static int net_groupmap_modify(struct net_context *c, int argc, const char **argv) { struct dom_sid sid; GROUP_MAP *map = NULL; fstring ntcomment = ""; fstring type = ""; fstring ntgroup = ""; fstring unixgrp = ""; fstring sid_string = ""; enum lsa_SidType sid_type = SID_NAME_UNKNOWN; int i; gid_t gid; const char modify_usage_str[] = N_("net groupmap modify " "{ntgroup=<string>|sid=<SID>} " "[comment=<string>] " "[unixgroup=<string>] " "[type=<domain|local>]"); if (c->display_usage) { d_printf("%s\n%s\n", _("Usage:\n"), modify_usage_str); return 0; } /* get the options */ for ( i=0; i<argc; i++ ) { if ( !strncasecmp_m(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_fprintf(stderr, _("must supply a name\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "sid", strlen("sid")) ) { fstrcpy( sid_string, get_string_param( argv[i] ) ); if ( !sid_string[0] ) { d_fprintf(stderr, _("must supply a name\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { d_fprintf(stderr, _("must supply a comment string\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "unixgroup", strlen("unixgroup")) ) { fstrcpy( unixgrp, get_string_param( argv[i] ) ); if ( !unixgrp[0] ) { d_fprintf(stderr, _("must supply a group name\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "type", strlen("type")) ) { fstrcpy( type, get_string_param( argv[i] ) ); switch ( type[0] ) { case 'd': case 'D': sid_type = SID_NAME_DOM_GRP; break; case 'l': case 'L': sid_type = SID_NAME_ALIAS; break; } } else { d_fprintf(stderr, _("Bad option: %s\n"), argv[i]); return -1; } } if ( !ntgroup[0] && !sid_string[0] ) { d_printf("%s\n%s\n", _("Usage:\n"), modify_usage_str); return -1; } /* give preference to the SID; if both the ntgroup name and SID are defined, use the SID and assume that the group name could be a new name */ if ( sid_string[0] ) { if (!get_sid_from_input(&sid, sid_string)) { return -1; } } else { if (!get_sid_from_input(&sid, ntgroup)) { return -1; } } map = talloc_zero(NULL, GROUP_MAP); if (!map) { return -1; } /* Get the current mapping from the database */ if(!pdb_getgrsid(map, sid)) { d_fprintf(stderr, _("Failed to find local group SID in the database\n")); TALLOC_FREE(map); return -1; } /* * Allow changing of group type only between domain and local * We disallow changing Builtin groups !!! (SID problem) */ if (sid_type == SID_NAME_UNKNOWN) { d_fprintf(stderr, _("Can't map to an unknown group type.\n")); TALLOC_FREE(map); return -1; } if (map->sid_name_use == SID_NAME_WKN_GRP) { d_fprintf(stderr, _("You can only change between domain and local " "groups.\n")); TALLOC_FREE(map); return -1; } map->sid_name_use = sid_type; /* Change comment if new one */ if (ntcomment[0]) { map->comment = talloc_strdup(map, ntcomment); if (!map->comment) { d_fprintf(stderr, _("Out of memory!\n")); return -1; } } if (ntgroup[0]) { map->nt_name = talloc_strdup(map, ntgroup); if (!map->nt_name) { d_fprintf(stderr, _("Out of memory!\n")); return -1; } } if ( unixgrp[0] ) { gid = nametogid( unixgrp ); if ( gid == -1 ) { d_fprintf(stderr, _("Unable to lookup UNIX group %s. " "Make sure the group exists.\n"), unixgrp); TALLOC_FREE(map); return -1; } map->gid = gid; } if (!NT_STATUS_IS_OK(pdb_update_group_mapping_entry(map))) { d_fprintf(stderr, _("Could not update group database\n")); TALLOC_FREE(map); return -1; } d_printf(_("Updated mapping entry for %s\n"), map->nt_name); TALLOC_FREE(map); return 0; }
static int fswstat(Chan *c, uchar *buf, int n) { char *elem, *path, *npath, *strs, *t; int nn; Dir d; UnixFd *ufd; if(n < 2) error(Ebadstat); nn = GBIT16((uchar*)buf); strs = smalloc(nn); if(convM2D(buf, n, &d, strs) != n){ free(strs); error(Ebadstat); } path = fspath(c, nil); if(waserror()){ free(path); free(strs); nexterror(); } if(d.muid[0]) error("cannot change muid"); if(d.uid[0] || d.gid[0]){ int uid, gid; uid = -1; gid = -1; if(d.uid[0] && (uid = nametouid(d.uid)) < 0) error("unknown uid"); if(d.gid[0] && (gid = nametogid(d.gid)) < 0) error("unknown gid"); if(chown(path, uid, gid) < 0) oserror(); } ufd = c->aux; elem = lastelem(path); if(d.name[0] && strcmp(d.name, elem) != 0){ if(strchr(d.name, '/')) error(Ebadarg); npath = smalloc(strlen(path)+strlen(d.name)+1); strcpy(npath, path); t = strrchr(npath, '/'); strcpy(t+1, d.name); if(rename(path, npath) < 0){ free(npath); oserror(); } free(npath); } if(~d.mode != 0 && chmod(path, d.mode&0777) < 0) oserror(); // TODO: Code to change uid, gid. poperror(); return n; }
