static void nss_test_errors(void) { struct passwd *pwd; struct group *grp; pwd = getpwnam("nosuchname"); if (pwd || last_error != NSS_STATUS_NOTFOUND) { total_errors++; printf("ERROR Non existant user gave error %d\n", last_error); } pwd = getpwuid(0xFFF0); if (pwd || last_error != NSS_STATUS_NOTFOUND) { total_errors++; printf("ERROR Non existant uid gave error %d\n", last_error); } grp = sys_getgrnam("nosuchgroup"); if (grp || last_error != NSS_STATUS_NOTFOUND) { total_errors++; printf("ERROR Non existant group gave error %d\n", last_error); } grp = sys_getgrgid(0xFFF0); if (grp || last_error != NSS_STATUS_NOTFOUND) { total_errors++; printf("ERROR Non existant gid gave error %d\n", last_error); } }
static NTSTATUS cmd_stat(struct vfs_state *vfs, TALLOC_CTX *mem_ctx, int argc, const char **argv) { int ret; const char *user; const char *group; struct passwd *pwd = NULL; struct group *grp = NULL; SMB_STRUCT_STAT st; if (argc != 2) { printf("Usage: stat <fname>\n"); return NT_STATUS_OK; } ret = SMB_VFS_STAT(vfs->conn, argv[1], &st); if (ret == -1) { printf("stat: error=%d (%s)\n", errno, strerror(errno)); return NT_STATUS_UNSUCCESSFUL; } pwd = sys_getpwuid(st.st_uid); if (pwd != NULL) user = pwd->pw_name; else user = null_string; grp = sys_getgrgid(st.st_gid); if (grp != NULL) group = grp->gr_name; else group = null_string; printf("stat: ok\n"); printf(" File: %s", argv[1]); if (S_ISREG(st.st_mode)) printf(" Regular File\n"); else if (S_ISDIR(st.st_mode)) printf(" Directory\n"); else if (S_ISCHR(st.st_mode)) printf(" Character Device\n"); else if (S_ISBLK(st.st_mode)) printf(" Block Device\n"); else if (S_ISFIFO(st.st_mode)) printf(" Fifo\n"); else if (S_ISLNK(st.st_mode)) printf(" Symbolic Link\n"); else if (S_ISSOCK(st.st_mode)) printf(" Socket\n"); printf(" Size: %10u", (unsigned int)st.st_size); #ifdef HAVE_STAT_ST_BLOCKS printf(" Blocks: %9u", (unsigned int)st.st_blocks); #endif #ifdef HAVE_STAT_ST_BLKSIZE printf(" IO Block: %u\n", (unsigned int)st.st_blksize); #endif printf(" Device: 0x%10x", (unsigned int)st.st_dev); printf(" Inode: %10u", (unsigned int)st.st_ino); printf(" Links: %10u\n", (unsigned int)st.st_nlink); printf(" Access: %05o", (st.st_mode) & 007777); printf(" Uid: %5lu/%.16s Gid: %5lu/%.16s\n", (unsigned long)st.st_uid, user, (unsigned long)st.st_gid, group); printf(" Access: %s", ctime(&(st.st_atime))); printf(" Modify: %s", ctime(&(st.st_mtime))); printf(" Change: %s", ctime(&(st.st_ctime))); SAFE_FREE(pwd); SAFE_FREE(grp); return NT_STATUS_OK; }
int main(int argc, char **argv) { struct group *gr; gid_t gid; /* Check args */ if (argc != 2) { printf("ERROR: no arg specified\n"); exit(1); } if ((gid = atoi(argv[1])) == 0) { printf("ERROR: invalid gid specified\n"); exit(1); } /* Do getgrgid() */ if ((gr = sys_getgrgid(gid)) == NULL) { printf("FAIL: gid %d does not exist\n", gid); exit(1); } /* Print group info */ printf("PASS: gid %d exists\n", gid); printf("gr_name = %s\n", gr->gr_name); printf("gr_passwd = %s\n", gr->gr_passwd); printf("gr_gid = %d\n", gr->gr_gid); /* Group membership */ if (gr->gr_mem != NULL) { int i = 0; printf("gr_mem = "); while(gr->gr_mem[i] != NULL) { printf("%s", gr->gr_mem[i]); i++; if (gr->gr_mem != NULL) { printf(","); } } printf("\n"); } exit(0); }
/******************************************************************* gets a domain user's groups ********************************************************************/ BOOL get_domain_user_groups(TALLOC_CTX *ctx, int *numgroups, DOM_GID **pgids, SAM_ACCOUNT *sam_pass) { GROUP_MAP *map=NULL; int i, num, num_entries, cur_gid=0; struct group *grp; DOM_GID *gids; fstring user_name; uint32 grid; uint32 tmp_rid; BOOL ret; *numgroups= 0; fstrcpy(user_name, pdb_get_username(sam_pass)); grid=pdb_get_group_rid(sam_pass); DEBUG(10,("get_domain_user_groups: searching domain groups [%s] is a member of\n", user_name)); /* we must wrap this is become/unbecome root for ldap backends */ become_root(); /* first get the list of