source3/passdb/pdb_guest.c

   1 /*
   2  * 'Guest' password backend for samba
   3  * Copyright (C) Jelmer Vernooij 2002
   4  * Copyright (C) Andrew Bartlett 2003
   5  *
   6  * This program is free software; you can redistribute it and/or modify it under
   7  * the terms of the GNU General Public License as published by the Free
   8  * Software Foundation; either version 2 of the License, or (at your option)
   9  * any later version.
  10  *
  11  * This program is distributed in the hope that it will be useful, but WITHOUT
  12  * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
  13  * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU General Public License for
  14  * more details.
  15  *
  16  * You should have received a copy of the GNU General Public License along with
  17  * this program; if not, write to the Free Software Foundation, Inc., 675
  18  * Mass Ave, Cambridge, MA 02139, USA.
  19  */
  20
  21 #include "includes.h"
  22
  23 /******************************************************************
  24   Lookup a name in the SAM database
  25  ******************************************************************/
  26
  27 static NTSTATUS guestsam_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *sam_account, const char *sname)
  28 {
  29         const char *guest_account = lp_guestaccount();
  30
  31         if (!sam_account || !sname) {
  32                 DEBUG(0,("invalid name specified"));
  33                 return NT_STATUS_UNSUCCESSFUL;
  34         }
  35
  36         if (!(guest_account && *guest_account)) {
  37                 DEBUG(1, ("NULL guest account!?!?\n"));
  38                 return NT_STATUS_UNSUCCESSFUL;
  39         }
  40
  41         if (!methods) {
  42                 DEBUG(0,("invalid methods\n"));
  43                 return NT_STATUS_UNSUCCESSFUL;
  44         }
  45         if (!strequal(guest_account, sname)) {
  46                 return NT_STATUS_NO_SUCH_USER;
  47         }
  48
  49         pdb_fill_default_sam(sam_account);
  50
  51         if (!pdb_set_username(sam_account, guest_account, PDB_SET))
  52                 return NT_STATUS_UNSUCCESSFUL;
  53
  54         if (!pdb_set_fullname(sam_account, guest_account, PDB_SET))
  55                 return NT_STATUS_UNSUCCESSFUL;
  56
  57         if (!pdb_set_domain(sam_account, get_global_sam_name(), PDB_DEFAULT))
  58                 return NT_STATUS_UNSUCCESSFUL;
  59
  60         if (!pdb_set_acct_ctrl(sam_account, ACB_NORMAL, PDB_DEFAULT))
  61                 return NT_STATUS_UNSUCCESSFUL;
  62
  63         if (!pdb_set_user_sid_from_rid(sam_account, DOMAIN_USER_RID_GUEST, PDB_SET))
  64                 return NT_STATUS_UNSUCCESSFUL;
  65
  66         if (!pdb_set_group_sid_from_rid(sam_account, DOMAIN_GROUP_RID_GUESTS, PDB_DEFAULT))
  67                 return NT_STATUS_UNSUCCESSFUL;
  68
  69         return NT_STATUS_OK;
  70 }
  71
  72
  73 /***************************************************************************
  74   Search by rid
  75  **************************************************************************/
  76
  77 static NTSTATUS guestsam_getsampwrid (struct pdb_methods *methods,
  78                                  SAM_ACCOUNT *sam_account, uint32 rid)
  79 {
  80         if (rid != DOMAIN_USER_RID_GUEST) {
  81                 return NT_STATUS_NO_SUCH_USER;
  82         }
  83
  84         if (!sam_account) {
  85                 return NT_STATUS_INVALID_PARAMETER;
  86         }
  87
  88         return guestsam_getsampwnam (methods, sam_account, lp_guestaccount());
  89 }
  90
  91 static NTSTATUS guestsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT * user, const DOM_SID *sid)
  92 {
  93         uint32 rid;
  94         if (!sid_peek_check_rid(get_global_sam_sid(), sid, &rid))
  95                 return NT_STATUS_NO_SUCH_USER;
  96
  97         return guestsam_getsampwrid(my_methods, user, rid);
  98 }
  99
 100
 101 /***************************************************************************
 102   Updates a SAM_ACCOUNT
 103
 104   This isn't a particulary practical option for pdb_guest.  We certainly don't
 105   want to twidde the filesystem, so what should we do?
 106
 107   Current plan is to transparently add the account.  It should appear
 108   as if the pdb_guest version was modified, but its actually stored somehwere.
 109  ****************************************************************************/
 110
 111 static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
 112 {
 113 #if 1   /* JERRY */
 114
 115         /* apparently thr build farm relies upon this heavior :-( */
 116
 117         return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
 118 #else
 119         /* I don't think we should allow any modification of
 120            the guest account as SID will could messed up with
 121            the smbpasswd backend   --jerry */
 122
 123         return NT_STATUS_NOT_IMPLEMENTED;
 124 #endif
 125 }
 126
 127 NTSTATUS pdb_init_guestsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
 128 {
 129         NTSTATUS nt_status;
 130
 131         if (!pdb_context) {
 132                 DEBUG(0, ("invalid pdb_context specified\n"));
 133                 return NT_STATUS_UNSUCCESSFUL;
 134         }
 135
 136         if (!NT_STATUS_IS_OK(nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
 137                 return nt_status;
 138         }
 139
 140         (*pdb_method)->name = "guestsam";
 141
 142         (*pdb_method)->getsampwnam = guestsam_getsampwnam;
 143         (*pdb_method)->getsampwsid = guestsam_getsampwsid;
 144         (*pdb_method)->update_sam_account = guestsam_update_sam_account;
 145
 146         /* we should do no group mapping here */
 147         (*pdb_method)->getgrsid = pdb_nop_getgrsid;
 148         (*pdb_method)->getgrgid = pdb_nop_getgrgid;
 149         (*pdb_method)->getgrnam = pdb_nop_getgrnam;
 150         (*pdb_method)->add_group_mapping_entry = pdb_nop_add_group_mapping_entry;
 151         (*pdb_method)->update_group_mapping_entry = pdb_nop_update_group_mapping_entry;
 152         (*pdb_method)->delete_group_mapping_entry = pdb_nop_delete_group_mapping_entry;
 153         (*pdb_method)->enum_group_mapping = pdb_nop_enum_group_mapping;
 154
 155         /* we do not handle groups in guest backend */
 156 /*      FIXME
 157         (*pdb_method)->get_group_info_by_sid = pdb_nop_get_group_info_by_sid;
 158         (*pdb_method)->get_group_list = pdb_nop_get_group_list;
 159         (*pdb_method)->get_group_sids = pdb_nop_get_group_sids;
 160         (*pdb_method)->add_group = pdb_nop_add_group;
 161         (*pdb_method)->update_group = pdb_nop_update_group;
 162         (*pdb_method)->delete_group = pdb_nop_delete_group;
 163         (*pdb_method)->add_sid_to_group = pdb_nop_add_sid_to_group;
 164         (*pdb_method)->remove_sid_from_group = pdb_nop_remove_sid_from_group;
 165         (*pdb_method)->get_group_info_by_name = pdb_nop_get_group_info_by_name;
 166         (*pdb_method)->get_group_info_by_nt_name = pdb_nop_get_group_info_by_nt_name;
 167         (*pdb_method)->get_group_uids = pdb_nop_get_group_uids;
 168 */
 169
 170
 171         /* There's not very much to initialise here */
 172         return NT_STATUS_OK;
 173 }
 174
 175 NTSTATUS pdb_guest_init(void)
 176 {
 177         return smb_register_passdb(PASSDB_INTERFACE_VERSION, "guest", pdb_init_guestsam);
 178 }
 179