--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+ Main winbindd server routines
+
+ Copyright (C) Stefan Metzmacher 2005-2008
+ Copyright (C) Andrew Tridgell 2005
+ Copyright (C) Andrew Bartlett <abartlet@samba.org> 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "winbind/wb_server.h"
+#include "smbd/service_task.h"
+
+#include "s3compat_wrapper.h"
+#include "s3replace.h"
+#include "s3compat_globals.h"
+#include "s3compat_proto.h"
+
+_PUBLIC_ void s3compat_winbind_task_init(struct task_server *task)
+{
+ winbind_prepare_task(task, task->model_ops);
+ s3compat_set_tevent_ctx(task->event_ctx);
+ s3compat_set_lp_ctx(task->lp_ctx);
+ s3compat_set_msg_ctx(task->msg_ctx);
+ s3compat_initialise_winbindd(lp_configfile(task->lp_ctx));
+}
+
--- /dev/null
+/*
+ Unix SMB/CIFS implementation.
+
+ s3 compatibility routines
+
+ Copyright (C) Andrew Tridgell 2010
+
+ This program is free software; you can redistribute it and/or modify
+ it under the terms of the GNU General Public License as published by
+ the Free Software Foundation; either version 3 of the License, or
+ (at your option) any later version.
+
+ This program is distributed in the hope that it will be useful,
+ but WITHOUT ANY WARRANTY; without even the implied warranty of
+ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ GNU General Public License for more details.
+
+ You should have received a copy of the GNU General Public License
+ along with this program. If not, see <http://www.gnu.org/licenses/>.
+*/
+
+#include "includes.h"
+#include "source3/smbd/globals.h"
+#include "s3compat_wrapper.h"
+#include "source3/winbindd/winbindd.h"
+
+/* Unlike the smbd init functions, this is only run in the winbindd child, because it calls winbind_off() */
+_PUBLIC_ void s3compat_initialise_winbindd(const char *config_file)
+{
+ talloc_stackframe();
+
+ /* glibc (?) likes to print "User defined signal 1" and exit if a
+ SIGUSR[12] is received before a handler is installed */
+
+ CatchSignal(SIGUSR1, SIG_IGN);
+ CatchSignal(SIGUSR2, SIG_IGN);
+
+ set_remote_machine_name("winbindd", False);
+
+ /* Set environment variable so we don't recursively call ourselves.
+ This may also be useful interactively. */
+
+ if ( !winbind_off() ) {
+ DEBUG(0,("Failed to disable recusive winbindd calls. Exiting.\n"));
+ exit(1);
+ }
+
+ DEBUG(0,("winbindd version %s started.\n", samba_version_string()));
+ DEBUGADD(0,("%s\n", COPYRIGHT_STARTUP_MESSAGE));
+
+ /* Initialise messaging system */
+
+ if (winbind_messaging_context() == NULL) {
+ exit(1);
+ }
+
+ if (!directory_exist(lp_lockdir())) {
+ mkdir(lp_lockdir(), 0755);
+ }
+
+ /* Unblock all signals we are interested in as they may have been
+ blocked by the parent process. */
+
+ BlockSignals(False, SIGINT);
+ BlockSignals(False, SIGQUIT);
+ BlockSignals(False, SIGTERM);
+ BlockSignals(False, SIGUSR1);
+ BlockSignals(False, SIGUSR2);
+ BlockSignals(False, SIGHUP);
+ BlockSignals(False, SIGCHLD);
+
+ /* Don't use winbindd_reinit_after_fork here as
+ * we're just starting up and haven't created any
+ * winbindd-specific resources we must free yet. JRA.
