Exemplo n.º 1
0
static WERROR mount_samba_hive(struct registry_context *ctx,
			       struct tevent_context *event_ctx,
			       struct loadparm_context *lp_ctx,
			       struct auth_session_info *auth_info,
			       struct cli_credentials *creds,
			       const char *name,
			       uint32_t hive_id)
{
	WERROR error;
	struct hive_key *hive;
	const char *location;

	location = talloc_asprintf(ctx, "%s/%s.ldb",
				   lp_private_dir(lp_ctx),
				   name);

	error = reg_open_hive(ctx, location, auth_info, creds, event_ctx, lp_ctx, &hive);

	if (W_ERROR_EQUAL(error, WERR_BADFILE))
		error = reg_open_ldb_file(ctx, location, auth_info,
					  creds, event_ctx, lp_ctx, &hive);

	if (!W_ERROR_IS_OK(error))
		return error;

	return reg_mount_hive(ctx, hive, hive_id, NULL);
}
Exemplo n.º 2
0
/*
  open the permanent tdb
 */
static NTSTATUS idmap_tdb2_open_db(void)
{
	char *db_path;
	
	if (idmap_tdb2) {
		/* its already open */
		return NT_STATUS_OK;
	}

	db_path = lp_parm_talloc_string(-1, "tdb", "idmap2.tdb", NULL);
	if (db_path == NULL) {
		/* fall back to the private directory, which, despite
		   its name, is usually on shared storage */
		db_path = talloc_asprintf(NULL, "%s/idmap2.tdb", lp_private_dir());
	}
	NT_STATUS_HAVE_NO_MEMORY(db_path);

	/* Open idmap repository */
	idmap_tdb2 = db_open(NULL, db_path, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0644);
	TALLOC_FREE(db_path);

	if (idmap_tdb2 == NULL) {
		DEBUG(0, ("Unable to open idmap_tdb2 database '%s'\n",
			  db_path));
		return NT_STATUS_UNSUCCESSFUL;
	}

	/* load the ranges and high/low water marks */
	return idmap_tdb2_alloc_load();
}
Exemplo n.º 3
0
static bool open_db(struct idmap_tdb_common_context *ctx)
{
	NTSTATUS status;
	char *db_path;

	if(ctx->db) {
		/* already open */
		return true;
	}

	db_path = talloc_asprintf(talloc_tos(), "%s/idmap_test.tdb",
				  lp_private_dir());
	if(!db_path) {
		DEBUG(0, ("Out of memory!\n"));
		return false;
	}

	ctx->db = db_open(ctx, db_path, 0, TDB_DEFAULT,
			  O_RDWR | O_CREAT, 0600,
			  DBWRAP_LOCK_ORDER_1, DBWRAP_FLAG_NONE);

	if(!ctx->db) {
		DEBUG(0, ("Failed to open database: %s\n", strerror(errno)));
		return false;
	}

	if(dbwrap_transaction_start(ctx->db) != 0) {
		DEBUG(0, ("Failed to start transaction!\n"));
		return false;
	}

	status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_uid,
					      LOW_ID);
	if(!NT_STATUS_IS_OK(status)) {
		dbwrap_transaction_cancel(ctx->db);
		return false;
	}

	status = dbwrap_store_uint32_bystring(ctx->db, ctx->hwmkey_gid,
					      LOW_ID);
	if(!NT_STATUS_IS_OK(status)) {
		dbwrap_transaction_cancel(ctx->db);
		return false;
	}

	if(dbwrap_transaction_commit(ctx->db) != 0) {
		DEBUG(0, ("Failed to commit transaction!\n"));
		return false;
	}

	return true;
}
Exemplo n.º 4
0
static NTSTATUS get_ldapi_ctx(TALLOC_CTX *mem_ctx, struct tldap_context **pld)
{
	struct tldap_context *ld;
	struct sockaddr_un addr;
	char *sockaddr;
	int fd;
	NTSTATUS status;
	int res;

	sockaddr = talloc_asprintf(talloc_tos(), "/%s/ldap_priv/ldapi",
				   lp_private_dir());
	if (sockaddr == NULL) {
		DEBUG(10, ("talloc failed\n"));
		return NT_STATUS_NO_MEMORY;
	}

