static bool tdb_delete_samacct_only( struct samu *sam_pass )
{
fstring keystr;
fstring name;
NTSTATUS status;
fstrcpy(name, pdb_get_username(sam_pass));
if (!strlower_m(name)) {
return false;
}
/* set the search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
/* it's outaa here! 8^) */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdb_delete_samacct_only: failed to open %s!\n",
tdbsam_filename));
return false;
}
status = dbwrap_delete_bystring(db_sam, keystr);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(5, ("Error deleting entry from tdb passwd "
"database: %s!\n", nt_errstr(status)));
return false;
}
return true;
}
NTSTATUS dbwrap_delete_bystring_upper(struct db_context *db, const char *key)
{
char *key_upper;
NTSTATUS status;
key_upper = talloc_strdup_upper(talloc_tos(), key);
if (key_upper == NULL) {
return NT_STATUS_NO_MEMORY;
}
status = dbwrap_delete_bystring(db, key_upper);
talloc_free(key_upper);
return status;
}
static NTSTATUS idmap_tdb_common_set_mapping_action(struct db_context *db,
void *private_data)
{
TDB_DATA data;
NTSTATUS ret;
struct idmap_tdb_common_set_mapping_context *state;
TALLOC_CTX *tmp_ctx = talloc_stackframe();
state = (struct idmap_tdb_common_set_mapping_context *)private_data;
DEBUG(10, ("Storing %s <-> %s map\n", state->ksidstr, state->kidstr));
/* check whether sid mapping is already present in db */
ret = dbwrap_fetch_bystring(db, tmp_ctx, state->ksidstr, &data);
if (NT_STATUS_IS_OK(ret)) {
ret = NT_STATUS_OBJECT_NAME_COLLISION;
goto done;
}
ret = dbwrap_store_bystring(db, state->ksidstr,
string_term_tdb_data(state->kidstr),
TDB_INSERT);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(0, ("Error storing SID -> ID: %s\n", nt_errstr(ret)));
goto done;
}
ret = dbwrap_store_bystring(db, state->kidstr,
string_term_tdb_data(state->ksidstr),
TDB_INSERT);
if (!NT_STATUS_IS_OK(ret)) {
DEBUG(0, ("Error storing ID -> SID: %s\n", nt_errstr(ret)));
/* try to remove the previous stored SID -> ID map */
dbwrap_delete_bystring(db, state->ksidstr);
goto done;
}
DEBUG(10, ("Stored %s <-> %s\n", state->ksidstr, state->kidstr));
done:
talloc_free(tmp_ctx);
return ret;
}
static int dbwrap_tool_delete(struct db_context *db,
const char *keyname,
const char *data)
{
NTSTATUS status;
if (dbwrap_is_persistent(db)) {
status = dbwrap_trans_delete_bystring(db, keyname);
} else {
status = dbwrap_delete_bystring(db, keyname);
}
if (!NT_STATUS_IS_OK(status)) {
d_fprintf(stderr, "ERROR deleting record %s : %s\n",
keyname, nt_errstr(status));
return -1;
}
return 0;
}
NTSTATUS privilege_delete_account(const struct dom_sid *sid)
{
struct db_context *db = get_account_pol_db();
fstring tmp, keystr;
if (!lp_enable_privileges()) {
return NT_STATUS_OK;
}
if (!db) {
return NT_STATUS_INVALID_HANDLE;
}
if (!sid || (sid->num_auths == 0)) {
return NT_STATUS_INVALID_SID;
}
/* PRIV_<SID> (NULL terminated) as the key */
fstr_sprintf(keystr, "%s%s", PRIVPREFIX, sid_to_fstring(tmp, sid));
return dbwrap_delete_bystring(db, keystr);
}
/*
save the notify array
*/
static NTSTATUS notify_save(struct notify_context *notify)
{
TDB_DATA dbuf;
DATA_BLOB blob;
enum ndr_err_code ndr_err;
TALLOC_CTX *tmp_ctx;
NTSTATUS status;