+ */
+
+ if (!NT_STATUS_IS_OK(reinit_after_fork(winbind_messaging_context(),
+ winbind_event_context(),
+ false))) {
+ DEBUG(0,("reinit_after_fork() failed\n"));
+ exit(1);
+ }
+
+ winbindd_register_handlers();
+
+ DEBUG(0,("s3compat_winbindd: initialised samba3 version: %s\n",
+ samba_version_string()));
+}
+
+_PUBLIC_ void s3compat_winbindd_accepted_new_connection(int accepted_sock, bool privileged)
+{
+ winbindd_accepted_new_connection(accepted_sock, privileged);
+}
+
--- /dev/null
+
+struct auth_usersupplied_info;
+struct auth_serversupplied_info;
+
+#include "s3compat_wrapper_proto.h"
+_PUBLIC_ void s3compat_initialise_winbindd(const char *config_file);
+_PUBLIC_ void s3compat_winbindd_accepted_new_connection(int accepted_sock, bool privileged);
+_PUBLIC_ void s3compat_initialise(const char *config_file, bool interactive);
+_PUBLIC_ void s3compat_smbd_process(void);
+
AUTH_SCRIPT_SRC = 'auth/auth_script.c'
AUTH_NETLOGOND_SRC = 'auth/auth_netlogond.c'
-AUTH_SRC = '''${AUTH_SRC1} auth/auth.c ${AUTH_STATIC} auth/auth_util.c auth/token_util.c
- auth/auth_compat.c auth/auth_ntlmssp.c auth/user_info.c auth/check_samsec.c
- auth/server_info.c auth/server_info_sam.c
- ${PLAINTEXT_AUTH_SRC} ${SLCACHE_SRC} ${DCUTIL_SRC}'''
+AUTH_BASE_SRC = '''${SLCACHE_SRC} auth/user_info.c
+ auth/server_info_sam.c auth/server_info.c
+ auth/token_util.c'''
+
+AUTH_SRC = '''${AUTH_SRC1} auth/auth.c ${AUTH_STATIC} auth/auth_util.c
+ auth/auth_compat.c auth/auth_ntlmssp.c
+ ${PLAINTEXT_AUTH_SRC}'''
+
#FIXME: set IDMAP_STATIC during configuration
IDMAP_STATIC=''
winbindd/winbindd_util.c
winbindd/winbindd_cache.c
winbindd/winbindd_pam.c
+ winbindd/winbindd_pam_chng_pswd_auth_crap.c
winbindd/winbindd_misc.c
winbindd/winbindd_cm.c
winbindd/winbindd_wins.c
winbindd/winbindd_pam_logoff.c
winbindd/winbindd_pam_chauthtok.c
winbindd/winbindd_pam_auth_crap.c
- auth/token_util.c
- auth/check_samsec.c
- auth/server_info.c
- auth/server_info_sam.c
- auth/user_info.c
- smbd/chgpasswd.c
../nsswitch/libwbclient/wb_reqtrans.c'''
-WINBINDD_SRC = '''${WINBINDD_SRC1}
- ${PARAM_SRC}
- ${LIBMSRPC_SRC} ${LIBMSRPC_GEN_SRC} ${RPC_PARSE_SRC}
- ${PROFILE_SRC} ${SLCACHE_SRC} ${SMBLDAP_SRC}
- ${LIBADS_SRC} ${KRBCLIENT_SRC} ${POPT_LIB_SRC}
- ${DCUTIL_SRC} ${IDMAP_SRC} ${NSS_INFO_SRC}
- ${AFS_SRC} ${AFS_SETTOKEN_SRC}
+S3_SERVER_LIBS = '''${LIBMSRPC_SRC} ${LIBMSRPC_GEN_SRC} ${RPC_PARSE_SRC}
+ ${LIBADS_SRC} ${POPT_LIB_SRC} ${AUTH_BASE_SRC}
+ ${PROFILE_SRC} ${SLCACHE_SRC} ${SMBLDAP_SRC} ${IDMAP_SRC}
+ ${DCUTIL_SRC} ${AFS_SRC} ${AFS_SETTOKEN_SRC}
+ smbd/chgpasswd.c'''
+
+WINBINDD_SRC_BASE = '''${WINBINDD_SRC1} ${KRBCLIENT_SRC}
+ ${NSS_INFO_SRC}
${TDB_VALIDATE_SRC}'''
LIBNET_SRC = 'libnet/libnet_join.c libnet/libnet_keytab.c librpc/gen_ndr/ndr_libnet_join.c'
${RPC_PARSE_SRC1}'''
-SMBD_SRC_SRV = '''smbd/files.c smbd/chgpasswd.c smbd/connection.c
+SMBD_SRC_SRV = '''smbd/files.c smbd/connection.c
smbd/utmp.c smbd/session.c smbd/map_username.c
smbd/dfree.c smbd/dir.c smbd/password.c smbd/conn.c
smbd/share_access.c smbd/fileio.c
printing/printfsp.c lib/sysquotas.c lib/sysquotas_linux.c
lib/sysquotas_xfs.c lib/sysquotas_4A.c
smbd/change_trust_pw.c smbd/fake_file.c
- smbd/quotas.c smbd/ntquotas.c ${AFS_SRC} smbd/msdfs.c
- ${AFS_SETTOKEN_SRC} smbd/aio.c smbd/statvfs.c
+ smbd/quotas.c smbd/ntquotas.c smbd/msdfs.c
+ smbd/aio.c smbd/statvfs.c
smbd/dmapi.c smbd/signing.c
smbd/file_access.c
smbd/dnsregister.c smbd/globals.c
../libcli/smb/smb2_create_blob.c
${MANGLE_SRC} ${VFS_DEFAULT_SRC}'''
-SMBD_SRC_BASE = '''${LIBADS_SRC} ${SMBD_SRC_SRV}
- ${RPC_SERVER_SRC} ${RPC_PARSE_SRC}
+SMBD_SRC_BASE = '''${SMBD_SRC_SRV}
+ ${RPC_SERVER_SRC}
${LOCKING_SRC} ${PRINTING_SRC}
- ${PROFILE_SRC} ${PRINTBACKEND_SRC}
+ ${PRINTBACKEND_SRC}
${OPLOCK_SRC} ${NOTIFY_SRC} ${FNAME_UTIL_SRC}
- ${LIBMSRPC_SRC}
- ${LIBMSRPC_GEN_SRC} ${AVAHI_SRC}
- ${KRBCLIENT_SRC} ${REG_FULL_SRC}
- ${POPT_LIB_SRC} ${SMBLDAP_SRC}