	ZERO_STRUCT(addr);
	addr.sun_family = AF_UNIX;
	strncpy(addr.sun_path, sockaddr, sizeof(addr.sun_path));
	TALLOC_FREE(sockaddr);

	status = open_socket_out((struct sockaddr_storage *)(void *)&addr,
				 0, 0, &fd);
	if (!NT_STATUS_IS_OK(status)) {
		DEBUG(10, ("Could not connect to %s: %s\n", addr.sun_path,
			   nt_errstr(status)));
		return status;
	}
	set_blocking(fd, false);

	ld = tldap_context_create(mem_ctx, fd);
	if (ld == NULL) {
		close(fd);
		return NT_STATUS_NO_MEMORY;
	}
	res = tldap_fetch_rootdse(ld);
	if (res != TLDAP_SUCCESS) {
		DEBUG(10, ("tldap_fetch_rootdse failed: %s\n",
			   tldap_errstr(talloc_tos(), ld, res)));
		TALLOC_FREE(ld);
		return NT_STATUS_LDAP(res);
	}
	*pld = ld;
	return NT_STATUS_OK;;
}
Exemplo n.º 5
0
/* open up the secrets database */
BOOL secrets_init(void)
{
	pstring fname;

	if (tdb)
		return True;

	pstrcpy(fname, lp_private_dir());
	pstrcat(fname,"/secrets.tdb");

	tdb = tdb_open_log(fname, 0, TDB_DEFAULT, O_RDWR|O_CREAT, 0600);

	if (!tdb) {
		DEBUG(0,("Failed to open %s\n", fname));
		return False;
	}
	return True;
}
Exemplo n.º 6
0
/* open up the secrets database */
bool secrets_init(void)
{
	char *fname = NULL;
	unsigned char dummy;

	if (db_ctx != NULL)
		return True;

	fname = talloc_asprintf(talloc_tos(), "%s/secrets.tdb",
				lp_private_dir());
	if (fname == NULL) {
		return false;
	}

	db_ctx = db_open_trans(NULL, fname, 0,
			       TDB_DEFAULT, O_RDWR|O_CREAT, 0600);

	if (db_ctx == NULL) {
		DEBUG(0,("Failed to open %s\n", fname));
		TALLOC_FREE(fname);
		return False;
	}

	TALLOC_FREE(fname);

	/**
	 * Set a reseed function for the crypto random generator
	 *
	 * This avoids a problem where systems without /dev/urandom
	 * could send the same challenge to multiple clients
	 */
	set_rand_reseed_callback(get_rand_seed);

	/* Ensure that the reseed is done now, while we are root, etc */
	generate_random_buffer(&dummy, sizeof(dummy));

	return True;
}
Exemplo n.º 7
0
/* open up the secrets database */
bool secrets_init(void)
{
	return secrets_init_path(lp_private_dir());
}
Exemplo n.º 8
0
static struct dom_sid *pdb_generate_sam_sid(void)
{
    struct dom_sid domain_sid;
    char *fname = NULL;
    struct dom_sid *sam_sid;

    if(!(sam_sid=SMB_MALLOC_P(struct dom_sid)))
        return NULL;

    if ( IS_DC ) {
        if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
            sid_copy(sam_sid, &domain_sid);
            return sam_sid;
        }
    }

    if (secrets_fetch_domain_sid(lp_netbios_name(), sam_sid)) {

        /* We got our sid. If not a pdc/bdc, we're done. */
        if ( !IS_DC )
            return sam_sid;

        if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {

            /* No domain sid and we're a pdc/bdc. Store it */

            if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) {
                DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n"));
                SAFE_FREE(sam_sid);
                return NULL;
            }
            return sam_sid;
        }

        if (!dom_sid_equal(&domain_sid, sam_sid)) {

            /* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */

            DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n"));
            if (!secrets_store_domain_sid(lp_netbios_name(), &domain_sid)) {
                DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID for local sid as PDC/BDC.\n"));
                SAFE_FREE(sam_sid);
                return NULL;
            }
            return sam_sid;
        }

        return sam_sid;
    }

    /* check for an old MACHINE.SID file for backwards compatibility */
    if (asprintf(&fname, "%s/MACHINE.SID", lp_private_dir()) == -1) {
        SAFE_FREE(sam_sid);
        return NULL;
    }

    if (read_sid_from_file(fname, sam_sid)) {
        /* remember it for future reference and unlink the old MACHINE.SID */
        if (!secrets_store_domain_sid(lp_netbios_name(), sam_sid)) {
            DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n"));
            SAFE_FREE(fname);
            SAFE_FREE(sam_sid);
            return NULL;
        }
        unlink(fname);
        if ( !IS_DC ) {
            if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) {
                DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n"));
                SAFE_FREE(fname);
                SAFE_FREE(sam_sid);
                return NULL;
            }
        }

