search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
preparing for release of alpha.1.4
[Samba.git] / source / groupdb / builtinunix.c
blob9f1e3d733781ba33a2c2e6e6083ce598a24afaa6
1 /*
2 * Unix SMB/Netbios implementation. Version 1.9. SMB parameters and setup
3 * Copyright (C) Andrew Tridgell 1992-1998 Modified by Jeremy Allison 1995.
4 *
5 * This program is free software; you can redistribute it and/or modify it under
6 * the terms of the GNU General Public License as published by the Free
7 * Software Foundation; either version 2 of the License, or (at your option)
8 * any later version.
9 *
10 * This program is distributed in the hope that it will be useful, but WITHOUT
11 * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
12 * FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
13 * more details.
14 *
15 * You should have received a copy of the GNU General Public License along with
16 * this program; if not, write to the Free Software Foundation, Inc., 675
17 * Mass Ave, Cambridge, MA 02139, USA.
18 */
19
20 #include "includes.h"
21 #include "sids.h"
22
23 #ifdef USE_SMBUNIX_DB
24
25 extern int DEBUGLEVEL;
26
27 struct unix_entries
28 {
29 struct group *grps;
30 int num_grps;
31 int grp_idx;
32 };
33
34 /***************************************************************
35 Start to enumerate the bltpasswd list. Returns a void pointer
36 to ensure no modification outside this module.
37 ****************************************************************/
38
39 static void *startbltunixpwent(BOOL update)
40 {
41 struct unix_entries *grps;
42 grps = (struct unix_entries*)malloc(sizeof(struct unix_entries));
43
44 if (grps == NULL)
45 {
46 return NULL;
47 }
48
49 if (!get_unix_grps(&grps->num_grps, &grps->grps))
50 {
51 free(grps);
52 return NULL;
53 }
54
55 grps->grp_idx = 0;
56
57 return (void*)grps;
58 }
59
60 /***************************************************************
61 End enumeration of the bltpasswd list.
62 ****************************************************************/
63
64 static void endbltunixpwent(void *vp)
65 {
66 struct unix_entries *grps = (struct unix_entries *)vp;
67
68 if (grps != NULL)
69 {
70 free_unix_grps(grps->num_grps, grps->grps);
71 free(vp);
72 }
73 }
74
75 /*************************************************************************
76 Return the current position in the bltpasswd list as an SMB_BIG_UINT.
77 This must be treated as an opaque token.
78 *************************************************************************/
79 static SMB_BIG_UINT getbltunixpwpos(void *vp)
80 {
81 return (SMB_BIG_UINT)0;
82 }
83
84 /*************************************************************************
85 Set the current position in the bltpasswd list from an SMB_BIG_UINT.
86 This must be treated as an opaque token.
87 *************************************************************************/
88 static BOOL setbltunixpwpos(void *vp, SMB_BIG_UINT tok)
89 {
90 return False;
91 }
92
93 /*************************************************************************
94 Routine to return the next entry in the smbdomainbuiltin list.
95 *************************************************************************/
96 BOOL get_unixbuiltin_members(struct group *grp,
97 int *num_mem, LOCAL_GRP_MEMBER **members)
98 {
99 int i;
100 char *unix_name;
101
102 if (num_mem == NULL || members == NULL)
103 {
104 return False;
105 }
106
107 (*num_mem) = 0;
108 (*members) = NULL;
109
110 for (i = 0; (unix_name = grp->gr_mem[i]) != NULL; i++)
111 {
112 fstring name;
113 DOM_NAME_MAP gmep;
114 LOCAL_GRP_MEMBER *mem;
115
116 fstrcpy(name, unix_name);
117
118 if (!lookupsmbpwnam (name, &gmep) &&
119 !lookupsmbgrpnam(name, &gmep))
120 {
121 continue;
122 }
123
124 if (!sid_front_equal(&global_sam_sid, &gmep.sid))
125 {
126 DEBUG(0,("builtin database: could not resolve name %s (wrong Domain SID)\n",
127 name));
128 continue;
129 }
130
131 (*num_mem)++;
132 (*members) = Realloc((*members), (*num_mem) * sizeof(LOCAL_GRP_MEMBER));
133 if ((*members) == NULL)
134 {
135 DEBUG(0,("get_unixbuiltin_members: could not realloc LOCAL_GRP_MEMBERs\n"));
136 return False;
137 }
138
139 mem = &(*members)[(*num_mem)-1];
140 slprintf(mem->name, sizeof(mem->name)-1, "%s\\%s",
141 gmep.nt_domain, gmep.nt_name);
142 sid_copy(&mem->sid, &gmep.sid);
143 mem->sid_use = gmep.type;
144
145 DEBUG(10,("get_unixbuiltin_members: adding to builtin alias %s\n",
146 mem->name));
147 }
148 return True;
149 }
150
151 /*************************************************************************
152 Routine to return the next entry in the domain builtin list.
153
154 when we are a PDC or BDC, then unix groups that are explicitly NOT mapped
155 to builtin aliases are treated as DOMAIN groups (see groupunix.c).
156
157 when we are a member of a domain (not a PDC or BDC) then unix groups
158 that are explicitly NOT mapped to builtin aliases are treated
159 as LOCAL groups.
160
161 the reasoning behind this is to make it as simple as possible (not an easy
162 task) for people to set up a domain-aware samba server, in each role that
163 the server can take.
