[SCM] Samba Shared Repository - branch master updated

Michael Adam obnox at samba.org
Tue Jul 26 21:38:01 MDT 2011


The branch, master has been updated
       via  3276060 s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb"
       via  67cd2f9 s3:idmap_tdb2: remove a legacy comment
       via  4b5ada3 s3:idmap_tdb2: remove legacy comment
       via  5511855 s3:idmap_tdb2: remove superfluous initialization with bogus comment
       via  7d3dc21 s3:idmap_tdb2: fix a legacy comment that does not apply any more
       via  86973ee s3:doc: add an example with idmap script to the idmap_tdb2 manpage
       via  2f253c2 s3:docs: remove legacy text from the example in the idmap_tdb2 manpage
       via  4daab85 s3:doc: clarify the idmap script section in the idmap_tdb2 manpage
       via  2aa19b4 s3:docs:idmap_tdb2: update the documentation of idmap script
       via  b6c82f1 s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * : script" instead
      from  e98e0cf waf: update to latest waf 1.5 version

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 3276060da4e7d495bd5cf5cbf7237e64d948ee77
Author: Michael Adam <obnox at samba.org>
Date:   Fri Jun 24 10:15:02 2011 +0200

    s3:idmap_tdb2: remove the undocumented option of the silly name "tdb:idmap2.tdb"
    
    In ancient times, when ctdb had not support for persistent databases and
    tdb2 was introduced as a two-layer solution and it was more important than
    today to be able to change the location of the permanent database file
    because it had to reside on shared storage.
    
    But these were times when idmap_tdb2 was not even officially released.
    Nowadays, with ctdb handling the persistent idmap2.tdb database, the path
    is stripped anyways, so this undocumented option has become unnecessary
    and is hence removed.
    
    Autobuild-User: Michael Adam <obnox at samba.org>
    Autobuild-Date: Wed Jul 27 05:37:57 CEST 2011 on sn-devel-104

commit 67cd2f9d867fad1f7df2d6a6a5cdb723336ac495
Author: Michael Adam <obnox at samba.org>
Date:   Thu Jun 9 13:36:54 2011 +0200

    s3:idmap_tdb2: remove a legacy comment

commit 4b5ada3d27198b49771acb70ae979087235be783
Author: Michael Adam <obnox at samba.org>
Date:   Thu Jun 9 13:35:21 2011 +0200

    s3:idmap_tdb2: remove legacy comment

commit 551185573899b6e608863f833633d40ae04458d8
Author: Michael Adam <obnox at samba.org>
Date:   Thu Jun 9 13:34:04 2011 +0200

    s3:idmap_tdb2: remove superfluous initialization with bogus comment

commit 7d3dc2164b3929c642127659593e69fc865a6184
Author: Michael Adam <obnox at samba.org>
Date:   Thu Jun 9 13:07:54 2011 +0200

    s3:idmap_tdb2: fix a legacy comment that does not apply any more

commit 86973eee43605a3680fb51470a81ea9ca7f1b515
Author: Michael Adam <obnox at samba.org>
Date:   Fri Jun 24 11:38:05 2011 +0200

    s3:doc: add an example with idmap script to the idmap_tdb2 manpage

commit 2f253c2791ccb2421f26f563e3983ee950da1d05
Author: Michael Adam <obnox at samba.org>
Date:   Fri Jun 24 11:36:33 2011 +0200

    s3:docs: remove legacy text from the example in the idmap_tdb2 manpage

commit 4daab85ae60f2821a1d9d98f1edff6a318e8e3c1
Author: Michael Adam <obnox at samba.org>
Date:   Fri Jun 24 11:35:51 2011 +0200

    s3:doc: clarify the idmap script section in the idmap_tdb2 manpage

commit 2aa19b4aeb9de43a0e2b94ad1202f2068b29c710
Author: Michael Adam <obnox at samba.org>
Date:   Fri Jun 24 10:59:04 2011 +0200

    s3:docs:idmap_tdb2: update the documentation of idmap script
    
    to reflect the new variant "idmap config * : script" of configuring the idmap script

commit b6c82f18f17cdded771d285930566c1d104686aa
Author: Michael Adam <obnox at samba.org>
Date:   Tue Jun 7 18:00:36 2011 +0200

    s3:idmap_tdb2: deprecate the idmap:script parameter and use "idmap config * : script" instead
    
    With this patch, "idmap config * : script" will override "idmap : script".
    If "idmap : script" is present, a deprecation warning will be printed in any
    case. If "idmap config * : script" is not set, then the value of "idmap :script"
    will be used for backwards compatibility.