        /* Stored the old sid from MACHINE.SID successfully.*/
        SAFE_FREE(fname);
        return sam_sid;
    }

    SAFE_FREE(fname);

    /* we don't have the SID in secrets.tdb, we will need to
           generate one and save it */
    generate_random_sid(sam_sid);

    if (!secrets_store_domain_sid(lp_netbios_name(), sam_sid)) {
        DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n"));
        SAFE_FREE(sam_sid);
        return NULL;
    }
    if ( IS_DC ) {
        if (!secrets_store_domain_sid(lp_workgroup(), sam_sid)) {
            DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n"));
            SAFE_FREE(sam_sid);
            return NULL;
        }
    }

    return sam_sid;
}
Exemplo n.º 9
0
static BOOL pdb_generate_sam_sid(void)
{
	DOM_SID domain_sid;
	char *fname = NULL;
	BOOL is_dc = False;

	if(global_sam_sid==NULL)
		if(!(global_sam_sid=(DOM_SID *)malloc(sizeof(DOM_SID))))
			return False;
			
	generate_wellknown_sids();

	switch (lp_server_role()) {
	case ROLE_DOMAIN_PDC:
	case ROLE_DOMAIN_BDC:
		is_dc = True;
		break;
	default:
		is_dc = False;
		break;
	}

	if (is_dc) {
		if (secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {
			sid_copy(global_sam_sid, &domain_sid);
			return True;
		}
	}

	if (secrets_fetch_domain_sid(global_myname(), global_sam_sid)) {

		/* We got our sid. If not a pdc/bdc, we're done. */
		if (!is_dc)
			return True;

		if (!secrets_fetch_domain_sid(lp_workgroup(), &domain_sid)) {

			/* No domain sid and we're a pdc/bdc. Store it */

			if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) {
				DEBUG(0,("pdb_generate_sam_sid: Can't store domain SID as a pdc/bdc.\n"));
				return False;
			}
			return True;
		}

		if (!sid_equal(&domain_sid, global_sam_sid)) {

			/* Domain name sid doesn't match global sam sid. Re-store domain sid as 'local' sid. */

			DEBUG(0,("pdb_generate_sam_sid: Mismatched SIDs as a pdc/bdc.\n"));
			if (!secrets_store_domain_sid(global_myname(), &domain_sid)) {
				DEBUG(0,("pdb_generate_sam_sid: Can't re-store domain SID for local sid as PDC/BDC.\n"));
				return False;
			}
			return True;
		}

		return True;
		
	}

	/* check for an old MACHINE.SID file for backwards compatibility */
	asprintf(&fname, "%s/MACHINE.SID", lp_private_dir());

	if (read_sid_from_file(fname, global_sam_sid)) {
		/* remember it for future reference and unlink the old MACHINE.SID */
		if (!secrets_store_domain_sid(global_myname(), global_sam_sid)) {
			DEBUG(0,("pdb_generate_sam_sid: Failed to store SID from file.\n"));
			SAFE_FREE(fname);
			return False;
		}
		unlink(fname);
		if (is_dc) {
			if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) {
				DEBUG(0,("pdb_generate_sam_sid: Failed to store domain SID from file.\n"));
				SAFE_FREE(fname);
				return False;
			}
		}

		/* Stored the old sid from MACHINE.SID successfully.*/
		SAFE_FREE(fname);
		return True;
	}

	SAFE_FREE(fname);

	/* we don't have the SID in secrets.tdb, we will need to
           generate one and save it */
	generate_random_sid(global_sam_sid);

	if (!secrets_store_domain_sid(global_myname(), global_sam_sid)) {
		DEBUG(0,("pdb_generate_sam_sid: Failed to store generated machine SID.\n"));
		return False;
	}
	if (is_dc) {
		if (!secrets_store_domain_sid(lp_workgroup(), global_sam_sid)) {
			DEBUG(0,("pdb_generate_sam_sid: Failed to store generated domain SID.\n"));
			return False;
		}
	}

	return True;
}