164
165 *************************************************************************/
166 static LOCAL_GRP *getbltunixpwent(void *vp, LOCAL_GRP_MEMBER **mem, int *num_mem)
167 {
168 /* Static buffers we will return. */
169 static LOCAL_GRP gp_buf;
170 struct group unix_grp;
171 struct unix_entries *grps = (struct unix_entries *)vp;
172
173 if (grps == NULL)
174 {
175 return NULL;
176 }
177
178 if (lp_server_role() == ROLE_DOMAIN_NONE)
179 {
180 /*
181 * no domain role, no domain aliases (or domain groups,
182 * but that's dealt with by groupdb...).
183 */
184
185 return NULL;
186 }
187
188 bidb_init_blt(&gp_buf);
189
190 /* get array of unix names + gids. this function does NOT
191 get a copy of the unix group members
192 */
193
194 /* cycle through unix groups */
195 for (; grps->grp_idx < grps->num_grps; grps->grp_idx++)
196 {
197 DOM_NAME_MAP gmep;
198 fstring sid_str;
199
200 memcpy(&unix_grp, &grps->grps[grps->grp_idx], sizeof(unix_grp));
201
202 DEBUG(10,("getgrpunixpwent: enum unix group entry %s\n",
203 unix_grp.gr_name));
204
205 if (!lookupsmbgrpgid(unix_grp.gr_gid, &gmep))
206 {
207 continue;
208 }
209
210 sid_to_string(sid_str, &gmep.sid);
211 DEBUG(10,("group %s found, sid %s type %d\n",
212 gmep.nt_name, sid_str, gmep.type));
213
214 if (gmep.type != SID_NAME_ALIAS)
215 {
216 continue;
217 }
218
219 sid_split_rid(&gmep.sid, &gp_buf.rid);
220 if (!sid_equal(global_sid_builtin, &gmep.sid))
221 {
222 continue;
223 }
224
225 fstrcpy(gp_buf.name, gmep.nt_name);
226 break;
227 }
228
229 if (grps->grp_idx >= grps->num_grps)
230 {
231 return NULL;
232 }
233
234 /* get the user's domain aliases. there are a maximum of 32 */
235
236 if (mem != NULL && num_mem != NULL)
237 {
238 (*mem) = NULL;
239 (*num_mem) = 0;
240
241 memcpy(&unix_grp, getgrgid(unix_grp.gr_gid), sizeof(unix_grp));
242 get_unixbuiltin_members(&unix_grp, num_mem, mem);
243 }
244
245 {
246 pstring linebuf;
247 make_alias_line(linebuf, sizeof(linebuf), &gp_buf, mem, num_mem);
248 DEBUG(10,("line: '%s'\n", linebuf));
249 }
250
251 grps->grp_idx++; /* advance so next enum gets next entry */
252 return &gp_buf;
253 }
254
255 /************************************************************************
256 Routine to add an entry to the bltpasswd file.
257 *************************************************************************/
258
259 static BOOL add_bltunixgrp_entry(LOCAL_GRP *newblt)
260 {
261 DEBUG(0, ("add_bltunixgrp_entry: NOT IMPLEMENTED\n"));
262 return False;
263 }
264
265 /************************************************************************
266 Routine to search the bltpasswd file for an entry matching the builtinname.
267 and then modify its builtin entry.
268 ************************************************************************/
269
270 static BOOL mod_bltunixgrp_entry(LOCAL_GRP* blt)
271 {
272 DEBUG(0, ("mod_bltunixgrp_entry: NOT IMPLEMENTED\n"));
273 return False;
274 }
275
276 /************************************************************************
277 Routine to add a member to an entry to the bltpasswd file.
278 *************************************************************************/
279 static BOOL add_bltunixgrp_member(uint32 rid, const DOM_SID *member_sid)
280 {
281 DEBUG(0, ("add_bltunixgrp_member: NOT IMPLEMENTED\n"));
282 return False;
283 }
284
285 /************************************************************************
286 Routine to delete a member from an entry to the bltpasswd file.
287 *************************************************************************/
288 static BOOL del_bltunixgrp_member(uint32 rid, const DOM_SID *member_sid)
289 {
290 DEBUG(0, ("del_bltunixgrp_member: NOT IMPLEMENTED\n"));
291 return False;
292 }
293
294 static struct aliasdb_ops unix_ops =
295 {
296 startbltunixpwent,
297 endbltunixpwent,
298 getbltunixpwpos,
299 setbltunixpwpos,
300
301 iterate_getbuiltinntnam, /* In builtindb.c */
302 iterate_getbuiltingid, /* In builtindb.c */
303 iterate_getbuiltinrid, /* In builtindb.c */
304 getbltunixpwent,
305
306 add_bltunixgrp_entry,
307 mod_bltunixgrp_entry,
308 NULL, /* deliberately NULL: you can't delete builtin aliases */
309
310 add_bltunixgrp_member,
311 del_bltunixgrp_member,
312
313 iterate_getuserbuiltinntnam /* in builtindb.c */
314 };
315
316 struct aliasdb_ops *unix_initialise_builtin_db(void)
317 {
318 return &unix_ops;
319 }
320
321 #else
322 /* Do *NOT* make this function static. It breaks the compile on gcc. JRA */
323 void unix_bltpass_dummy_function(void) { } /* stop some compilers complaining */
324 #endif /* USE_SMBPASS_DB */
Samba GIT mirror