c +++ b/source3/torture/torture.c @@ -573,12 +573,12 @@ static BOOL run_readwritemulti(int dummy) cli = current_cli; - cli_sockopt(&cli, sockops); + cli_sockopt(cli, sockops); printf("run_readwritemulti: fname %s\n", randomfname); - test = rw_torture3(&cli, randomfname); + test = rw_torture3(cli, randomfname); - if (!torture_close_connection(&cli)) { + if (!torture_close_connection(cli)) { test = False; } @@ -697,7 +697,7 @@ static BOOL run_netbench(int client) pstring line; char cname[20]; FILE *f; - char *params[20]; + const char *params[20]; BOOL correct = True; cli = current_cli; @@ -1066,6 +1066,7 @@ static BOOL run_tcon2_test(int dummy) static BOOL tcon_devtest(struct cli_state *cli, const char *myshare, const char *devtype, + const char *return_devtype, NTSTATUS expected_error) { BOOL status; @@ -1076,7 +1077,15 @@ static BOOL tcon_devtest(struct cli_state *cli, if (NT_STATUS_IS_OK(expected_error)) { if (status) { - ret = True; + if (strcmp(cli->dev, return_devtype) == 0) { + ret = True; + } else { + printf("tconX to share %s with type %s " + "succeeded but returned the wrong " + "device type (got [%s] but should have got [%s])\n", + myshare, devtype, cli->dev, return_devtype); + ret = False; + } } else { printf("tconX to share %s with type %s " "should have succeeded but failed\n", @@ -1125,34 +1134,34 @@ static BOOL run_tcon_devtype_test(int dummy) return False; } - if (!tcon_devtest(cli1, "IPC$", "A:", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, "IPC$", "A:", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; - if (!tcon_devtest(cli1, "IPC$", "?????", NT_STATUS_OK)) + if (!tcon_devtest(cli1, "IPC$", "?????", "IPC", NT_STATUS_OK)) ret = False; - if (!tcon_devtest(cli1, "IPC$", "LPT:", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, "IPC$", "LPT:", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; - if (!tcon_devtest(cli1, "IPC$", "IPC", NT_STATUS_OK)) + if (!tcon_devtest(cli1, "IPC$", "IPC", "IPC", NT_STATUS_OK)) ret = False; - if (!tcon_devtest(cli1, "IPC$", "FOOBA", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, "IPC$", "FOOBA", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; - if (!tcon_devtest(cli1, share, "A:", NT_STATUS_OK)) + if (!tcon_devtest(cli1, share, "A:", "A:", NT_STATUS_OK)) ret = False; - if (!tcon_devtest(cli1, share, "?????", NT_STATUS_OK)) + if (!tcon_devtest(cli1, share, "?????", "A:", NT_STATUS_OK)) ret = False; - if (!tcon_devtest(cli1, share, "LPT:", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, share, "LPT:", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; - if (!tcon_devtest(cli1, share, "IPC", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, share, "IPC", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; - if (!tcon_devtest(cli1, share, "FOOBA", NT_STATUS_BAD_DEVICE_TYPE)) + if (!tcon_devtest(cli1, share, "FOOBA", NULL, NT_STATUS_BAD_DEVICE_TYPE)) ret = False; cli_shutdown(cli1); diff --git a/source3/utils/ntlm_auth.c b/source3/utils/ntlm_auth.c index ddb7053cdbb..42490190f32 100644 --- a/source3/utils/ntlm_auth.c +++ b/source3/utils/ntlm_auth.c @@ -464,7 +464,7 @@ static BOOL check_auth_crap(void) and valid authentication types */ -static const DATA_BLOB get_challenge(void) +static DATA_BLOB get_challenge(void) { static DATA_BLOB chal; if (opt_challenge.length) diff --git