2 Samba Unix/Linux SMB client library
3 Distributed SMB/CIFS Server Management Utility
4 Copyright (C) 2003 Andrew Bartlett (abartlet@samba.org)
6 This program is free software; you can redistribute it and/or modify
7 it under the terms of the GNU General Public License as published by
8 the Free Software Foundation; either version 2 of the License, or
9 (at your option) any later version.
11 This program is distributed in the hope that it will be useful,
12 but WITHOUT ANY WARRANTY; without even the implied warranty of
13 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
14 GNU General Public License for more details.
16 You should have received a copy of the GNU General Public License
17 along with this program; if not, write to the Free Software
18 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */
21 #include "utils/net.h"
24 /***********************************************************
25 Helper function for net_idmap_dump. Dump one entry.
26 **********************************************************/
27 static int net_idmap_dump_one_entry(TDB_CONTEXT *tdb,
32 if (strcmp(key.dptr, "USER HWM") == 0) {
33 printf("USER HWM %d\n", IVAL(data.dptr,0));
37 if (strcmp(key.dptr, "GROUP HWM") == 0) {
38 printf("GROUP HWM %d\n", IVAL(data.dptr,0));
42 if (strncmp(key.dptr, "S-", 2) != 0)
45 printf("%s %s\n", data.dptr, key.dptr);
49 /***********************************************************
50 Dump the current idmap
51 **********************************************************/
52 static int net_idmap_dump(int argc, const char **argv)
54 TDB_CONTEXT *idmap_tdb;
57 return net_help_idmap( argc, argv );
59 idmap_tdb = tdb_open_log(argv[0], 0, TDB_DEFAULT, O_RDONLY, 0);
61 if (idmap_tdb == NULL) {
62 d_fprintf(stderr, "Could not open idmap: %s\n", argv[0]);
66 tdb_traverse(idmap_tdb, net_idmap_dump_one_entry, NULL);
73 /***********************************************************
74 Fix up the HWMs after a idmap restore.
75 **********************************************************/
83 static int net_idmap_find_max_id(TDB_CONTEXT *tdb, TDB_DATA key, TDB_DATA data,
86 struct hwms *hwms = (struct hwms *)handle;
91 if (strncmp(key.dptr, "S-", 2) != 0)
94 if (sscanf(data.dptr, "GID %d", &id) == 1) {
95 idptr = (void *)&hwms->group_hwm;
99 if (sscanf(data.dptr, "UID %d", &id) == 1) {
100 idptr = (void *)&hwms->user_hwm;
105 d_fprintf(stderr, "Illegal idmap entry: [%s]->[%s]\n",
106 key.dptr, data.dptr);
112 if (hwms->group_hwm <= (gid_t)id) {
113 hwms->group_hwm = (gid_t)(id+1);
116 if (hwms->user_hwm <= (uid_t)id) {
117 hwms->user_hwm = (uid_t)(id+1);
124 static NTSTATUS net_idmap_fixup_hwm(void)
126 NTSTATUS result = NT_STATUS_UNSUCCESSFUL;
127 TDB_CONTEXT *idmap_tdb;
128 char *tdbfile = NULL;
133 if (!lp_idmap_uid(&hwms.user_hwm, &highest.user_hwm) ||
134 !lp_idmap_gid(&hwms.group_hwm, &highest.group_hwm)) {
135 d_fprintf(stderr, "idmap range missing\n");
136 return NT_STATUS_UNSUCCESSFUL;
139 tdbfile = SMB_STRDUP(lock_path("winbindd_idmap.tdb"));
141 DEBUG(0, ("idmap_init: out of memory!\n"));
142 return NT_STATUS_NO_MEMORY;
145 idmap_tdb = tdb_open_log(tdbfile, 0, TDB_DEFAULT, O_RDWR, 0);
147 if (idmap_tdb == NULL) {
148 d_fprintf(stderr, "Could not open idmap: %s\n", tdbfile);
149 return NT_STATUS_NO_SUCH_FILE;
154 tdb_traverse(idmap_tdb, net_idmap_find_max_id, &hwms);
160 d_printf("USER HWM: %d GROUP HWM: %d\n",
161 hwms.user_hwm, hwms.group_hwm);
163 if (hwms.user_hwm >= highest.user_hwm) {
