/*
* Add entries to a hpux ACL.
*
* Entries are directly added to the hpuxacl parameter.
* if memory allocation fails, this may result in hpuxacl
* being NULL. if the resulting acl is to be checked and is
* not valid, it is kept in hpuxacl but False is returned.
*
* The type of ACEs (access/default) to be added to the ACL can
* be selected via the type parameter.
* I use the SMB_ACL_TYPE_T type here. Since SMB_ACL_TYPE_ACCESS
* is defined as "0", this means that one can only add either
* access or default ACEs from the given ACL, not both at the same
* time. If it should become necessary to add all of an ACL, one
* would have to replace this parameter by another type.
*/
static bool hpux_add_to_acl(HPUX_ACL_T *hpux_acl, int *count,
HPUX_ACL_T add_acl, int add_count,
SMB_ACL_TYPE_T type)
{
int i;
if ((type != SMB_ACL_TYPE_ACCESS) && (type != SMB_ACL_TYPE_DEFAULT))
{
DEBUG(10, ("invalid acl type given: %d\n", type));
errno = EINVAL;
return False;
}
for (i = 0; i < add_count; i++) {
if (!_IS_OF_TYPE(add_acl[i], type)) {
continue;
}
ADD_TO_ARRAY(NULL, HPUX_ACE_T, add_acl[i],
hpux_acl, count);
if (hpux_acl == NULL) {
DEBUG(10, ("error enlarging acl.\n"));
errno = ENOMEM;
return False;
}
}
return True;
}
static NTSTATUS nt_token_to_group_list(TALLOC_CTX *mem_ctx,
const DOM_SID *domain_sid,
size_t num_sids,
const DOM_SID *sids,
int *numgroups, DOM_GID **pgids)
{
int i;
*numgroups=0;
*pgids = NULL;
for (i=0; i<num_sids; i++) {
DOM_GID gid;
if (!sid_peek_check_rid(domain_sid, &sids[i], &gid.g_rid)) {
continue;
}
gid.attr = (SE_GROUP_MANDATORY|SE_GROUP_ENABLED_BY_DEFAULT|
SE_GROUP_ENABLED);
ADD_TO_ARRAY(mem_ctx, DOM_GID, gid, pgids, numgroups);
if (*pgids == NULL) {
return NT_STATUS_NO_MEMORY;
}
}
return NT_STATUS_OK;
}
static bool wbinfo_lookuprids(const char *domain, const char *arg)
{
wbcErr wbc_status = WBC_ERR_UNKNOWN_FAILURE;
struct wbcDomainInfo *dinfo = NULL;
char *domain_name = NULL;
const char **names = NULL;
enum wbcSidType *types = NULL;
size_t i;
int num_rids;
uint32 *rids = NULL;
const char *p;
char *ridstr;
TALLOC_CTX *mem_ctx = NULL;
bool ret = false;
if ((domain == NULL) || (strequal(domain, ".")) || (domain[0] == '\0')) {
domain = get_winbind_domain();
}
/* Send request */
wbc_status = wbcDomainInfo(domain, &dinfo);
if (!WBC_ERROR_IS_OK(wbc_status)) {
d_printf("wbcDomainInfo(%s) failed: %s\n", domain,
wbcErrorString(wbc_status));
goto done;
}
mem_ctx = talloc_new(NULL);
if (mem_ctx == NULL) {
d_printf("talloc_new failed\n");
goto done;
}
num_rids = 0;
rids = NULL;
p = arg;
while (next_token_talloc(mem_ctx, &p, &ridstr, " ,\n")) {
uint32 rid = strtoul(ridstr, NULL, 10);
ADD_TO_ARRAY(mem_ctx, uint32, rid, &rids, &num_rids);
}
if (rids == NULL) {
d_printf("no rids\n");
goto done;
}
wbc_status = wbcLookupRids(&dinfo->sid, num_rids, rids,
(const char **)&domain_name, &names, &types);
if (!WBC_ERROR_IS_OK(wbc_status)) {
d_printf("winbind_lookup_rids failed: %s\n",
wbcErrorString(wbc_status));
goto done;
}
d_printf("Domain: %s\n", domain_name);
for (i=0; i<num_rids; i++) {
d_printf("%8d: %s (%s)\n", rids[i], names[i],
sid_type_lookup(types[i]));
}
ret = true;
done:
if (dinfo) {
wbcFreeMemory(dinfo);
}
if (domain_name) {
wbcFreeMemory(domain_name);
}
if (names) {
wbcFreeMemory(names);
}
if (types) {
wbcFreeMemory(types);
}
TALLOC_FREE(mem_ctx);
return ret;
}