a/source3/utils/smbcontrol.c b/source3/utils/smbcontrol.c index 8b984d9bd12..06add6af228 100644 --- a/source3/utils/smbcontrol.c +++ b/source3/utils/smbcontrol.c @@ -674,7 +674,7 @@ int main(int argc, char **argv) poptContext pc; int opt; - struct poptOption wbinfo_options[] = { + static struct poptOption wbinfo_options[] = { { "timeout", 't', POPT_ARG_INT, &timeout, 't', "Set timeout value in seconds", "TIMEOUT" }, diff --git a/source3/utils/smbcquotas.c b/source3/utils/smbcquotas.c index c5d0aa869bf..9c7379ca2a9 100644 --- a/source3/utils/smbcquotas.c +++ b/source3/utils/smbcquotas.c @@ -393,7 +393,7 @@ static struct cli_state *connect_one(const char *share) pstring set_str = {0}; enum SMB_QUOTA_TYPE qtype; int cmd = 0; - BOOL test_args = False; + static BOOL test_args = False; struct cli_state *cli; BOOL fix_user = False; SMB_NTQUOTA_STRUCT qt; -- cgit From e627d756db8baa6d1a4deffc56e1873c4afd7248 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 28 Apr 2003 09:02:21 +0000 Subject: Merge compile warning fixes from 3.0 (This used to be commit c0903951a144b1f0502e77437ea166d7a26393ba) --- source3/auth/auth_winbind.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c index df08b6440ac..840898415be 100644 --- a/source3/auth/auth_winbind.c +++ b/source3/auth/auth_winbind.c @@ -139,7 +139,7 @@ NTSTATUS auth_init_winbind(struct auth_context *auth_context, const char *param, if (param && *param) { /* we load the 'fallback' module - if winbind isn't here, call this module */ - if (!load_auth_module(auth_context, param, &(*auth_method)->private_data)) { + if (!load_auth_module(auth_context, param, (auth_methods **)&(*auth_method)->private_data)) { return NT_STATUS_UNSUCCESSFUL; } -- cgit From f0c62a47f7beede12ff71a57f252ec35215d0015 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 28 Apr 2003 09:14:31 +0000 Subject: Merge memory leak fixes in our trusted domain list from 3.0 to HEAD (This used to be commit c7f06f3a480feb1c7b1a44d16c05e1c238800b15) --- source3/passdb/secrets.c | 18 +++++++++++------- 1 file changed, 11 insertions(+), 7 deletions(-) diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c index 138a9231fd3..5df0edc29aa 100644 --- a/source3/passdb/secrets.c +++ b/source3/passdb/secrets.c @@ -303,6 +303,8 @@ BOOL secrets_fetch_trusted_domain_password(const char *domain, char** pwd, /* unpack trusted domain password */ pass_len = tdb_trusted_dom_pass_unpack(pass_buf, size, &pass); + SAFE_FREE(pass_buf); + if (pass_len != size) { DEBUG(5, ("Invalid secrets size. Unpacked data doesn't match trusted_dom_pass structure.\n")); return False; @@ -573,7 +575,12 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in NTSTATUS status; if (!secrets_init()) return NT_STATUS_ACCESS_DENIED; - + + if (!pass) { + DEBUG(0, ("talloc_zero failed!\n")); + return NT_STATUS_NO_MEMORY; + } + *num_domains = 0; start_idx = *enum_ctx; @@ -610,17 +617,14 @@ NTSTATUS secrets_get_trusted_domains(TALLOC_CTX* ctx, int* enum_ctx, unsigned in packed_pass = secrets_fetch(secrets_key, &size); packed_size = tdb_trusted_dom_pass_unpack(packed_pass, size, pass); - + /* packed representation isn't needed anymore */ + SAFE_FREE(packed_pass); + if (size != packed_size) { DEBUG(2, ("Secrets record %s is invalid!