the domain groups */ ret = pdb_enum_group_mapping(SID_NAME_DOM_GRP, &map, &num_entries, ENUM_ONLY_MAPPED); unbecome_root(); /* end wrapper for group enumeration */ if ( !ret ) return False; DEBUG(10,("get_domain_user_groups: there are %d mapped groups\n", num_entries)); /* * alloc memory. In the worse case, we alloc memory for nothing. * but I prefer to alloc for nothing * than reallocing everytime. */ gids = (DOM_GID *)talloc(ctx, sizeof(DOM_GID) * num_entries); /* for each group, check if the user is a member of. Only include groups from this domain */ for(i=0; i<num_entries; i++) { if ( !sid_check_is_in_our_domain(&map[i].sid) ) { DEBUG(10,("get_domain_user_groups: skipping check of %s since it is not in our domain\n", map[i].nt_name)); continue; } if ((grp=sys_getgrgid(map[i].gid)) == NULL) { /* very weird !!! */ DEBUG(5,("get_domain_user_groups: gid %d doesn't exist anymore !\n", (int)map[i].gid)); continue; } for(num=0; grp->gr_mem[num]!=NULL; num++) { if(strcmp(grp->gr_mem[num], user_name)==0) { /* we found the user, add the group to the list */ sid_peek_rid(&map[i].sid, &(gids[cur_gid].g_rid)); gids[cur_gid].attr=7; DEBUG(10,("get_domain_user_groups: user found in group %s\n", map[i].nt_name)); cur_gid++; break; } } } /* we have checked the groups */ /* we must now check the gid of the user or the primary group rid, that's the same */ for (i=0; i<cur_gid && grid!=gids[i].g_rid; i++) ; /* the user's gid is already there */ if (i!=cur_gid) { /* * the primary group of the user but be the first one in the list * don't ask ! JFM. */ gids[i].g_rid=gids[0].g_rid; gids[0].g_rid=grid; goto done; } for(i=0; i<num_entries; i++) { sid_peek_rid(&map[i].sid, &tmp_rid); if (tmp_rid==grid) { /* * the primary group of the user but be the first one in the list * don't ask ! JFM. */ gids[cur_gid].g_rid=gids[0].g_rid; gids[0].g_rid=tmp_rid; gids[cur_gid].attr=7; DEBUG(10,("get_domain_user_groups: primary gid of user found in group %s\n", map[i].nt_name)); cur_gid++; goto done; /* leave the loop early */ } } DEBUG(0,("get_domain_user_groups: primary gid of user [%s] is not a Domain group !\n", user_name)); DEBUGADD(0,("get_domain_user_groups: You should fix it, NT doesn't like that\n")); done: *pgids=gids; *numgroups=cur_gid; SAFE_FREE(map); return True; }
enum winbindd_result winbindd_gid_to_sid(struct winbindd_cli_state *state) { DOM_SID sid; DEBUG(3, ("[%5lu]: gid to sid %lu\n", (unsigned long)state->pid, (unsigned long)state->request.data.gid)); if ( (state->request.data.gid < server_state.gid_low) || (state->request.data.gid > server_state.gid_high) ) { struct group *grp = NULL; enum SID_NAME_USE type; unid_t id; struct winbindd_domain *domain; /* SPECIAL CASE FOR MEMBERS OF SAMBA DOMAINS */ /* if we don't trust /etc/group then when can't know anything about this gid */ if ( !lp_winbind_trusted_domains_only() ) return WINBINDD_ERROR; /* look for an idmap entry first */ if ( NT_STATUS_IS_OK(idmap_gid_to_sid(&sid, state->request.data.gid)) ) goto done; /* if users exist in /etc/group, we should try to use that gid. Get the username and the lookup the SID */ if ( !(grp = sys_getgrgid(state->request.data.gid)) ) return WINBINDD_ERROR; if ( !(domain = find_our_domain()) ) { DEBUG(0,("winbindd_uid_to_sid: can't find my own domain!\n")); return WINBINDD_ERROR; } if ( !winbindd_lookup_sid_by_name(domain, grp->gr_name, &sid, &type) ) return WINBINDD_ERROR; if ( type!=SID_NAME_DOM_GRP && type!=SID_NAME_ALIAS ) return WINBINDD_ERROR; /* don't fail if we can't store it */ id.gid = grp->gr_gid; idmap_set_mapping( &sid, id, ID_GROUPID ); goto done; } /* Lookup sid for this uid */ if (!NT_STATUS_IS_OK(idmap_gid_to_sid(&sid, state->request.data.gid))) { DEBUG(1, ("Could not convert gid %lu to sid\n", (unsigned long)state->request.data.gid)); return WINBINDD_ERROR; } done: /* Construct sid and return it */ sid_to_string(state->response.data.sid.sid, &sid); state->response.data.sid.type = SID_NAME_DOM_GRP; return WINBINDD_OK; }