static int net_groupmap_add(struct net_context *c, int argc, const char **argv) { struct dom_sid sid; fstring ntgroup = ""; fstring unixgrp = ""; fstring string_sid = ""; fstring type = ""; fstring ntcomment = ""; enum lsa_SidType sid_type = SID_NAME_DOM_GRP; uint32 rid = 0; gid_t gid; int i; GROUP_MAP *map; const char *name_type; const char add_usage_str[] = N_("net groupmap add " "{rid=<int>|sid=<string>}" " unixgroup=<string> " "[type=<domain|local|builtin>] " "[ntgroup=<string>] " "[comment=<string>]"); name_type = "domain group"; if (c->display_usage) { d_printf("%s\n%s\n", _("Usage:\n"), add_usage_str); return 0; } /* get the options */ for ( i=0; i<argc; i++ ) { if ( !strncasecmp_m(argv[i], "rid", strlen("rid")) ) { rid = get_int_param(argv[i]); if ( rid < DOMAIN_RID_ADMINS ) { d_fprintf(stderr, _("RID must be greater than %d\n"), (uint32)DOMAIN_RID_ADMINS-1); return -1; } } else if ( !strncasecmp_m(argv[i], "unixgroup", strlen("unixgroup")) ) { fstrcpy( unixgrp, get_string_param( argv[i] ) ); if ( !unixgrp[0] ) { d_fprintf(stderr,_( "must supply a name\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "ntgroup", strlen("ntgroup")) ) { fstrcpy( ntgroup, get_string_param( argv[i] ) ); if ( !ntgroup[0] ) { d_fprintf(stderr, _("must supply a name\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "sid", strlen("sid")) ) { fstrcpy( string_sid, get_string_param( argv[i] ) ); if ( !string_sid[0] ) { d_fprintf(stderr, _("must supply a SID\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "comment", strlen("comment")) ) { fstrcpy( ntcomment, get_string_param( argv[i] ) ); if ( !ntcomment[0] ) { d_fprintf(stderr, _("must supply a comment string\n")); return -1; } } else if ( !strncasecmp_m(argv[i], "type", strlen("type")) ) { fstrcpy( type, get_string_param( argv[i] ) ); switch ( type[0] ) { case 'b': case 'B': sid_type = SID_NAME_WKN_GRP; name_type = "wellknown group"; break; case 'd': case 'D': sid_type = SID_NAME_DOM_GRP; name_type = "domain group"; break; case 'l': case 'L': sid_type = SID_NAME_ALIAS; name_type = "alias (local) group"; break; default: d_fprintf(stderr, _("unknown group type %s\n"), type); return -1; } } else { d_fprintf(stderr, _("Bad option: %s\n"), argv[i]); return -1; } } if ( !unixgrp[0] ) { d_printf("%s\n%s\n", _("Usage:\n"), add_usage_str); return -1; } if ( (gid = nametogid(unixgrp)) == (gid_t)-1 ) { d_fprintf(stderr, _("Can't lookup UNIX group %s\n"), unixgrp); return -1; } map = talloc_zero(NULL, GROUP_MAP); if (!map) { return -1; } /* Default is domain group. */ map->sid_name_use = SID_NAME_DOM_GRP; if (pdb_getgrgid(map, gid)) { d_printf(_("Unix group %s already mapped to SID %s\n"), unixgrp, sid_string_tos(&map->sid)); TALLOC_FREE(map); return -1; } TALLOC_FREE(map); if ( (rid == 0) && (string_sid[0] == '\0') ) { d_printf(_("No rid or sid specified, choosing a RID\n")); if (pdb_capabilities() & PDB_CAP_STORE_RIDS) { if (!pdb_new_rid(&rid)) { d_printf(_("Could not get new RID\n")); } } else { rid = algorithmic_pdb_gid_to_group_rid(gid); } d_printf(_("Got RID %d\n"), rid); } /* append the rid to our own domain/machine SID if we don't have a full SID */ if ( !string_sid[0] ) { sid_compose(&sid, get_global_sam_sid(), rid); sid_to_fstring(string_sid, &sid); } if (!ntcomment[0]) { switch (sid_type) { case SID_NAME_WKN_GRP: fstrcpy(ntcomment, "Wellknown Unix group"); break; case SID_NAME_DOM_GRP: fstrcpy(ntcomment, "Domain Unix group"); break; case SID_NAME_ALIAS: fstrcpy(ntcomment, "Local Unix group"); break; default: fstrcpy(ntcomment, "Unix group"); break; } } if (!ntgroup[0] ) strlcpy(ntgroup, unixgrp, sizeof(ntgroup)); if (!NT_STATUS_IS_OK(add_initial_entry(gid, string_sid, sid_type, ntgroup, ntcomment))) { d_fprintf(stderr, _("adding entry for group %s failed!\n"), ntgroup); return -1; } d_printf(_("Successfully added group %s to the mapping db as a %s\n"), ntgroup, name_type); return 0; }