\n", secrets_key)); - if (size) SAFE_FREE(packed_pass); - continue; } - /* packed representation isn't needed anymore */ - SAFE_FREE(packed_pass); - pull_ucs2_fstring(dom_name, pass->uni_name); DEBUG(18, ("Fetched secret record num %d.\nDomain name: %s, SID: %s\n", idx, dom_name, sid_string_static(&pass->domain_sid))); -- cgit From df91b5db2babb67eb2865ee8a0c441e8da2928c0 Mon Sep 17 00:00:00 2001 From: Volker Lendecke Date: Mon, 28 Apr 2003 12:29:25 +0000 Subject: Typo in error message Volker (This used to be commit a1cae680f98a128ab73306196a303d76e41f24c2) --- source3/nmbd/nmbd_winsserver.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/source3/nmbd/nmbd_winsserver.c b/source3/nmbd/nmbd_winsserver.c index 4ef476f8141..47ce8119f33 100644 --- a/source3/nmbd/nmbd_winsserver.c +++ b/source3/nmbd/nmbd_winsserver.c @@ -241,7 +241,7 @@ BOOL initialise_wins(void) } if (tdb_fetch_int32(tdb, INFO_VERSION) != WINS_VERSION) { - DEBUG(0,("Discarding invalid wins.dat file\n")); + DEBUG(0,("Discarding invalid wins.tdb file\n")); tdb_close(tdb); return True; } -- cgit From ecde8fcf7a1cd692562bf75dd44cd8d063f0f8c4 Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 13:07:29 +0000 Subject: Use entities and add overview of directories (This used to be commit 5957e3bf33e8992eda620a6ab0b4f8a1dbe8cb7a) --- docs/docbook/devdoc/Tracing.sgml | 7 +---- docs/docbook/devdoc/architecture.sgml | 53 +++++++++++++++++++++++++++++++++++ docs/docbook/devdoc/dev-doc.sgml | 2 ++ docs/docbook/devdoc/encryption.sgml | 11 +------- docs/docbook/devdoc/gencache.sgml | 4 +-- docs/docbook/devdoc/modules.sgml | 8 +----- docs/docbook/devdoc/packagers.sgml | 4 +-- docs/docbook/devdoc/printing.sgml | 4 +-- docs/docbook/devdoc/rpc_plugin.sgml | 8 +----- docs/docbook/devdoc/sam.sgml | 3 ++ docs/docbook/devdoc/unix-smb.sgml | 4 +-- docs/docbook/devdoc/wins.sgml | 4 +-- 12 files changed, 67 insertions(+), 45 deletions(-) diff --git a/docs/docbook/devdoc/Tracing.sgml b/docs/docbook/devdoc/Tracing.sgml index ccf1e1c3c84..f55c47bc4e9 100644 --- a/docs/docbook/devdoc/Tracing.sgml +++ b/docs/docbook/devdoc/Tracing.sgml @@ -1,11 +1,6 @@ - - AndrewTridgell - - Samba Team - - + &author.tridge; Tracing samba system calls diff --git a/docs/docbook/devdoc/architecture.sgml b/docs/docbook/devdoc/architecture.sgml index 312a63af97e..e05039054b0 100644 --- a/docs/docbook/devdoc/architecture.sgml +++ b/docs/docbook/devdoc/architecture.sgml @@ -4,6 +4,7 @@ DanShearer November 1997 + &author.jelmer; Samba Architecture @@ -181,4 +182,56 @@ for browsing and WINS support. + + +Samba's subsystems + +Samba's source/ directory contains quite some directories. Here's a small explanation of what each of them contains. + + +aparser - Obsolete +auth - The authentication subsystem, maintained by Andrew Bartlett +bin - Output directory for all the binary files +client - Contains 'plain' SMB client sources: smbclient and +some mount help utilities +groupdb - Group database and mapping code +include - All of samba's include files +intl - Internationalization files. Not used at the moment. +lib - General C helper functions. Not SMB-specific. +libads - Library with ActiveDirectory related functions. +libsmb - Library with SMB specific functions. +locking - Locking functions! +modules - Source files for various modules (VFS and charset). +msdfs - DCE-DFS code +nmbd - Code for the nmbd daemon +nsswitch - Winbind source