idmap: unify passdb *id_to_sid methods
[Samba.git] / source3 / printing / nt_printing_tdb.c
blob953448d497ee54ee1a8a9a5bc308a11f47a0da2f
1 /*
2 * Unix SMB/CIFS implementation.
3 * RPC Pipe client / server routines
4 * Copyright (c) Andrew Tridgell 1992-2000,
5 * Copyright (c) Jean François Micouleau 1998-2000.
6 * Copyright (c) Gerald Carter 2002-2005.
7 * Copyright (c) Andreas Schneider 2010.
9 * This program is free software; you can redistribute it and/or modify
10 * it under the terms of the GNU General Public License as published by
11 * the Free Software Foundation; either version 3 of the License, or
12 * (at your option) any later version.
14 * This program is distributed in the hope that it will be useful,
15 * but WITHOUT ANY WARRANTY; without even the implied warranty of
16 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
17 * GNU General Public License for more details.
19 * You should have received a copy of the GNU General Public License
20 * along with this program; if not, see <http://www.gnu.org/licenses/>.
23 #include "includes.h"
24 #include "system/filesys.h"
25 #include "printing/nt_printing_tdb.h"
26 #include "librpc/gen_ndr/spoolss.h"
27 #include "librpc/gen_ndr/ndr_security.h"
28 #include "libcli/security/security.h"
29 #include "util_tdb.h"
31 #define FORMS_PREFIX "FORMS/"
32 #define DRIVERS_PREFIX "DRIVERS/"
33 #define PRINTERS_PREFIX "PRINTERS/"
34 #define SECDESC_PREFIX "SECDESC/"
36 #define NTDRIVERS_DATABASE_VERSION_1 1
37 #define NTDRIVERS_DATABASE_VERSION_2 2
38 #define NTDRIVERS_DATABASE_VERSION_3 3 /* little endian version of v2 */
39 #define NTDRIVERS_DATABASE_VERSION_4 4 /* fix generic bits in security descriptors */
40 #define NTDRIVERS_DATABASE_VERSION_5 5 /* normalize keys in ntprinters.tdb */
42 static TDB_CONTEXT *tdb_forms; /* used for forms files */
43 static TDB_CONTEXT *tdb_drivers; /* used for driver files */
44 static TDB_CONTEXT *tdb_printers; /* used for printers files */
46 /****************************************************************************
47 generate a new TDB_DATA key for storing a printer
48 ****************************************************************************/
50 static TDB_DATA make_printer_tdbkey(TALLOC_CTX *ctx, const char *sharename )
52 fstring share;
53 char *keystr = NULL;
54 TDB_DATA key;
56 fstrcpy(share, sharename);
57 (void)strlower_m(share);
59 keystr = talloc_asprintf(ctx, "%s%s", PRINTERS_PREFIX, share);
60 key = string_term_tdb_data(keystr ? keystr : "");
62 return key;
65 /****************************************************************************
66 generate a new TDB_DATA key for storing a printer security descriptor
67 ****************************************************************************/
69 static TDB_DATA make_printers_secdesc_tdbkey(TALLOC_CTX *ctx,
70 const char* sharename )
72 fstring share;
73 char *keystr = NULL;
74 TDB_DATA key;
76 fstrcpy(share, sharename );
77 (void)strlower_m(share);
79 keystr = talloc_asprintf(ctx, "%s%s", SECDESC_PREFIX, share);
80 key = string_term_tdb_data(keystr ? keystr : "");
82 return key;
85 /****************************************************************************
86 Upgrade the tdb files to version 3
87 ****************************************************************************/
89 static bool upgrade_to_version_3(void)
91 TDB_DATA kbuf, dbuf;
93 DEBUG(0,("upgrade_to_version_3: upgrading print tdb's to version 3\n"));
95 for (kbuf = tdb_firstkey_compat(tdb_drivers); kbuf.dptr;
96 kbuf = tdb_nextkey_compat(tdb_drivers, kbuf)) {
98 dbuf = tdb_fetch_compat(tdb_drivers, kbuf);
100 if (strncmp((const char *)kbuf.dptr, FORMS_PREFIX, strlen(FORMS_PREFIX)) == 0) {
