nsswitch/idmap_nss.c

説明を見る。
00001 /* 
00002    Unix SMB/CIFS implementation.
00003 
00004    idmap PASSDB backend
00005 
00006    Copyright (C) Simo Sorce 2006
00007    
00008    This program is free software; you can redistribute it and/or modify
00009    it under the terms of the GNU General Public License as published by
00010    the Free Software Foundation; either version 2 of the License, or
00011    (at your option) any later version.
00012    
00013    This program is distributed in the hope that it will be useful,
00014    but WITHOUT ANY WARRANTY; without even the implied warranty of
00015    MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
00016    GNU General Public License for more details.
00017    
00018    You should have received a copy of the GNU General Public License
00019    along with this program; if not, write to the Free Software
00020    Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
00021 */
00022 
00023 #include "includes.h"
00024 #include "winbindd.h"
00025 
00026 #undef DBGC_CLASS
00027 #define DBGC_CLASS DBGC_IDMAP
00028 
00029 /*****************************
00030  Initialise idmap database. 
00031 *****************************/
00032 
00033 static NTSTATUS idmap_nss_int_init(struct idmap_domain *dom)
00034 {       
00035         dom->initialized = True;
00036         return NT_STATUS_OK;
00037 }
00038 
00039 /**********************************
00040  lookup a set of unix ids. 
00041 **********************************/
00042 
00043 static NTSTATUS idmap_nss_unixids_to_sids(struct idmap_domain *dom, struct id_map **ids)
00044 {
00045         TALLOC_CTX *ctx;
00046         int i;
00047 
00048         if (! dom->initialized) {
00049                 return NT_STATUS_UNSUCCESSFUL;
00050         }
00051 
00052         ctx = talloc_new(dom);
00053         if ( ! ctx) {
00054                 DEBUG(0, ("Out of memory!\n"));
00055                 return NT_STATUS_NO_MEMORY;
00056         }
00057 
00058         for (i = 0; ids[i]; i++) {
00059                 struct passwd *pw;
00060                 struct group *gr;
00061                 const char *name;
00062                 enum lsa_SidType type;
00063                 BOOL ret;
00064                 
00065                 switch (ids[i]->xid.type) {
00066                 case ID_TYPE_UID:
00067                         pw = getpwuid((uid_t)ids[i]->xid.id);
00068 
00069                         if (!pw) {
00070                                 ids[i]->status = ID_UNMAPPED;
00071                                 continue;
00072                         }
00073                         name = pw->pw_name;
00074                         break;
00075                 case ID_TYPE_GID:
00076                         gr = getgrgid((gid_t)ids[i]->xid.id);
00077 
00078                         if (!gr) {
00079                                 ids[i]->status = ID_UNMAPPED;
00080                                 continue;
00081                         }
00082                         name = gr->gr_name;
00083                         break;
00084                 default: /* ?? */
00085                         ids[i]->status = ID_UNKNOWN;
00086                         continue;
00087                 }
00088 
00089                 /* by default calls to winbindd are disabled
00090                    the following call will not recurse so this is safe */
00091                 winbind_on();
00092                 /* Lookup name from PDC using lsa_lookup_names() */
00093                 ret = winbind_lookup_name(dom->name, name, ids[i]->sid, &type);
00094                 winbind_off();
00095 
00096                 if (!ret) {
00097                         /* TODO: how do we know if the name is really not mapped,
00098                          * or something just failed ? */
00099                         ids[i]->status = ID_UNMAPPED;
00100                         continue;
00101                 }
00102 
00103                 switch (type) {
00104                 case SID_NAME_USER:
00105                         if (ids[i]->xid.type == ID_TYPE_UID) {
00106                                 ids[i]->status = ID_MAPPED;
00107                         }
00108                         break;
00109 
00110                 case SID_NAME_DOM_GRP:
00111                 case SID_NAME_ALIAS:
00112                 case SID_NAME_WKN_GRP:
00113                         if (ids[i]->xid.type == ID_TYPE_GID) {
00114                                 ids[i]->status = ID_MAPPED;
00115                         }
00116                         break;
00117 
00118                 default:
00119                         ids[i]->status = ID_UNKNOWN;
00120                         break;
00121                 }
00122         }
00123 
00124 
00125         talloc_free(ctx);
00126         return NT_STATUS_OK;
00127 }
00128 
00129 /**********************************
00130  lookup a set of sids. 