code +pam_smbpass - Source code for pam module for authenticating against samba's passdb +param - smb.conf parsing code +passdb - User database(SAM) code with the various backends +po - Internationalisation code - not used atm +popt - Samba's internal copy of the popt library +printing - Printing stuff +profile - Profiling support +python - Python bindings for various libsmb functions +registry - Registry backend +rpc_client - RPC Client library for making remote procedure calls +rpc_parse - Functions for parsing RPC structures (???) +rpc_server - Functions for being an RPC server +rpcclient - Command-line client that is a basically a front-end to rpc_client/ +sam - Code for the new (but unused) SAM +script - Various scripts +smbd - Source code for the smbd daemon +smbwrapper - Source code for library that overloads VFS function calls, for usage with LD_PRELOAD=... +stf - Testsuite system? +tdb - Source code of samba's Trivial Database (much like gdbm) +tests - Source code for the larger tests used by configure +torture - 'Torture' utilities, used for testing samba and other cifs servers +ubiqx - The ubiqx library from Chris Hertel +utils - Various small utilities(pdbedit, net, etc) +web - SWAT sourcecode +wrepld - Sourcecode of the WINS replication daemon + + + + diff --git a/docs/docbook/devdoc/dev-doc.sgml b/docs/docbook/devdoc/dev-doc.sgml index 5e1af3d3a03..ee2a40535d8 100644 --- a/docs/docbook/devdoc/dev-doc.sgml +++ b/docs/docbook/devdoc/dev-doc.sgml @@ -1,4 +1,5 @@ %globalentities; @@ -26,6 +27,7 @@ SAMBA Team
samba@samba.org
+ &person.jelmer; diff --git a/docs/docbook/devdoc/encryption.sgml b/docs/docbook/devdoc/encryption.sgml index 3ca8aa109c0..64ff4262cb5 100644 --- a/docs/docbook/devdoc/encryption.sgml +++ b/docs/docbook/devdoc/encryption.sgml @@ -2,16 +2,7 @@ - - JeremyAllison - - Samba Team -
- samba@samba.org -
- - - + &author.jeremy; 19 Apr 1999 diff --git a/docs/docbook/devdoc/gencache.sgml b/docs/docbook/devdoc/gencache.sgml index 1ba2f77c9d4..096bdce7896 100644 --- a/docs/docbook/devdoc/gencache.sgml +++ b/docs/docbook/devdoc/gencache.sgml @@ -1,8 +1,6 @@ - - RafalSzczesniak - + &author.mimir; April 2003 diff --git a/docs/docbook/devdoc/modules.sgml b/docs/docbook/devdoc/modules.sgml index 0bcdadc66ce..c43e8a91180 100644 --- a/docs/docbook/devdoc/modules.sgml +++ b/docs/docbook/devdoc/modules.sgml @@ -1,12 +1,6 @@ - - JelmerVernooij - - Samba Team -
jelmer@samba.org
- - + &author.jelmer; 19 March 2003 diff --git a/docs/docbook/devdoc/packagers.sgml b/docs/docbook/devdoc/packagers.sgml index fb47c7305c3..edc581cf057 100644 --- a/docs/docbook/devdoc/packagers.sgml +++ b/docs/docbook/devdoc/packagers.sgml @@ -1,8 +1,6 @@ - - JelmerVernooij - + &author.jelmer; Notes to packagers diff --git a/docs/docbook/devdoc/printing.sgml b/docs/docbook/devdoc/printing.sgml index 363b9fb6e50..150652ac37a 100644 --- a/docs/docbook/devdoc/printing.sgml +++ b/docs/docbook/devdoc/printing.sgml @@ -1,8 +1,6 @@ - - GeraldCarter - + &author.jerry; October 2002 diff --git a/docs/docbook/devdoc/rpc_plugin.sgml b/docs/docbook/devdoc/rpc_plugin.sgml index c83742a2476..a2d1bd4c356 100644 --- a/docs/docbook/devdoc/rpc_plugin.sgml +++ b/docs/docbook/devdoc/rpc_plugin.sgml @@ -7,13 +7,7 @@
aliguor@us.ibm.com
- - JelmerVernooij - - Samba Team -
jelmer@samba.org
