2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2003 Andrew Bartlett (abartlet@samba.org)
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
21 #include "utils/net.h"
24 /***********************************************************
25 Helper function for net_idmap_dump. Dump one entry.
26 **********************************************************/
27 static int net_idmap_dump_one_entry(TDB_CONTEXT *tdb,
32 if (strcmp(key.dptr, "USER HWM") == 0) {
33 printf("USER HWM %d\n", IVAL(data.dptr,0));
37 if (strcmp(key.dptr, "GROUP HWM") == 0) {
38 printf("GROUP HWM %d\n", IVAL(data.dptr,0));
42 if (strncmp(key.dptr, "S-", 2) != 0)
45 printf("%s %s\n", data.dptr, key.dptr);
49 /***********************************************************
50 Dump the current idmap
51 **********************************************************/
52 static int net_idmap_dump(int argc, const char **argv)
54 TDB_CONTEXT *idmap_tdb;
57 return net_help_idmap( argc, argv );
59 idmap_tdb = tdb_open_log(argv[0], 0, TDB_DEFAULT, O_RDONLY, 0);
61 if (idmap_tdb == NULL) {
62 d_fprintf(stderr, "Could not open idmap: %s\n", argv[0]);
66 tdb_traverse(idmap_tdb, net_idmap_dump_one_entry, NULL);
73 /***********************************************************
74 Fix up the HWMs after a idmap restore.
75 **********************************************************/
83 static int net_idmap_find_max_id(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA data,
86 struct hwms *hwms = (struct hwms *)handle;
91 if (strncmp(key.dptr, "S-", 2) != 0)
94 if (sscanf(data.dptr, "GID %d", &id) == 1) {
95 idptr = (void *)&hwms->group_hwm;
99 if (sscanf(data.dptr, "UID %d", &id) == 1) {
100 idptr = (void *)&hwms->user_hwm;
105 d_fprintf(stderr, "Illegal idmap entry: [%s]->[%s]\n",
106 key.dptr, data.dptr);
112 if (hwms->group_hwm <= (gid_t)id) {
113 hwms->group_hwm = (gid_t)(id+1);
116 if (hwms->user_hwm <= (uid_t)id) {
117 hwms->user_hwm = (uid_t)(id+1);
124 static NTSTATUS net_idmap_fixup_hwm(void)
126 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
127 TDB_CONTEXT *idmap_tdb;
128 char *tdbfile = NULL;
133 if (!lp_idmap_uid(&hwms.user_hwm, &highest.user_hwm) ||
134 !lp_idmap_gid(&hwms.group_hwm, &highest.group_hwm)) {
135 d_fprintf(stderr, "idmap range missing\n");
136 return NT_STATUS_UNSUCCESSFUL;
139 tdbfile = SMB_STRDUP(lock_path("winbindd_idmap.tdb"));
141 DEBUG(0, ("idmap_init: out of memory!\n"));
142 return NT_STATUS_NO_MEMORY;
145 idmap_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDWR, 0);
147 if (idmap_tdb == NULL) {
148 d_fprintf(stderr, "Could not open idmap: %s\n", tdbfile);
149 return NT_STATUS_NO_SUCH_FILE;
154 tdb_traverse(idmap_tdb, net_idmap_find_max_id, &hwms);
160 d_printf("USER HWM: %d GROUP HWM: %d\n",
161 hwms.user_hwm, hwms.group_hwm);
163 if (hwms.user_hwm >= highest.user_hwm) {
164 d_fprintf(stderr, "Highest UID out of uid range\n");
168 if (hwms.group_hwm >= highest.group_hwm) {
169 d_fprintf(stderr, "Highest GID out of gid range\n");
173 if ((tdb_store_int32(idmap_tdb, "USER HWM", (int32)hwms.user_hwm) != 0) ||
174 (tdb_store_int32(idmap_tdb, "GROUP HWM", (int32)hwms.group_hwm) != 0)) {
175 d_fprintf(stderr, "Could not store HWMs\n");
179 result = NT_STATUS_OK;
181 tdb_close(idmap_tdb);
185 /***********************************************************
186 Write entries from stdin to current local idmap
187 **********************************************************/
188 static int net_idmap_restore(int argc, const char **argv)
190 if (!idmap_init(lp_idmap_backend())) {
191 d_fprintf(stderr, "Could not init idmap\n");
195 while (!feof(stdin)) {
196 fstring line, sid_string;
202 if (fgets(line, sizeof(line)-1, stdin) == NULL)
207 if ( (len > 0) && (line[len-1] == '\n') )
210 /* Yuck - this is broken for sizeof(gid_t) != sizeof(int) */
212 if (sscanf(line, "GID %d %s", &id.gid, sid_string) == 2) {
216 /* Yuck - this is broken for sizeof(uid_t) != sizeof(int) */
218 if (sscanf(line, "UID %d %s", &id.uid, sid_string) == 2) {
222 if (type == ID_EMPTY) {
223 d_printf("ignoring invalid line [%s]\n", line);
227 if (!string_to_sid(&sid, sid_string)) {
228 d_printf("ignoring invalid sid [%s]\n", sid_string);
232 if (!NT_STATUS_IS_OK(idmap_set_mapping(&sid, id, type))) {
233 d_fprintf(stderr, "Could not set mapping of %s %lu to sid %s\n",
234 (type == ID_GROUPID) ? "GID" : "UID",
235 (type == ID_GROUPID) ? (unsigned long)id.gid:
236 (unsigned long)id.uid,
237 sid_string_static(&sid));
245 return NT_STATUS_IS_OK(net_idmap_fixup_hwm()) ? 0 : -1;
248 /***********************************************************
249 Delete a SID mapping from a winbindd_idmap.tdb
250 **********************************************************/
251 static int net_idmap_delete(int argc, const char **argv)
253 TDB_CONTEXT *idmap_tdb;
258 return net_help_idmap(argc, argv);
260 idmap_tdb = tdb_open_log(argv[0], 0, TDB_DEFAULT, O_RDWR, 0);
262 if (idmap_tdb == NULL) {
263 d_fprintf(stderr, "Could not open idmap: %s\n", argv[0]);
267 fstrcpy(sid, argv[1]);
269 if (strncmp(sid, "S-1-5-", strlen("S-1-5-")) != 0) {
270 d_fprintf(stderr, "Can only delete SIDs, %s is does not start with "
276 key.dsize = strlen(key.dptr)+1;
278 data = tdb_fetch(idmap_tdb, key);
280 if (data.dptr == NULL) {
281 d_fprintf(stderr, "Could not find sid %s\n", argv[1]);
285 if (tdb_delete(idmap_tdb, key) != 0) {
286 d_fprintf(stderr, "Could not delete key %s\n", argv[1]);
290 if (tdb_delete(idmap_tdb, data) != 0) {
291 d_fprintf(stderr, "Could not delete key %s\n", data.dptr);
299 int net_help_idmap(int argc, const char **argv)
301 d_printf("net idmap dump <tdbfile>"\
302 "\n Dump current id mapping\n");
304 d_printf("net idmap restore"\
305 "\n Restore entries from stdin to current local idmap\n");
307 /* Deliberately *not* document net idmap delete */
312 /***********************************************************
313 Look at the current idmap
314 **********************************************************/
315 int net_idmap(int argc, const char **argv)
317 struct functable func[] = {
318 {"dump", net_idmap_dump},
319 {"restore", net_idmap_restore},
320 {"delete", net_idmap_delete},
321 {"help", net_help_idmap},
325 return net_run_function(argc, argv, func, net_help_idmap);