/* if possible, remove some depth arrays */
while (notify->array->num_depths > 0 &&
notify->array->depth[notify->array->num_depths-1].num_entries == 0) {
notify->array->num_depths--;
}
/* we might just be able to delete the record */
if (notify->array->num_depths == 0) {
return dbwrap_delete_bystring(notify->db, NOTIFY_KEY);
}
tmp_ctx = talloc_new(notify);
NT_STATUS_HAVE_NO_MEMORY(tmp_ctx);
ndr_err = ndr_push_struct_blob(&blob, tmp_ctx, notify->array,
(ndr_push_flags_fn_t)ndr_push_notify_array);
if (!NDR_ERR_CODE_IS_SUCCESS(ndr_err)) {
talloc_free(tmp_ctx);
return ndr_map_error2ntstatus(ndr_err);
}
dbuf.dptr = blob.data;
dbuf.dsize = blob.length;
status = dbwrap_store_bystring(notify->db, NOTIFY_KEY, dbuf,
TDB_REPLACE);
talloc_free(tmp_ctx);
return status;
}
static bool tdb_update_sam(struct pdb_methods *my_methods, struct samu* newpwd,
int flag)
{
uint32_t oldrid;
uint32_t newrid;
if (!(newrid = pdb_get_user_rid(newpwd))) {
DEBUG(0,("tdb_update_sam: struct samu (%s) with no RID!\n",
pdb_get_username(newpwd)));
return False;
}
oldrid = newrid;
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_getsampwnam: failed to open %s!\n", tdbsam_filename));
return False;
}
if (dbwrap_transaction_start(db_sam) != 0) {
DEBUG(0, ("Could not start transaction\n"));
return false;
}
/* If we are updating, we may be changing this users RID. Retrieve the old RID
so we can check. */
if (flag == TDB_MODIFY) {
struct samu *account = samu_new(talloc_tos());
if (account == NULL) {
DEBUG(0,("tdb_update_sam: samu_new() failed\n"));
goto cancel;
}
if (!NT_STATUS_IS_OK(tdbsam_getsampwnam(my_methods, account, pdb_get_username(newpwd)))) {
DEBUG(0,("tdb_update_sam: tdbsam_getsampwnam() for %s failed\n",
pdb_get_username(newpwd)));
TALLOC_FREE(account);
goto cancel;
}
if (!(oldrid = pdb_get_user_rid(account))) {
DEBUG(0,("tdb_update_sam: pdb_get_user_rid() failed\n"));
TALLOC_FREE(account);
goto cancel;
}
TALLOC_FREE(account);
}
/* Update the new samu entry. */
if (!tdb_update_samacct_only(newpwd, flag)) {
goto cancel;
}
/* Now take care of the case where the RID changed. We need
* to delete the old RID key and add the new. */
if (flag == TDB_MODIFY && newrid != oldrid) {
fstring keystr;
/* Delete old RID key */
DEBUG(10, ("tdb_update_sam: Deleting key for RID %u\n", oldrid));
fstr_sprintf(keystr, "%s%.8x", RIDPREFIX, oldrid);
if (!NT_STATUS_IS_OK(dbwrap_delete_bystring(db_sam, keystr))) {
DEBUG(0, ("tdb_update_sam: Can't delete %s\n", keystr));
goto cancel;
}
/* Insert new RID key */
DEBUG(10, ("tdb_update_sam: Inserting key for RID %u\n", newrid));
if (!tdb_update_ridrec_only(newpwd, TDB_INSERT)) {
goto cancel;
}
} else {
DEBUG(10, ("tdb_update_sam: %s key for RID %u\n",
flag == TDB_MODIFY ? "Updating" : "Inserting", newrid));
if (!tdb_update_ridrec_only(newpwd, flag)) {
goto cancel;
}
}
if (dbwrap_transaction_commit(db_sam) != 0) {
DEBUG(0, ("Could not commit transaction\n"));
return false;
}
return true;
cancel:
if (dbwrap_transaction_cancel(db_sam) != 0) {
smb_panic("transaction_cancel failed");
}
return false;
}
static NTSTATUS tdbsam_delete_sam_account(struct pdb_methods *my_methods,
struct samu *sam_pass)
{