164 d_fprintf(stderr, "Highest UID out of uid range\n");
168 if (hwms.group_hwm >= highest.group_hwm) {
169 d_fprintf(stderr, "Highest GID out of gid range\n");
173 if ((tdb_store_int32(idmap_tdb, "USER HWM", (int32)hwms.user_hwm) != 0) ||
174 (tdb_store_int32(idmap_tdb, "GROUP HWM", (int32)hwms.group_hwm) != 0)) {
175 d_fprintf(stderr, "Could not store HWMs\n");
179 result = NT_STATUS_OK;
181 tdb_close(idmap_tdb);
185 /***********************************************************
186 Write entries from stdin to current local idmap
187 **********************************************************/
189 static int net_idmap_restore(int argc, const char **argv)
191 if (!idmap_init(lp_idmap_backend())) {
192 d_fprintf(stderr, "Could not init idmap\n");
196 while (!feof(stdin)) {
197 fstring line, sid_string, fmt_string1, fmt_string2;
200 enum idmap_type type;
204 if (fgets(line, sizeof(line)-1, stdin) == NULL)
209 if ( (len > 0) && (line[len-1] == '\n') )
212 snprintf(fmt_string1, sizeof(fmt_string1), "GID %%ul %%%us", FSTRING_LEN);
213 snprintf(fmt_string2, sizeof(fmt_string2), "UID %%ul %%%us", FSTRING_LEN);
215 if (sscanf(line, fmt_string1, &idval, sid_string) == 2) {
217 id.gid = (gid_t)idval;
218 } else if (sscanf(line, fmt_string2, &idval, sid_string) == 2) {
220 id.uid = (uid_t)idval;
222 d_printf("ignoring invalid line [%s]\n", line);
226 if (!string_to_sid(&sid, sid_string)) {
227 d_printf("ignoring invalid sid [%s]\n", sid_string);
231 if (!NT_STATUS_IS_OK(idmap_set_mapping(&sid, id, type))) {
232 d_fprintf(stderr, "Could not set mapping of %s %lu to sid %s\n",
233 (type == ID_GROUPID) ? "GID" : "UID",
234 (type == ID_GROUPID) ? (unsigned long)id.gid:
235 (unsigned long)id.uid,
236 sid_string_static(&sid));
244 return NT_STATUS_IS_OK(net_idmap_fixup_hwm()) ? 0 : -1;
247 /***********************************************************
248 Delete a SID mapping from a winbindd_idmap.tdb
249 **********************************************************/
250 static int net_idmap_delete(int argc, const char **argv)
252 TDB_CONTEXT *idmap_tdb;
257 return net_help_idmap(argc, argv);
259 idmap_tdb = tdb_open_log(argv[0], 0, TDB_DEFAULT, O_RDWR, 0);
261 if (idmap_tdb == NULL) {
262 d_fprintf(stderr, "Could not open idmap: %s\n", argv[0]);
266 fstrcpy(sid, argv[1]);
268 if (strncmp(sid, "S-1-5-", strlen("S-1-5-")) != 0) {
269 d_fprintf(stderr, "Can only delete SIDs, %s is does not start with "
275 key.dsize = strlen(key.dptr)+1;
277 data = tdb_fetch(idmap_tdb, key);
279 if (data.dptr == NULL) {
280 d_fprintf(stderr, "Could not find sid %s\n", argv[1]);
284 if (tdb_delete(idmap_tdb, key) != 0) {
285 d_fprintf(stderr, "Could not delete key %s\n", argv[1]);
289 if (tdb_delete(idmap_tdb, data) != 0) {
290 d_fprintf(stderr, "Could not delete key %s\n", data.dptr);
298 int net_help_idmap(int argc, const char **argv)
300 d_printf("net idmap dump <tdbfile>"\
301 "\n Dump current id mapping\n");
303 d_printf("net idmap restore"\
304 "\n Restore entries from stdin to current local idmap\n");
306 /* Deliberately *not* document net idmap delete */
311 /***********************************************************
312 Look at the current idmap
313 **********************************************************/
314 int net_idmap(int argc, const char **argv)
316 struct functable func[] = {
317 {"dump", net_idmap_dump},
318 {"restore", net_idmap_restore},
319 {"delete", net_idmap_delete},
320 {"help", net_help_idmap},
324 return net_run_function(argc, argv, func, net_help_idmap);