svn commit: samba r21884 - in branches: SAMBA_3_0/source/nsswitch
SAMBA_3_0/source/param SAMBA_3_0_25/source/nsswitch
SAMBA_3_0_25/source/param
jerry at samba.org
jerry at samba.org
Tue Mar 20 02:43:20 GMT 2007
Author: jerry
Date: 2007-03-20 02:43:20 +0000 (Tue, 20 Mar 2007)
New Revision: 21884
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=21884
Log:
* Blacklist BUILTIN and MACHINE domains from the
idmap domains as these should only be handled by the
winbindd_passdb.c backend
* Allow the alloc init to fail for backwards compatible
configurations like
idmap backend = ad
idmap uid = 1000-100000
....
* Remove the deprecated flags from idmap backend, et. al.
These are mutually exclusive with the new configuration
options (idmap domains). Logging annoying messages
about deprecated parameters is confusing. So we'll try
this apprpach for now.
Modified:
branches/SAMBA_3_0/source/nsswitch/idmap.c
branches/SAMBA_3_0/source/param/loadparm.c
branches/SAMBA_3_0_25/source/nsswitch/idmap.c
branches/SAMBA_3_0_25/source/param/loadparm.c
Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/idmap.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-03-20 02:20:16 UTC (rev 21883)
+++ branches/SAMBA_3_0/source/nsswitch/idmap.c 2007-03-20 02:43:20 UTC (rev 21884)
@@ -297,7 +297,6 @@
char *p = NULL;
const char *q = NULL;
- DEBUG(0, ("WARNING: idmap backend is deprecated!\n"));
compat = 1;
if ( (compat_backend = talloc_strdup( idmap_ctx, *compat_list )) == NULL ) {
@@ -337,6 +336,15 @@
const char *parm_backend;
char *config_option;
+ /* ignore BUILTIN and local MACHINE domains */
+ if ( strequal(dom_list[i], "BUILTIN")
+ || strequal(dom_list[i], get_global_sam_name() ) )
+ {
+ DEBUG(0,("idmap_init: Ignoring invalid domain %s\n",
+ dom_list[i]));
+ continue;
+ }
+
if (strequal(dom_list[i], lp_workgroup())) {
pri_dom_is_in_list = True;
}
@@ -577,25 +585,30 @@
alloc_methods = get_alloc_methods(alloc_backends, alloc_backend);
}
}
- if ( ! alloc_methods) {
- DEBUG(0, ("ERROR: Could not get methods for alloc backend %s\n", alloc_backend));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
+ if ( alloc_methods) {
+ ret = alloc_methods->init(compat_params);
+ if ( ! NT_STATUS_IS_OK(ret)) {
+ DEBUG(0, ("idmap_init: Initialization failed for alloc "
+ "backend %s\n", alloc_backend));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+ } else {
+ DEBUG(2, ("idmap_init: Unable to get methods for alloc backend %s\n",
+ alloc_backend));
+ /* certain compat backends are just readonly */
+ if ( compat )
+ ret = NT_STATUS_OK;
+ else
+ ret = NT_STATUS_UNSUCCESSFUL;
}
- ret = alloc_methods->init(compat_params);
- if ( ! NT_STATUS_IS_OK(ret)) {
- DEBUG(0, ("ERROR: Initialization failed for alloc backend %s\n", alloc_backend));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
/* cleanpu temporary strings */
TALLOC_FREE( compat_backend );
backend_init_status = NT_STATUS_OK;
- return NT_STATUS_OK;
+ return ret;
done:
DEBUG(0, ("Aborting IDMAP Initialization ...\n"));
Modified: branches/SAMBA_3_0/source/param/loadparm.c
===================================================================
--- branches/SAMBA_3_0/source/param/loadparm.c 2007-03-20 02:20:16 UTC (rev 21883)
+++ branches/SAMBA_3_0/source/param/loadparm.c 2007-03-20 02:43:20 UTC (rev 21884)
@@ -1268,14 +1268,14 @@
{"passdb expand explicit", P_BOOL, P_GLOBAL, &Globals.bPassdbExpandExplicit, NULL, NULL, FLAG_ADVANCED},
{"idmap domains", P_LIST, P_GLOBAL, &Globals.szIdmapDomains, NULL, NULL, FLAG_ADVANCED},
- {"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
+ {"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED },
{"idmap alloc backend", P_STRING, P_GLOBAL, &Globals.szIdmapAllocBackend, NULL, NULL, FLAG_ADVANCED},
{"idmap expire time", P_INTEGER, P_GLOBAL, &Globals.iIdmapExpireTime, NULL, NULL, FLAG_ADVANCED},
{"idmap negative time", P_INTEGER, P_GLOBAL, &Globals.iIdmapNegativeTime, NULL, NULL, FLAG_ADVANCED},
- {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
- {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE | FLAG_DEPRECATED },
- {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
- {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_HIDE | FLAG_DEPRECATED },
+ {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED },
+ {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE },
+ {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED },
+ {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_HIDE },
{"template homedir", P_STRING, P_GLOBAL, &Globals.szTemplateHomedir, NULL, NULL, FLAG_ADVANCED},
{"template shell", P_STRING, P_GLOBAL, &Globals.szTemplateShell, NULL, NULL, FLAG_ADVANCED},
{"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED},
Modified: branches/SAMBA_3_0_25/source/nsswitch/idmap.c
===================================================================
--- branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-03-20 02:20:16 UTC (rev 21883)
+++ branches/SAMBA_3_0_25/source/nsswitch/idmap.c 2007-03-20 02:43:20 UTC (rev 21884)
@@ -297,7 +297,6 @@
char *p = NULL;
const char *q = NULL;
- DEBUG(0, ("WARNING: idmap backend is deprecated!\n"));
compat = 1;
if ( (compat_backend = talloc_strdup( idmap_ctx, *compat_list )) == NULL ) {
@@ -337,6 +336,15 @@
const char *parm_backend;
char *config_option;
+ /* ignore BUILTIN and local MACHINE domains */
+ if ( strequal(dom_list[i], "BUILTIN")
+ || strequal(dom_list[i], get_global_sam_name() ) )
+ {
+ DEBUG(0,("idmap_init: Ignoring invalid domain %s\n",
+ dom_list[i]));
+ continue;
+ }
+
if (strequal(dom_list[i], lp_workgroup())) {
pri_dom_is_in_list = True;
}
@@ -577,25 +585,30 @@
alloc_methods = get_alloc_methods(alloc_backends, alloc_backend);
}
}
- if ( ! alloc_methods) {
- DEBUG(0, ("ERROR: Could not get methods for alloc backend %s\n", alloc_backend));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
+ if ( alloc_methods) {
+ ret = alloc_methods->init(compat_params);
+ if ( ! NT_STATUS_IS_OK(ret)) {
+ DEBUG(0, ("idmap_init: Initialization failed for alloc "
+ "backend %s\n", alloc_backend));
+ ret = NT_STATUS_UNSUCCESSFUL;
+ goto done;
+ }
+ } else {
+ DEBUG(2, ("idmap_init: Unable to get methods for alloc backend %s\n",
+ alloc_backend));
+ /* certain compat backends are just readonly */
+ if ( compat )
+ ret = NT_STATUS_OK;
+ else
+ ret = NT_STATUS_UNSUCCESSFUL;
}
- ret = alloc_methods->init(compat_params);
- if ( ! NT_STATUS_IS_OK(ret)) {
- DEBUG(0, ("ERROR: Initialization failed for alloc backend %s\n", alloc_backend));
- ret = NT_STATUS_UNSUCCESSFUL;
- goto done;
- }
-
/* cleanpu temporary strings */
TALLOC_FREE( compat_backend );
backend_init_status = NT_STATUS_OK;
- return NT_STATUS_OK;
+ return ret;
done:
DEBUG(0, ("Aborting IDMAP Initialization ...\n"));
Modified: branches/SAMBA_3_0_25/source/param/loadparm.c
===================================================================
--- branches/SAMBA_3_0_25/source/param/loadparm.c 2007-03-20 02:20:16 UTC (rev 21883)
+++ branches/SAMBA_3_0_25/source/param/loadparm.c 2007-03-20 02:43:20 UTC (rev 21884)
@@ -1269,14 +1269,14 @@
{"passdb expand explicit", P_BOOL, P_GLOBAL, &Globals.bPassdbExpandExplicit, NULL, NULL, FLAG_ADVANCED},
{"idmap domains", P_LIST, P_GLOBAL, &Globals.szIdmapDomains, NULL, NULL, FLAG_ADVANCED},
- {"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
+ {"idmap backend", P_LIST, P_GLOBAL, &Globals.szIdmapBackend, NULL, NULL, FLAG_ADVANCED },
{"idmap alloc backend", P_STRING, P_GLOBAL, &Globals.szIdmapAllocBackend, NULL, NULL, FLAG_ADVANCED},
{"idmap expire time", P_INTEGER, P_GLOBAL, &Globals.iIdmapExpireTime, NULL, NULL, FLAG_ADVANCED},
{"idmap negative time", P_INTEGER, P_GLOBAL, &Globals.iIdmapNegativeTime, NULL, NULL, FLAG_ADVANCED},
- {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
- {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE | FLAG_DEPRECATED },
- {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED | FLAG_DEPRECATED },
- {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_HIDE | FLAG_DEPRECATED },
+ {"idmap uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_ADVANCED },
+ {"winbind uid", P_STRING, P_GLOBAL, &Globals.szIdmapUID, handle_idmap_uid, NULL, FLAG_HIDE },
+ {"idmap gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_ADVANCED },
+ {"winbind gid", P_STRING, P_GLOBAL, &Globals.szIdmapGID, handle_idmap_gid, NULL, FLAG_HIDE },
{"template homedir", P_STRING, P_GLOBAL, &Globals.szTemplateHomedir, NULL, NULL, FLAG_ADVANCED},
{"template shell", P_STRING, P_GLOBAL, &Globals.szTemplateShell, NULL, NULL, FLAG_ADVANCED},
{"winbind separator", P_STRING, P_GLOBAL, &Globals.szWinbindSeparator, NULL, NULL, FLAG_ADVANCED},
More information about the samba-cvs
mailing list