-----------------------------------------------------------------------

Summary of changes:
 docs-xml/manpages-3/idmap_tdb2.8.xml |   48 ++++++++++++++++++++++++-------
 source3/winbindd/idmap_tdb2.c        |   52 ++++++++++++++-------------------
 2 files changed, 59 insertions(+), 41 deletions(-)


Changeset truncated at 500 lines:

diff --git a/docs-xml/manpages-3/idmap_tdb2.8.xml b/docs-xml/manpages-3/idmap_tdb2.8.xml
index 980ffe6..1faf590 100644
--- a/docs-xml/manpages-3/idmap_tdb2.8.xml
+++ b/docs-xml/manpages-3/idmap_tdb2.8.xml
@@ -43,6 +43,16 @@
 			backend is authoritative.
 		</para></listitem>
 		</varlistentry>
+
+		<varlistentry>
+		<term>script</term>
+		<listitem><para>
+			This option can be used to configure an external program
+			for performing id mappings instead of using the tdb
+			counter. The mappings are then stored int tdb2 idmap
+			database. For details see the section on IDMAP SCRIPT below.
+		</para></listitem>
+		</varlistentry>
 	</variablelist>
 </refsect1>
 
@@ -50,8 +60,21 @@
 	<title>IDMAP SCRIPT</title>
 
 	<para>
-	The tdb2 idmap backend supports a script for performing id mappings
-	through the smb.conf option <parameter>idmap : script</parameter>.
+	The tdb2 idmap backend supports an external program for performing id mappings
+	through the smb.conf option <parameter>idmap config * : script</parameter> or
+	its deprecated legacy form <parameter>idmap : script</parameter>.
+	</para>
+
+	<para>
+	The mappings obtained by the script are then stored in the idmap tdb2
+	database instead of mappings created by the incrementing id counters.
+	It is therefore important that the script covers the complete range of
+	SIDs that can be passed in for SID to Unix ID mapping, since otherwise
+	SIDs unmapped by the script might get mapped to IDs that had
+	previously been mapped by the script.
+	</para>
+
+	<para>
 	The script should accept the following command line options.
 	</para>
 
@@ -72,13 +95,6 @@
 	SID:yyyy
 	ERR:yyyy
 	</programlisting>
-
-	<para>
-	Note that the script should cover the complete range of SIDs
-	that can be passed in for SID to Unix ID mapping, since otherwise
-	SIDs unmapped by the script might get mapped to IDs that had
-	previously been mapped by the script.
-	</para>
 </refsect1>
 
 <refsect1>
@@ -86,8 +102,6 @@
 
 	<para>
 	This example shows how tdb2 is used as a the default idmap backend.
-	It configures the idmap range through the global options for all
-	domains encountered.
 	</para>
 
 	<programlisting>
@@ -95,6 +109,18 @@
 	idmap config * : backend = tdb2
 	idmap config * : range = 1000000-2000000
 	</programlisting>
+
+	<para>
+	This example shows how tdb2 is used as a the default idmap backend
+	using an external program via the script parameter:
+	</para>
+
+	<programlisting>
+	[global]
+	idmap config * : backend = tdb2
+	idmap config * : range = 1000000-2000000
+	idmap config * : script = /usr/local/samba/bin/idmap_script.sh
+	</programlisting>
 </refsect1>
 
 <refsect1>
diff --git a/source3/winbindd/idmap_tdb2.c b/source3/winbindd/idmap_tdb2.c
index 2a15244..112978b 100644
--- a/source3/winbindd/idmap_tdb2.c
+++ b/source3/winbindd/idmap_tdb2.c
@@ -108,12 +108,7 @@ static NTSTATUS idmap_tdb2_open_db(struct idmap_domain *dom)
 		return NT_STATUS_OK;
 	}
 