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
fstring keystr;
uint32_t rid;
fstring name;
/* open the database */
if ( !tdbsam_open( tdbsam_filename ) ) {
DEBUG(0,("tdbsam_delete_sam_account: failed to open %s!\n",
tdbsam_filename));
return NT_STATUS_ACCESS_DENIED;
}
fstrcpy(name, pdb_get_username(sam_pass));
if (!strlower_m(name)) {
return NT_STATUS_INVALID_PARAMETER;
}
/* set the search key */
fstr_sprintf(keystr, "%s%s", USERPREFIX, name);
rid = pdb_get_user_rid(sam_pass);
/* it's outaa here! 8^) */
if (dbwrap_transaction_start(db_sam) != 0) {
DEBUG(0, ("Could not start transaction\n"));
return NT_STATUS_UNSUCCESSFUL;
}
nt_status = dbwrap_delete_bystring(db_sam, keystr);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5, ("Error deleting entry from tdb passwd "
"database: %s!\n", nt_errstr(nt_status)));
goto cancel;
}
/* set the search key */
fstr_sprintf(keystr, "%s%.8x", RIDPREFIX, rid);
/* it's outaa here! 8^) */
nt_status = dbwrap_delete_bystring(db_sam, keystr);
if (!NT_STATUS_IS_OK(nt_status)) {
DEBUG(5, ("Error deleting entry from tdb rid "
"database: %s!\n", nt_errstr(nt_status)));
goto cancel;
}
if (dbwrap_transaction_commit(db_sam) != 0) {
DEBUG(0, ("Could not commit transaction\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
return NT_STATUS_OK;
cancel:
if (dbwrap_transaction_cancel(db_sam) != 0) {
smb_panic("transaction_cancel failed");
}
return nt_status;
}
static NTSTATUS del_aliasmem(const DOM_SID *alias, const DOM_SID *member)
{
NTSTATUS status;
DOM_SID *sids;
size_t i, num;
bool found = False;
char *member_string;
char *key;
fstring sid_string;
if (db->transaction_start(db) != 0) {
DEBUG(0, ("transaction_start failed\n"));
return NT_STATUS_INTERNAL_DB_CORRUPTION;
}
status = alias_memberships(member, 1, &sids, &num);
if (!NT_STATUS_IS_OK(status)) {
goto cancel;
}
for (i=0; i<num; i++) {
if (sid_compare(&sids[i], alias) == 0) {
found = True;
break;
}
}
if (!found) {
TALLOC_FREE(sids);
status = NT_STATUS_MEMBER_NOT_IN_ALIAS;
goto cancel;
}
if (i < num)
sids[i] = sids[num-1];
num -= 1;
sid_to_fstring(sid_string, member);
key = talloc_asprintf(sids, "%s%s", MEMBEROF_PREFIX, sid_string);
if (key == NULL) {
TALLOC_FREE(sids);
status = NT_STATUS_NO_MEMORY;
goto cancel;
}
if (num == 0) {
status = dbwrap_delete_bystring(db, key);
TALLOC_FREE(sids);
goto cancel;
}
member_string = talloc_strdup(sids, "");
if (member_string == NULL) {
TALLOC_FREE(sids);
status = NT_STATUS_NO_MEMORY;
goto cancel;
}
for (i=0; i<num; i++) {
sid_to_fstring(sid_string, &sids[i]);
member_string = talloc_asprintf_append_buffer(
member_string, " %s", sid_string);
if (member_string == NULL) {
TALLOC_FREE(sids);
status = NT_STATUS_NO_MEMORY;
goto cancel;
}
}
status = dbwrap_store_bystring(
db, key, string_term_tdb_data(member_string), 0);
TALLOC_FREE(sids);
if (!NT_STATUS_IS_OK(status)) {
DEBUG(10, ("dbwrap_store_bystring failed: %s\n",
nt_errstr(status)));
goto cancel;
}
if (db->transaction_commit(db) != 0) {
DEBUG(0, ("transaction_commit failed\n"));
status = NT_STATUS_INTERNAL_DB_CORRUPTION;
goto cancel;
}
return NT_STATUS_OK;
cancel:
if (db->transaction_cancel(db) != 0) {
smb_panic("transaction_cancel failed");
}
return status;
}