101 DEBUG(0,("upgrade_to_version_3:moving form\n"));
102 if (tdb_store(tdb_forms, kbuf, dbuf, TDB_REPLACE) != 0) {
103 SAFE_FREE(dbuf.dptr);
104 DEBUG(0,("upgrade_to_version_3: failed to move form. Error (%s).\n", tdb_errorstr_compat(tdb_forms)));
105 return False;
107 if (tdb_delete(tdb_drivers, kbuf) != 0) {
108 SAFE_FREE(dbuf.dptr);
109 DEBUG(0,("upgrade_to_version_3: failed to delete form. Error (%s)\n", tdb_errorstr_compat(tdb_drivers)));
110 return False;
114 if (strncmp((const char *)kbuf.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX)) == 0) {
115 DEBUG(0,("upgrade_to_version_3:moving printer\n"));
116 if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
117 SAFE_FREE(dbuf.dptr);
118 DEBUG(0,("upgrade_to_version_3: failed to move printer. Error (%s)\n", tdb_errorstr_compat(tdb_printers)));
119 return False;
121 if (tdb_delete(tdb_drivers, kbuf) != 0) {
122 SAFE_FREE(dbuf.dptr);
123 DEBUG(0,("upgrade_to_version_3: failed to delete printer. Error (%s)\n", tdb_errorstr_compat(tdb_drivers)));
124 return False;
128 if (strncmp((const char *)kbuf.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX)) == 0) {
129 DEBUG(0,("upgrade_to_version_3:moving secdesc\n"));
130 if (tdb_store(tdb_printers, kbuf, dbuf, TDB_REPLACE) != 0) {
131 SAFE_FREE(dbuf.dptr);
132 DEBUG(0,("upgrade_to_version_3: failed to move secdesc. Error (%s)\n", tdb_errorstr_compat(tdb_printers)));
133 return False;
135 if (tdb_delete(tdb_drivers, kbuf) != 0) {
136 SAFE_FREE(dbuf.dptr);
137 DEBUG(0,("upgrade_to_version_3: failed to delete secdesc. Error (%s)\n", tdb_errorstr_compat(tdb_drivers)));
138 return False;
142 SAFE_FREE(dbuf.dptr);
145 return True;
148 /*******************************************************************
149 Fix an issue with security descriptors. Printer sec_desc must
150 use more than the generic bits that were previously used
151 in <= 3.0.14a. They must also have a owner and group SID assigned.
152 Otherwise, any printers than have been migrated to a Windows
153 host using printmig.exe will not be accessible.
154 *******************************************************************/
156 static int sec_desc_upg_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
157 TDB_DATA data, void *state )
159 NTSTATUS status;
160 struct sec_desc_buf *sd_orig = NULL;
161 struct sec_desc_buf *sd_new, *sd_store;
162 struct security_descriptor *sec, *new_sec;
163 TALLOC_CTX *ctx = state;
164 int result, i;
165 size_t size_new_sec;
167 if (!data.dptr || data.dsize == 0) {
168 return 0;
171 if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) != 0 ) {
172 return 0;
175 /* upgrade the security descriptor */
177 status = unmarshall_sec_desc_buf(ctx, data.dptr, data.dsize, &sd_orig);
178 if (!NT_STATUS_IS_OK(status)) {
179 /* delete bad entries */
180 DEBUG(0,("sec_desc_upg_fn: Failed to parse original sec_desc for %si. Deleting....\n",
181 (const char *)key.dptr ));
182 tdb_delete( tdb_printers, key );
183 return 0;
186 if (!sd_orig) {
187 return 0;
189 sec = sd_orig->sd;
191 /* is this even valid? */
193 if ( !sec->dacl ) {
194 return 0;
197 /* update access masks */
199 for ( i=0; i<sec->dacl->num_aces; i++ ) {
200 switch ( sec->dacl->aces[i].access_mask ) {
201 case (GENERIC_READ_ACCESS | GENERIC_WRITE_ACCESS | GENERIC_EXECUTE_ACCESS):
202 sec->dacl->aces[i].access_mask = PRINTER_ACE_PRINT;
203 break;
205 case GENERIC_ALL_ACCESS:
206 sec->dacl->aces[i].access_mask = PRINTER_ACE_FULL_CONTROL;
207 break;
209 case READ_CONTROL_ACCESS:
210 sec->dacl->aces[i].access_mask = PRINTER_ACE_MANAGE_DOCUMENTS;
212 default: /* no change */
213 break;
217 /* create a new struct security_descriptor with the appropriate owner and group SIDs */
