/** * Fill in credentials for the machine trust account, from the secrets database. * * @param cred Credentials structure to fill in * @retval NTSTATUS error detailing any failure */ _PUBLIC_ NTSTATUS cli_credentials_set_machine_account(struct cli_credentials *cred, struct loadparm_context *lp_ctx) { struct db_context *db_ctx; char *secrets_tdb_path; int hash_size, tdb_flags; secrets_tdb_path = lpcfg_private_db_path(cred, lp_ctx, "secrets"); if (secrets_tdb_path == NULL) { return NT_STATUS_NO_MEMORY; } hash_size = lpcfg_tdb_hash_size(lp_ctx, secrets_tdb_path); tdb_flags = lpcfg_tdb_flags(lp_ctx, TDB_DEFAULT); db_ctx = dbwrap_local_open( cred, secrets_tdb_path, hash_size, tdb_flags, O_RDWR, 0600, DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE); TALLOC_FREE(secrets_tdb_path); /* * We do not check for errors here, we might not have a * secrets.tdb at all, and so we just need to check the * secrets.ldb */ return cli_credentials_set_machine_account_db_ctx(cred, lp_ctx, db_ctx); }
struct db_context *dbwrap_local_open(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *name, int hash_size, int tdb_flags, int open_flags, mode_t mode, enum dbwrap_lock_order lock_order, uint64_t dbwrap_flags) { struct db_context *db = NULL; if (hash_size == 0) { hash_size = lpcfg_tdb_hash_size(lp_ctx, name); } db = db_open_tdb(mem_ctx, name, hash_size, lpcfg_tdb_flags(lp_ctx, tdb_flags), open_flags, mode, lock_order, dbwrap_flags); return db; }
struct db_context *db_open_tdb(TALLOC_CTX *mem_ctx, struct loadparm_context *lp_ctx, const char *name, int hash_size, int tdb_flags, int open_flags, mode_t mode, enum dbwrap_lock_order lock_order, uint64_t dbrwap_flags) { struct db_context *result = NULL; struct db_tdb_ctx *db_tdb; struct stat st; result = talloc_zero(mem_ctx, struct db_context); if (result == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } result->private_data = db_tdb = talloc(result, struct db_tdb_ctx); if (db_tdb == NULL) { DEBUG(0, ("talloc failed\n")); goto fail; } result->lock_order = lock_order; if (hash_size == 0) { hash_size = lpcfg_tdb_hash_size(lp_ctx, name); } db_tdb->wtdb = tdb_wrap_open(db_tdb, name, hash_size, lpcfg_tdb_flags(lp_ctx, tdb_flags), open_flags, mode); if (db_tdb->wtdb == NULL) { DEBUG(3, ("Could not open tdb: %s\n", strerror(errno))); goto fail; } ZERO_STRUCT(db_tdb->id); if (fstat(tdb_fd(db_tdb->wtdb->tdb), &st) == -1) { DEBUG(3, ("fstat failed: %s\n", strerror(errno))); goto fail; } db_tdb->id.dev = st.st_dev; db_tdb->id.ino = st.st_ino; result->fetch_locked = db_tdb_fetch_locked; result->try_fetch_locked = db_tdb_try_fetch_locked; result->traverse = db_tdb_traverse; result->traverse_read = db_tdb_traverse_read; result->parse_record = db_tdb_parse; result->get_seqnum = db_tdb_get_seqnum; result->persistent = ((tdb_flags & TDB_CLEAR_IF_FIRST) == 0); result->transaction_start = db_tdb_transaction_start; result->transaction_start_nonblock = db_tdb_transaction_start_nonblock; result->transaction_commit = db_tdb_transaction_commit; result->transaction_cancel = db_tdb_transaction_cancel; result->exists = db_tdb_exists; result->wipe = db_tdb_wipe; result->id = db_tdb_id; result->check = db_tdb_check; result->name = tdb_name(db_tdb->wtdb->tdb); result->hash_size = hash_size; return result; fail: TALLOC_FREE(result); return NULL; }