-	db_path = lp_parm_talloc_string(-1, "tdb", "idmap2.tdb", NULL);
-	if (db_path == NULL) {
-		/* fall back to the private directory, which, despite
-		   its name, is usually on shared storage */
-		db_path = talloc_asprintf(NULL, "%s/idmap2.tdb", lp_private_dir());
-	}
+	db_path = talloc_asprintf(NULL, "%s/idmap2.tdb", lp_private_dir());
 	NT_STATUS_HAVE_NO_MEMORY(db_path);
 
 	/* Open idmap repository */
@@ -279,6 +274,8 @@ static NTSTATUS idmap_tdb2_db_init(struct idmap_domain *dom)
 {
 	NTSTATUS ret;
 	struct idmap_tdb2_context *ctx;
+	char *config_option = NULL;
+	const char * idmap_script = NULL;
 
 	ctx = talloc_zero(dom, struct idmap_tdb2_context);
 	if ( ! ctx) {
@@ -286,27 +283,28 @@ static NTSTATUS idmap_tdb2_db_init(struct idmap_domain *dom)
 		return NT_STATUS_NO_MEMORY;
 	}
 
-	if (strequal(dom->name, "*")) {
-		ctx->script = lp_parm_const_string(-1, "idmap", "script", NULL);
-		if (ctx->script) {
-			DEBUG(1, ("using idmap script '%s'\n", ctx->script));
-		}
-	} else {
-		char *config_option = NULL;
+	config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
+	if (config_option == NULL) {
+		DEBUG(0, ("Out of memory!\n"));
+		ret = NT_STATUS_NO_MEMORY;
+		goto failed;
+	}
+	ctx->script = lp_parm_const_string(-1, config_option, "script", "NULL");
+	talloc_free(config_option);
 
-		config_option = talloc_asprintf(ctx, "idmap config %s", dom->name);
-		if ( ! config_option) {
-			DEBUG(0, ("Out of memory!\n"));
-			ret = NT_STATUS_NO_MEMORY;
-			goto failed;
-		}
+	idmap_script = lp_parm_const_string(-1, "idmap", "script", NULL);
+	if (idmap_script != NULL) {
+		DEBUG(0, ("Warning: 'idmap:script' is deprecated. "
+			  " Please use 'idmap config * : script' instead!\n"));
+	}
 
-		ctx->script = lp_parm_const_string(-1, config_option, "script", NULL);
-		if (ctx->script) {
-			DEBUG(1, ("using idmap script '%s'\n", ctx->script));
-		}
+	if (strequal(dom->name, "*") && ctx->script == NULL) {
+		/* fall back to idmap:script for backwards compatibility */
+		ctx->script = idmap_script;
+	}
 
-		talloc_free(config_option);
+	if (ctx->script) {
+		DEBUG(1, ("using idmap script '%s'\n", ctx->script));
 	}
 
 	ctx->rw_ops = talloc_zero(ctx, struct idmap_rw_ops);
@@ -577,9 +575,6 @@ static NTSTATUS idmap_tdb2_id_to_sid(struct idmap_domain *dom, struct id_map *ma
 		return NT_STATUS_INVALID_PARAMETER;
 	}
 
-	/* final SAFE_FREE safe */
-	data.dptr = NULL;
-
 	if (keystr == NULL) {
 		DEBUG(0, ("Out of memory!\n"));
 		ret = NT_STATUS_NO_MEMORY;
@@ -602,8 +597,6 @@ static NTSTATUS idmap_tdb2_id_to_sid(struct idmap_domain *dom, struct id_map *ma
 		}
 
 		ret = idmap_tdb2_script(ctx, map, "IDTOSID %s", keystr);
-
-		/* store it on shared storage */
 		if (!NT_STATUS_IS_OK(ret)) {
 			goto done;
 		}
@@ -678,7 +671,6 @@ static NTSTATUS idmap_tdb2_sid_to_id(struct idmap_domain *dom, struct id_map *ma
 		}
 
 		ret = idmap_tdb2_script(ctx, map, "SIDTOID %s", keystr);
-		/* store it on shared storage */
 		if (!NT_STATUS_IS_OK(ret)) {
 			goto done;
 		}


-- 
Samba Shared Repository


More information about the samba-cvs mailing list