219 new_sec = make_sec_desc( ctx, SD_REVISION, SEC_DESC_SELF_RELATIVE,
220 &global_sid_Builtin_Administrators,
221 &global_sid_Builtin_Administrators,
222 NULL, NULL, &size_new_sec );
223 if (!new_sec) {
224 return 0;
226 sd_new = make_sec_desc_buf( ctx, size_new_sec, new_sec );
227 if (!sd_new) {
228 return 0;
231 if ( !(sd_store = sec_desc_merge_buf( ctx, sd_new, sd_orig )) ) {
232 DEBUG(0,("sec_desc_upg_fn: Failed to update sec_desc for %s\n", key.dptr ));
233 return 0;
236 /* store it back */
238 status = marshall_sec_desc_buf(ctx, sd_store, &data.dptr, &data.dsize);
239 if (!NT_STATUS_IS_OK(status)) {
240 DEBUG(0,("sec_desc_upg_fn: Failed to parse new sec_desc for %s\n", key.dptr ));
241 return 0;
244 result = tdb_store( tdb_printers, key, data, TDB_REPLACE );
246 /* 0 to continue and non-zero to stop traversal */
248 return (result != 0);
251 /*******************************************************************
252 Upgrade the tdb files to version 4
253 *******************************************************************/
255 static bool upgrade_to_version_4(void)
257 TALLOC_CTX *ctx;
258 int result;
260 DEBUG(0,("upgrade_to_version_4: upgrading printer security descriptors\n"));
262 if ( !(ctx = talloc_init( "upgrade_to_version_4" )) )
263 return False;
265 result = tdb_traverse( tdb_printers, sec_desc_upg_fn, ctx );
267 talloc_destroy( ctx );
269 return ( result >= 0 );
272 /*******************************************************************
273 Fix an issue with security descriptors. Printer sec_desc must
274 use more than the generic bits that were previously used
275 in <= 3.0.14a. They must also have a owner and group SID assigned.
276 Otherwise, any printers than have been migrated to a Windows
277 host using printmig.exe will not be accessible.
278 *******************************************************************/
280 static int normalize_printers_fn( TDB_CONTEXT *the_tdb, TDB_DATA key,
281 TDB_DATA data, void *state )
283 TALLOC_CTX *ctx = talloc_tos();
284 TDB_DATA new_key;
286 if (!data.dptr || data.dsize == 0)
287 return 0;
289 /* upgrade printer records and security descriptors */
291 if ( strncmp((const char *) key.dptr, PRINTERS_PREFIX, strlen(PRINTERS_PREFIX) ) == 0 ) {
292 new_key = make_printer_tdbkey(ctx, (const char *)key.dptr+strlen(PRINTERS_PREFIX) );
294 else if ( strncmp((const char *) key.dptr, SECDESC_PREFIX, strlen(SECDESC_PREFIX) ) == 0 ) {
295 new_key = make_printers_secdesc_tdbkey(ctx, (const char *)key.dptr+strlen(SECDESC_PREFIX) );
297 else {
298 /* ignore this record */
299 return 0;
302 /* delete the original record and store under the normalized key */
304 if ( tdb_delete( the_tdb, key ) != 0 ) {
305 DEBUG(0,("normalize_printers_fn: tdb_delete for [%s] failed!\n",
306 key.dptr));
307 return 1;
310 if ( tdb_store( the_tdb, new_key, data, TDB_REPLACE) != 0 ) {
311 DEBUG(0,("normalize_printers_fn: failed to store new record for [%s]!\n",
312 key.dptr));
313 return 1;
316 return 0;
319 /*******************************************************************
320 Upgrade the tdb files to version 5
321 *******************************************************************/
323 static bool upgrade_to_version_5(void)
325 TALLOC_CTX *ctx;
326 int result;
328 DEBUG(0,("upgrade_to_version_5: normalizing printer keys\n"));
330 if ( !(ctx = talloc_init( "upgrade_to_version_5" )) )
331 return False;
333 result = tdb_traverse( tdb_printers, normalize_printers_fn, NULL );
335 talloc_destroy( ctx );
337 return ( result >= 0 );
340 bool nt_printing_tdb_upgrade(void)
342 char *drivers_path;
343 char *printers_path;
344 char *forms_path;
345 bool drivers_exists;
346 bool printers_exists;
347 bool forms_exists;