/** * open a database */ struct db_context *db_open(TALLOC_CTX *mem_ctx, const char *name, int hash_size, int tdb_flags, int open_flags, mode_t mode, enum dbwrap_lock_order lock_order, uint64_t dbwrap_flags) { struct db_context *result = NULL; const char *sockname; if (!DBWRAP_LOCK_ORDER_VALID(lock_order)) { errno = EINVAL; return NULL; } if (tdb_flags & TDB_CLEAR_IF_FIRST) { const char *base; bool try_readonly = false; base = strrchr_m(name, '/'); if (base != NULL) { base += 1; } else { base = name; } if (dbwrap_flags & DBWRAP_FLAG_OPTIMIZE_READONLY_ACCESS) { try_readonly = true; } try_readonly = lp_parm_bool(-1, "dbwrap_optimize_readonly", "*", try_readonly); try_readonly = lp_parm_bool(-1, "dbwrap_optimize_readonly", base, try_readonly); if (try_readonly) { dbwrap_flags |= DBWRAP_FLAG_OPTIMIZE_READONLY_ACCESS; } else { dbwrap_flags &= ~DBWRAP_FLAG_OPTIMIZE_READONLY_ACCESS; } } if (tdb_flags & TDB_CLEAR_IF_FIRST) { const char *base; bool try_mutex = true; bool require_mutex = false; base = strrchr_m(name, '/'); if (base != NULL) { base += 1; } else { base = name; } try_mutex = lp_parm_bool(-1, "dbwrap_tdb_mutexes", "*", try_mutex); try_mutex = lp_parm_bool(-1, "dbwrap_tdb_mutexes", base, try_mutex); if (!lp_use_mmap()) { /* * Mutexes require mmap. "use mmap = no" can * be a debugging tool, so let it override the * mutex parameters */ try_mutex = false; } if (try_mutex && tdb_runtime_check_for_robust_mutexes()) { tdb_flags |= TDB_MUTEX_LOCKING; } require_mutex = lp_parm_bool(-1, "dbwrap_tdb_require_mutexes", "*", require_mutex); require_mutex = lp_parm_bool(-1, "dbwrap_tdb_require_mutexes", base, require_mutex); if (require_mutex) { tdb_flags |= TDB_MUTEX_LOCKING; } } sockname = lp_ctdbd_socket(); if (lp_clustering()) { const char *partname; if (!socket_exist(sockname)) { DEBUG(1, ("ctdb socket does not exist - is ctdb not " "running?\n")); return NULL; } /* ctdb only wants the file part of the name */ partname = strrchr(name, '/'); if (partname) { partname++; } else { partname = name; } /* allow ctdb for individual databases to be disabled */ if (lp_parm_bool(-1, "ctdb", partname, True)) { struct messaging_context *msg_ctx; struct ctdbd_connection *conn; conn = messaging_ctdb_connection(); if (conn == NULL) { DBG_WARNING("No ctdb connection\n"); errno = EIO; return NULL; } msg_ctx = server_messaging_context(); result = db_open_ctdb(mem_ctx, msg_ctx, partname, hash_size, tdb_flags, open_flags, mode, lock_order, dbwrap_flags); if (result == NULL) { DEBUG(0,("failed to attach to ctdb %s\n", partname)); if (errno == 0) { errno = EIO; } return NULL; } } } if (result == NULL) { struct loadparm_context *lp_ctx = loadparm_init_s3(mem_ctx, loadparm_s3_helpers()); if (hash_size == 0) { hash_size = lpcfg_tdb_hash_size(lp_ctx, name); } tdb_flags = lpcfg_tdb_flags(lp_ctx, tdb_flags); result = dbwrap_local_open( mem_ctx, name, hash_size, tdb_flags, open_flags, mode, lock_order, dbwrap_flags); talloc_unlink(mem_ctx, lp_ctx); } return result; }