Group patch 2: 14/11/2001 HEAD
Bolke de Bruin
bolke at xs4all.nl
Tue Nov 13 15:54:02 GMT 2001
Ok;
This patch is intended to let samba properly return usergroups; As i have
been told this is not the right approach
so it is here more or less "to look at". Wibind/ldap support should be added
as well
Bolke
? intl/lang_tdb.po
Index: Makefile.in
===================================================================
RCS file: /cvsroot/samba/source/Makefile.in,v
retrieving revision 1.366
diff -u -r1.366 Makefile.in
--- Makefile.in 7 Nov 2001 22:38:03 -0000 1.366
+++ Makefile.in 13 Nov 2001 23:42:04 -0000
@@ -142,7 +142,6 @@
rpc_server/srv_util.o rpc_server/srv_wkssvc.o
rpc_server/srv_wkssvc_nt.o \
rpc_server/srv_pipe.o rpc_server/srv_dfs.o
rpc_server/srv_dfs_nt.o \
rpc_server/srv_spoolss.o rpc_server/srv_spoolss_nt.o \
- lib/util_getent.o
# this includes only the low level parse code, not stuff
# that requires knowledge of security contexts
@@ -170,7 +169,7 @@
passdb/pdb_tdb.o passdb/pdb_ldap.o \
passdb/pdb_nisplus.o
-GROUPDB_OBJ = groupdb/mapping.o
+GROUPDB_OBJ = groupdb/mapping.o lib/util_getent.o
# passdb/smbpass.o passdb/ldap.o passdb/nispass.o
Index: groupdb/mapping.c
===================================================================
RCS file: /cvsroot/samba/source/groupdb/mapping.c,v
retrieving revision 1.15
diff -u -r1.15 mapping.c
--- groupdb/mapping.c 2 Oct 2001 04:29:22 -0000 1.15
+++ groupdb/mapping.c 13 Nov 2001 23:42:05 -0000
@@ -712,6 +712,73 @@
return True;
}
+BOOL get_gid_list_of_user(uid_t uid, gid_t **gid, int *num_gids)
+{
+
+ int i=0;
+ struct passwd *pwd;
+ struct sys_grent *sgrp;
+ struct group *grp;
+ char *gr;
+ gid_t *g;
+
+ *num_gids = 0;
+ *gid = NULL;
+
+ // we shoudl check if the uid exists
+ // necessary?
+ if ( getpwuid(uid) == NULL)
+ return False;
+
+ // then we should enumerate the groups
+ // looking for the username
+
+ DEBUG(10, ("get_gid_list_of_user: getting memberships\n"));
+
+ sgrp = getgrent_list();
+
+ if (sgrp == NULL)
+ return False;
+
+ for (;sgrp != NULL; sgrp = sgrp->next) {
+
+ if ( (grp = getgrgid(sgrp->gr_gid)) == NULL)
+ continue;
+
+ gr = grp->gr_mem[0];
+
+
+
+ while (gr && (*gr != (char)'\0')) {
+ if ((pwd=sys_getpwnam(gr)) != NULL && pwd->pw_uid == uid) {
+
+ g = Realloc((*gid), sizeof(gid_t)*(*num_gids+1));
+ if (!g) {
+ DEBUG(0,("get_group_list_of_uid: unable to enlarge gid list!\n"));
+ }
+ else (*gid) = g;
+
+ (*gid)[*num_gids]= grp->gr_gid;
+ (*num_gids)++;
+
+ }
+
+ gr = grp->gr_mem[++i];
+
+ }
+
+ }
+
+ DEBUG(10, ("got [%d] memberships\n", *num_gids));
+
+ return True;
+}
+
+
+
+
+
+
/***************************************************************************
*
Create a UNIX group on demand.
****************************************************************************
/
Index: passdb/passdb.c
===================================================================
RCS file: /cvsroot/samba/source/passdb/passdb.c,v
retrieving revision 1.118
diff -u -r1.118 passdb.c
--- passdb/passdb.c 11 Nov 2001 11:00:38 -0000 1.118
+++ passdb/passdb.c 13 Nov 2001 23:42:06 -0000
@@ -1,4 +1,4 @@
-/*
+ /*
Unix SMB/Netbios implementation.
Version 1.9.
Password and authentication handling
@@ -117,7 +117,7 @@
Initialises a struct sam_passwd with sane values.