+ ${AVAHI_SRC}
+ ${REG_FULL_SRC}
${LIBNET_SRC}
${RPC_LSA_SRC}
${RPC_NETLOG_SRC} ${RPC_SAMR_SRC}
PRINTBACKEND_SRC = 'printing/printing.c printing/nt_printing.c ${PRINTBASE_SRC}'
+S3_SERVER_LIBS_SRC = bld.EXPAND_VARIABLES('${S3_SERVER_LIBS}', vars=locals())
+
SMBD_SRC = bld.EXPAND_VARIABLES('${SMBD_SRC_BASE}', vars=locals())
+WINBINDD_SRC = bld.EXPAND_VARIABLES('${WINBINDD_SRC_BASE}', vars=locals())
+
LIB_SRC = bld.EXPAND_VARIABLES(LIB_SRC, vars=locals())
SAMBA3_INCLUDES = '#source4/s3compat/compat #source4/dynconfig #lib/talloc #lib/tevent #lib/tdb/include #source3 #source3/lib #source3/include #source3/libaddns #source3/librpc #source3/build #source4/heimdal_build #source4/heimdal/lib/com_err #source4/heimdal/lib/gssapi #source4/heimdal/lib/krb5 #source4/heimdal/lib/asn1'
public_deps='LIBNDR NDR_STANDARD'
)
-
S3_SUBSYSTEM('GROUPDB',
source=GROUPDB_SRC)
bld.SAMBA_SUBSYSTEM('s3compat_wrapper',
includes=SAMBA3_INCLUDES,
- source='s3compat.c auth_samba4.c',
autoproto='s3compat_wrapper_proto.h',
+ source='s3compat.c s3compat_winbindd.c auth_samba4.c',
deps='tdb tevent',
hide_symbols=True)
struct tevent_req *subreq;
int rc;
+#if ENABLE_S3COMPAT
+ /* this is a hack for now to enable the s3 winbindd
+ in s4 */
+ if (lp_parm_bool(conn->lp_ctx, NULL, "s3compat", "winbindd", false)) {
+ void s3compat_winbindd_accepted_new_connection(int accepted_sock, bool privileged);
+ s3compat_winbindd_accepted_new_connection(socket_get_fd(conn->socket),
+ wbsrv_socket->privileged);
+ return;
+ }
+#endif
wbsrv_conn = talloc_zero(conn, struct wbsrv_connection);
if (wbsrv_conn == NULL) {
stream_terminate_connection(conn, "wbsrv_accept: out of memory");
/*
startup the winbind task
*/
-static void winbind_task_init(struct task_server *task)
+void winbind_prepare_task(struct task_server *task, const struct model_ops *model_ops)
{
uint16_t port = 1;
- const struct model_ops *model_ops;
NTSTATUS status;
struct wbsrv_service *service;
struct wbsrv_listen_socket *listen_socket;
char *errstring;
struct dom_sid *primary_sid;
- task_server_set_title(task, "task[winbind]");
-
- /* within the winbind task we want to be a single process, so
- ask for the single process model ops and pass these to the
- stream_setup_socket() call. */
- model_ops = process_model_startup(task->event_ctx, "single");
- if (!model_ops) {
- task_server_terminate(task,
- "Can't find 'single' process model_ops", true);
- return;
- }
-
/* Make sure the directory for the Samba3 socket exists, and is of the correct permissions */
if (!directory_create_or_exist(lp_winbindd_socket_directory(task->lp_ctx), geteuid(), 0755)) {
task_server_terminate(task,
return;
}
+/*
+ startup the winbind task
+*/
+static void winbind_task_init(struct task_server *task)
+{
+ const struct model_ops *model_ops;
+
+ task_server_set_title(task, "task[winbind]");
+
+#if ENABLE_S3COMPAT
+ /* this is a hack for now to enable the s3 winbindd
+ in s4 */
+ if (lp_parm_bool(task->lp_ctx, NULL, "s3compat", "winbindd", false)) {
+ void s3compat_winbind_task_init(struct task_server *task);
+ model_ops = process_model_startup(task->event_ctx, "onefork");
+ task_server_startup(task->event_ctx, task->lp_ctx, "s3compat_winbind",
+ model_ops, s3compat_winbind_task_init);
+ return;
+ }
+#endif
+ /* within the winbind task we want to be a single process, so
+ ask for the single process model ops and pass these to the
+ stream_setup_socket() call. */
+ model_ops = process_model_startup(task->event_ctx, "single");
+ if (!model_ops) {
+ task_server_terminate(task,
+ "Can't find 'single' process model_ops", true);
+ return;
+ }
+
+ winbind_prepare_task(task, model_ops);
+
+ return;
+}
+
/*
register ourselves as a available server
*/
struct netr_LMSessionKey;
struct netr_UserSessionKey;
struct winbind_SamLogon;
+struct model_ops;
#include "winbind/wb_async_helpers.h"
#include "winbind/wb_proto.h"