- - + &author.jelmer; January 2003 diff --git a/docs/docbook/devdoc/sam.sgml b/docs/docbook/devdoc/sam.sgml index 84c17d65e26..d4c065ca210 100644 --- a/docs/docbook/devdoc/sam.sgml +++ b/docs/docbook/devdoc/sam.sgml @@ -9,6 +9,9 @@ The Upcoming SAM System +The design as described in this document is _NOT_ the design that +made it into samba 3.0. + Security in the 'new SAM' diff --git a/docs/docbook/devdoc/unix-smb.sgml b/docs/docbook/devdoc/unix-smb.sgml index d6a658089c4..eea02012e01 100644 --- a/docs/docbook/devdoc/unix-smb.sgml +++ b/docs/docbook/devdoc/unix-smb.sgml @@ -1,8 +1,6 @@ - - AndrewTridgell - + &author.tridge; April 1995 diff --git a/docs/docbook/devdoc/wins.sgml b/docs/docbook/devdoc/wins.sgml index 53410316c56..5cdf760406b 100644 --- a/docs/docbook/devdoc/wins.sgml +++ b/docs/docbook/devdoc/wins.sgml @@ -1,8 +1,6 @@ - - GeraldCarter - + &author.jerry; October 2002 -- cgit From 54c75c0c49af61cb29fc519b3adbebbf09e659dc Mon Sep 17 00:00:00 2001 From: Jelmer Vernooij Date: Mon, 28 Apr 2003 13:31:10 +0000 Subject: Bugs should go into bugzilla! (This used to be commit b295c3ac5ecb265b73d3ed0d5210c33ce4107c8a) --- docs/docbook/projdoc/Bugs.sgml | 5 +---- 1 file changed, 1 insertion(+), 4 deletions(-) diff --git a/docs/docbook/projdoc/Bugs.sgml b/docs/docbook/projdoc/Bugs.sgml index e7ebde788b1..d782920457f 100644 --- a/docs/docbook/projdoc/Bugs.sgml +++ b/docs/docbook/projdoc/Bugs.sgml @@ -15,10 +15,7 @@ Introduction - -The email address for bug reports for stable releases is samba@samba.org. -Bug reports for alpha releases should go to samba-technical@samba.org. - +Please report bugs using bugzilla. Please take the time to read this file before you submit a bug -- cgit From 2f0f82622958de09fac0d1469bf3602a25be5f60 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 28 Apr 2003 13:51:46 +0000 Subject: We don't use 'non unix account range' any more (This used to be commit 082bdcd662aed47827c9d4fb1272c327a0ae79b1) --- testsuite/build_farm/template/basicsmb.smb.conf | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/testsuite/build_farm/template/basicsmb.smb.conf b/testsuite/build_farm/template/basicsmb.smb.conf index 9b8483db162..ad60b755af9 100644 --- a/testsuite/build_farm/template/basicsmb.smb.conf +++ b/testsuite/build_farm/template/basicsmb.smb.conf @@ -19,7 +19,7 @@ passdb backend = smbpasswd_nua - non unix account range = 10000-200000 + winbind uid = 10000-200000 map hidden = yes create mask = 0777 -- cgit From 892971583578988dc18602581792a0cb957ec1e8 Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Mon, 28 Apr 2003 13:53:25 +0000 Subject: In HEAD, idra removed _nua and renamed it to 'idmap uid' (This used to be commit 3c7155424aaa880c2e9e570f8c29fd5679e827b1) --- testsuite/build_farm/template/basicsmb.smb.conf | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/testsuite/build_farm/template/basicsmb.smb.conf b/testsuite/build_farm/template/basicsmb.smb.conf index ad60b755af9..234419b6885 100644 --- a/testsuite/build_farm/template/basicsmb.smb.conf +++ b/testsuite/build_farm/template/basicsmb.smb.conf @@ -17,9 +17,9 @@ panic action = /bin/sh BUILD_FARM/samba/testsuite/build_farm/backtrace %d - passdb backend = smbpasswd_nua + passdb backend = smbpasswd - winbind uid = 10000-200000 + idmap uid = 10000-200000 map hidden = yes create mask = 0777 -- cgit