************************************************************/
-BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, const struct passwd *pwd)
+BOOL pdb_init_sam_pw(SAM_ACCOUNT **new_sam_acct, const struct passwd *pwd)
{
pstring str;
extern BOOL sam_logon_in_ssb;
@@ -534,34 +534,54 @@
}
} else {
- gid_t gid;
- struct group *gr;
+ if (rid == DOMAIN_GROUP_RID_ADMINS) {
+ pstring admin_groups;
+ char *p = admin_groups;
+ *psid_name_use = SID_NAME_ALIAS;
+ if (!next_token(&p, name, NULL, sizeof(fstring)))
+ fstrcpy(name, "Domain Administrators");
+ } else if (rid == DOMAIN_GROUP_RID_GUESTS) {
+ pstring guest_groups;
+ char *p = guest_groups;
+ *psid_name_use = SID_NAME_ALIAS;
+ if (!next_token(&p, name, NULL, sizeof(fstring)))
+ fstrcpy(name, "Domain Guests");
+ } else if (rid == DOMAIN_GROUP_RID_USERS) {
+ pstring user_groups;
+ char *p = user_groups;
+ *psid_name_use = SID_NAME_ALIAS;
+ if (!next_token(&p, name, NULL, sizeof(fstring)))
+ fstrcpy(name, "Domain Users");
+ } else {
+ gid_t gid;
+ struct group *gr;
- /*
- * Don't try to convert the rid to a name if running
- * in appliance mode
- */
+ /*
+ * Don't try to convert the rid to a name if running
+ * in appliance mode
+ */
- if (lp_hide_local_users())
- return False;
+ if (lp_hide_local_users())
+ return False;
- gid = pdb_user_rid_to_gid(rid);
- gr = getgrgid(gid);
+ gid = pdb_user_rid_to_gid(rid);
+ gr = getgrgid(gid);
- *psid_name_use = SID_NAME_ALIAS;
+ *psid_name_use = SID_NAME_ALIAS;
- DEBUG(5,("local_local_rid: looking up gid %u %s\n", (unsigned int)gid,
+ DEBUG(5,("local_local_rid: looking up gid %u %s\n", (unsigned int)gid,
gr ? "succeeded" : "failed" ));
- if(!gr) {
- slprintf(name, sizeof(fstring)-1, "unix_group.%u", (unsigned int)gid);
- return True;
- }
+ if(!gr) {
+ slprintf(name, sizeof(fstring)-1, "unix_group.%u", (unsigned int)gid);
+ return True;
+ }
- fstrcpy( name, gr->gr_name);
+ fstrcpy( name, gr->gr_name);
- DEBUG(5,("local_lookup_rid: found group %s for rid %u\n", name,
- (unsigned int)rid ));
+ DEBUG(5,("local_lookup_rid: found group %s for rid %u\n", name,
+ (unsigned int)rid ));
+ }
}
return True;
@@ -782,10 +802,8 @@
select_name(to->unknown_str , &from->uni_unknown_str );
select_name(to->munged_dial , &from->uni_munged_dial );
- if (from->user_rid)
- to->user_rid = from->user_rid;
- if (from->group_rid)
- to->group_rid = from->group_rid;
+ to->user_rid = from->user_rid;
+ to->group_rid = from->group_rid;
to->acct_ctrl = from->acb_info;
to->unknown_3 = from->unknown_3;
Index: rpc_server/srv_util.c
===================================================================
RCS file: /cvsroot/samba/source/rpc_server/srv_util.c,v
retrieving revision 1.58
diff -u -r1.58 srv_util.c
--- rpc_server/srv_util.c 29 Oct 2001 07:35:10 -0000 1.58
+++ rpc_server/srv_util.c 13 Nov 2001 23:42:06 -0000
@@ -157,6 +157,10 @@
void get_domain_user_groups(char *domain_groups, const char *user)
{
pstring tmp;
+ struct passwd *pwd=NULL;
+ gid_t *gid=NULL;
+ int num_gids = 0;
+ int i=0;
if (domain_groups == NULL || user == NULL) return;
@@ -181,6 +185,18 @@
pstrcat(domain_groups, tmp);
DEBUG(3,("domain admin group access %s granted\n", tmp));
+ }
+
+ pwd = getpwnam(user);
+ // ^^^ is not the right to do i think
+ if (!get_gid_list_of_user(pwd->pw_uid, &gid, &num_gids)) {
+ DEBUG(10,("HUH??????"));
+ }
+
+ for (i=0; i<num_gids; i++) {
+ slprintf(tmp, sizeof(tmp) - 1, " %ld/7 ", pdb_gid_to_group_rid(gid[i]));
+ pstrcat(domain_groups, tmp);
+ DEBUG(3,("group RID \n", tmp));
}
}
}
More information about the samba-technical
mailing list