search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
s3-printing: follow force user/group for driver IO
[Samba.git] / source3 / smbd / msg_idmap.c
blob8d6a998de444cd43c0f462bda55c9850276fa045
1 /*
2 * Samba Unix/Linux SMB client library
3 *
4 * Copyright (C) Gregor Beck 2011
5 *
6 * This program is free software; you can redistribute it and/or modify
7 * it under the terms of the GNU General Public License as published by
8 * the Free Software Foundation; either version 3 of the License, or
9 * (at your option) any later version.
10 *
11 * This program is distributed in the hope that it will be useful,
12 * but WITHOUT ANY WARRANTY; without even the implied warranty of
13 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 * GNU General Public License for more details.
15 *
16 * You should have received a copy of the GNU General Public License
17 * along with this program. If not, see <http://www.gnu.org/licenses/>.
18 */
19
20 /**
21 * @brief Notify smbd about idmap changes
22 * @file msg_idmap.c
23 * @author Gregor Beck <gb@sernet.de>
24 * @date Feb 2011
25 *
26 */
27
28 #include "includes.h"
29 #include "memcache.h"
30 #include "globals.h"
31 #include "../libcli/security/dom_sid.h"
32 #include "../librpc/gen_ndr/messaging.h"
33 #include "../librpc/gen_ndr/ndr_security.h"
34 #include "idmap_cache.h"
35
36 struct id {
37 union {
38 uid_t uid;
39 gid_t gid;
40 struct dom_sid sid;
41 } id;
42 enum {UID, GID, SID} type;
43 };
44
45 static bool parse_id(const char* str, struct id* id)
46 {
47 struct dom_sid sid;
48 unsigned long ul;
49 char c, trash;
50
51 if (sscanf(str, "%cID %lu%c", &c, &ul, &trash) == 2) {
52 switch(c) {
53 case 'G':
54 id->id.gid = ul;
55 id->type = GID;
56 return true;
57 case 'U':
58 id->id.uid = ul;
59 id->type = UID;
60 return true;
61 default:
62 break;
63 }
64 } else if (string_to_sid(&sid, str)) {
65 id->id.sid = sid;
66 id->type = SID;
67 return true;
68 }
69 return false;
70 }
71
72 static bool uid_in_use(const struct user_struct* user, uid_t uid)
73 {
74 while (user) {
75 if (user->session_info && (user->session_info->utok.uid == uid)) {
76 return true;
77 }
78 user = user->next;
79 }
80 return false;
81 }
82
83 static bool gid_in_use(const struct user_struct* user, gid_t gid)
84 {
85 while (user) {
86 if (user->session_info != NULL) {
87 int i;
88 struct security_unix_token utok = user->session_info->utok;
89 if (utok.gid == gid) {
90 return true;
91 }
92 for(i=0; i<utok.ngroups; i++) {
93 if (utok.groups[i] == gid) {
94 return true;
95 }
96 }
97 }
98 user = user->next;
99 }
100 return false;
101 }
102
103 static bool sid_in_use(const struct user_struct* user, const struct dom_sid* psid)
104 {
105 uid_t uid;
106 gid_t gid;
107 if (sid_to_gid(psid, &gid)) {
108 return gid_in_use(user, gid);
109 } else if (sid_to_uid(psid, &uid)) {
110 return uid_in_use(user, uid);
111 }
112 return false;
113 }
114
115
116 static bool id_in_use(const struct user_struct* user, const struct id* id)
117 {
118 switch(id->type) {
119 case UID:
120 return uid_in_use(user, id->id.uid);
121 case GID:
122 return gid_in_use(user, id->id.gid);
123 case SID:
124 return sid_in_use(user, &id->id.sid);
125 default:
126 break;
127 }
128 return false;
129 }
130
131 static void delete_from_cache(const struct id* id)
132 {
133 switch(id->type) {
134 case UID:
135 delete_uid_cache(id->id.uid);
136 idmap_cache_del_uid(id->id.uid);
137 break;
138 case GID:
139 delete_gid_cache(id->id.gid);
140 idmap_cache_del_gid(id->id.gid);
141 break;
142 case SID:
143 delete_sid_cache(&id->id.sid);
144 idmap_cache_del_sid(&id->id.sid);
145 break;
146 default:
147 break;
148 }
149 }
150
151
152 static void message_idmap_flush(struct messaging_context *msg_ctx,
153 void* private_data,
154 uint32_t msg_type,
155 struct server_id server_id,
156 DATA_BLOB* data)
157 {
158 const char* msg = data ? (const char*)data->data : NULL;
159
160 if ((msg == NULL) || (msg[0] == '\0')) {
161 flush_gid_cache();
162 flush_uid_cache();
163 } else if (strncmp(msg, "GID", 3)) {
164 flush_gid_cache();
165 } else if (strncmp(msg, "UID", 3)) {
166 flush_uid_cache();
167 } else {
168 DEBUG(0, ("Invalid argument: %s\n", msg));
169 }
170 }
171
172
173 static void message_idmap_delete(struct messaging_context *msg_ctx,
174 void* private_data,
175 uint32_t msg_type,
176 struct server_id server_id,
177 DATA_BLOB* data)
178 {
179 const char* msg = (data && data->data) ? (const char*)data->data : "<NULL>";
180 bool do_kill = (msg_type == MSG_IDMAP_KILL);
181 struct user_struct* validated_users = smbd_server_conn->smb1.sessions.validated_users;
182 struct id id;
183
184 if (!parse_id(msg, &id)) {
185 DEBUG(0, ("Invalid ?ID: %s\n", msg));
186 return;
187 }
188
189 if( do_kill && id_in_use(validated_users, &id) ) {
190 exit_server_cleanly(msg);
191 } else {
192 delete_from_cache(&id);
193 }
194 }
195
196 void msg_idmap_register_msgs(struct messaging_context *ctx)
197 {
198 messaging_register(ctx, NULL, MSG_IDMAP_FLUSH, message_idmap_flush);
199 messaging_register(ctx, NULL, MSG_IDMAP_DELETE, message_idmap_delete);
200 messaging_register(ctx, NULL, MSG_IDMAP_KILL, message_idmap_delete);
201 }
Samba GIT mirror