348 const char *vstring = "INFO/version";
349 int32_t vers_id;
350 bool ret;
352 drivers_path = state_path("ntdrivers.tdb");
353 if (drivers_path == NULL) {
354 ret = false;
355 goto err_out;
357 printers_path = state_path("ntprinters.tdb");
358 if (printers_path == NULL) {
359 ret = false;
360 goto err_drvdb_free;
362 forms_path = state_path("ntforms.tdb");
363 if (forms_path == NULL) {
364 ret = false;
365 goto err_prdb_free;
368 drivers_exists = file_exist(drivers_path);
369 printers_exists = file_exist(printers_path);
370 forms_exists = file_exist(forms_path);
372 if (!drivers_exists && !printers_exists && !forms_exists) {
373 ret = true;
374 goto err_formsdb_free;
377 tdb_drivers = tdb_open_log(drivers_path,
379 TDB_DEFAULT,
380 O_RDWR|O_CREAT,
381 0600);
382 if (tdb_drivers == NULL) {
383 DEBUG(0,("nt_printing_init: Failed to open nt drivers "
384 "database %s (%s)\n",
385 drivers_path, strerror(errno)));
386 ret = false;
387 goto err_formsdb_free;
390 tdb_printers = tdb_open_log(printers_path,
392 TDB_DEFAULT,
393 O_RDWR|O_CREAT,
394 0600);
395 if (tdb_printers == NULL) {
396 DEBUG(0,("nt_printing_init: Failed to open nt printers "
397 "database %s (%s)\n",
398 printers_path, strerror(errno)));
399 ret = false;
400 goto err_drvdb_close;
403 tdb_forms = tdb_open_log(forms_path,
405 TDB_DEFAULT,
406 O_RDWR|O_CREAT,
407 0600);
408 if (tdb_forms == NULL) {
409 DEBUG(0,("nt_printing_init: Failed to open nt forms "
410 "database %s (%s)\n",
411 forms_path, strerror(errno)));
412 ret = false;
413 goto err_prdb_close;
416 /* Samba upgrade */
417 vers_id = tdb_fetch_int32(tdb_drivers, vstring);
418 if (vers_id == -1) {
419 DEBUG(10, ("Fresh database\n"));
420 tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5);
421 vers_id = NTDRIVERS_DATABASE_VERSION_5;
424 if (vers_id != NTDRIVERS_DATABASE_VERSION_5) {
425 if ((vers_id == NTDRIVERS_DATABASE_VERSION_1) ||
426 (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_1)) {
427 if (!upgrade_to_version_3()) {
428 ret = false;
429 goto err_formsdb_close;
432 tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
433 vers_id = NTDRIVERS_DATABASE_VERSION_3;
436 if ((vers_id == NTDRIVERS_DATABASE_VERSION_2) ||
437 (IREV(vers_id) == NTDRIVERS_DATABASE_VERSION_2)) {
439 * Written on a bigendian machine with old fetch_int
440 * code. Save as le. The only upgrade between V2 and V3
441 * is to save the version in little-endian.
443 tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_3);
444 vers_id = NTDRIVERS_DATABASE_VERSION_3;
447 if (vers_id == NTDRIVERS_DATABASE_VERSION_3) {
448 if (!upgrade_to_version_4()) {
449 ret = false;
450 goto err_formsdb_close;
452 tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_4);
453 vers_id = NTDRIVERS_DATABASE_VERSION_4;
456 if (vers_id == NTDRIVERS_DATABASE_VERSION_4 ) {
457 if (!upgrade_to_version_5()) {
458 ret = false;
459 goto err_formsdb_close;
461 tdb_store_int32(tdb_drivers, vstring, NTDRIVERS_DATABASE_VERSION_5);
462 vers_id = NTDRIVERS_DATABASE_VERSION_5;
465 if (vers_id != NTDRIVERS_DATABASE_VERSION_5) {
466 DEBUG(0,("nt_printing_init: Unknown printer database version [%d]\n", vers_id));
467 ret = false;
468 goto err_formsdb_close;
471 ret = true;
473 err_formsdb_close:
474 if (tdb_forms) {
475 tdb_close(tdb_forms);
476 tdb_forms = NULL;
478 err_prdb_close:
479 if (tdb_printers) {
480 tdb_close(tdb_printers);
481 tdb_printers = NULL;
483 err_drvdb_close:
484 if (tdb_drivers) {
485 tdb_close(tdb_drivers);
486 tdb_drivers = NULL;
488 err_formsdb_free:
489 talloc_free(forms_path);
490 err_prdb_free:
491 talloc_free(printers_path);
492 err_drvdb_free:
493 talloc_free(drivers_path);
494 err_out:
495 return ret;