00131 **********************************/
00132 
00133 static NTSTATUS idmap_nss_sids_to_unixids(struct idmap_domain *dom, struct id_map **ids)
00134 {
00135         TALLOC_CTX *ctx;
00136         int i;
00137 
00138         if (! dom->initialized) {
00139                 return NT_STATUS_UNSUCCESSFUL;
00140         }
00141 
00142         ctx = talloc_new(dom);
00143         if ( ! ctx) {
00144                 DEBUG(0, ("Out of memory!\n"));
00145                 return NT_STATUS_NO_MEMORY;
00146         }
00147 
00148         for (i = 0; ids[i]; i++) {
00149                 struct passwd *pw;
00150                 struct group *gr;
00151                 enum lsa_SidType type;
00152                 const char *dom_name = NULL;
00153                 const char *name = NULL;
00154                 BOOL ret;
00155 
00156                 /* by default calls to winbindd are disabled
00157                    the following call will not recurse so this is safe */
00158                 winbind_on();
00159                 ret = winbind_lookup_sid(ctx, ids[i]->sid, &dom_name, &name, &type);
00160                 winbind_off();
00161 
00162                 if (!ret) {
00163                         /* TODO: how do we know if the name is really not mapped,
00164                          * or something just failed ? */
00165                         ids[i]->status = ID_UNMAPPED;
00166                         continue;
00167                 }
00168 
00169                 switch (type) {
00170                 case SID_NAME_USER:
00171 
00172                         /* this will find also all lower case name and use username level */
00173                         
00174                         pw = Get_Pwnam(name);
00175                         if (pw) {
00176                                 ids[i]->xid.id = pw->pw_uid;
00177                                 ids[i]->xid.type = ID_TYPE_UID;
00178                                 ids[i]->status = ID_MAPPED;
00179                         }
00180                         break;
00181 
00182                 case SID_NAME_DOM_GRP:
00183                 case SID_NAME_ALIAS:
00184                 case SID_NAME_WKN_GRP:
00185 
00186                         gr = getgrnam(name);
00187                         if (gr) {
00188                                 ids[i]->xid.id = gr->gr_gid;
00189                                 ids[i]->xid.type = ID_TYPE_GID;
00190                                 ids[i]->status = ID_MAPPED;
00191                         }
00192                         break;
00193 
00194                 default:
00195                         ids[i]->status = ID_UNKNOWN;
00196                         break;
00197                 }
00198         }
00199 
00200         talloc_free(ctx);
00201         return NT_STATUS_OK;
00202 }
00203 
00204 /**********************************
00205  Close the idmap tdb instance
00206 **********************************/
00207 
00208 static NTSTATUS idmap_nss_close(struct idmap_domain *dom)
00209 {
00210         return NT_STATUS_OK;
00211 }
00212 
00213 static struct idmap_methods nss_methods = {
00214 
00215         .init = idmap_nss_int_init,
00216         .unixids_to_sids = idmap_nss_unixids_to_sids,
00217         .sids_to_unixids = idmap_nss_sids_to_unixids,
00218         .close_fn = idmap_nss_close
00219 };
00220 
00221 NTSTATUS idmap_nss_init(void)
00222 {
00223         return smb_register_idmap(SMB_IDMAP_INTERFACE_VERSION, "nss", &nss_methods);
00224 }

Sambaに対してSat Aug 29 21:23:08 2009に生成されました。  doxygen 1.4.7