static void nss_test_errors(void)
{
struct passwd *pwd;
struct group *grp;
pwd = getpwnam("nosuchname");
if (pwd || last_error != NSS_STATUS_NOTFOUND) {
total_errors++;
printf("ERROR Non existant user gave error %d\n", last_error);
}
pwd = getpwuid(0xFFF0);
if (pwd || last_error != NSS_STATUS_NOTFOUND) {
total_errors++;
printf("ERROR Non existant uid gave error %d\n", last_error);
}
grp = sys_getgrnam("nosuchgroup");
if (grp || last_error != NSS_STATUS_NOTFOUND) {
total_errors++;
printf("ERROR Non existant group gave error %d\n", last_error);
}
grp = sys_getgrgid(0xFFF0);
if (grp || last_error != NSS_STATUS_NOTFOUND) {
total_errors++;
printf("ERROR Non existant gid gave error %d\n", last_error);
}
}
bool lookup_unix_group_name(const char *name, DOM_SID *sid)
{
struct group *grp;
grp = sys_getgrnam(name);
if (grp == NULL) {
return False;
}
sid_copy(sid, &global_sid_Unix_Groups);
sid_append_rid(sid, (uint32_t)grp->gr_gid); /* For 64-bit uid's we have enough
* space ... */
return True;
}
bool lookup_unix_group_name(const char *name, DOM_SID *sid)
{
struct group *grp;
grp = sys_getgrnam(name);
if (grp == NULL) {
return False;
}
/*
* For 64-bit gid's we have enough space in the whole SID,
* should they become necessary
*/
return sid_compose(sid, &global_sid_Unix_Groups, grp->gr_gid);
}
int main(int argc, char **argv)
{
struct group *gr;
/* Check args */
if (argc != 2) {
printf("ERROR: no arg specified\n");
exit(1);
}
/* Do getgrnam() */
if ((gr = sys_getgrnam(argv[1])) == NULL) {
printf("FAIL: group %s does not exist\n", argv[1]);
exit(1);
}
/* Print group info */
printf("PASS: group %s exists\n", argv[1]);
printf("gr_name = %s\n", gr->gr_name);
printf("gr_passwd = %s\n", gr->gr_passwd);
printf("gr_gid = %d\n", gr->gr_gid);
/* Group membership */
if (gr->gr_mem != NULL) {
int i = 0;
printf("gr_mem = ");
while(gr->gr_mem[i] != NULL) {
printf("%s", gr->gr_mem[i]);
i++;
if (gr->gr_mem != NULL) {
printf(",");
}
}
printf("\n");
}
exit(0);
}
enum winbindd_result winbindd_sid_to_gid(struct winbindd_cli_state *state)
{
DOM_SID sid;
uint32 flags = 0x0;
/* Ensure null termination */
state->request.data.sid[sizeof(state->request.data.sid)-1]='\0';
DEBUG(3, ("[%5lu]: sid to gid %s\n", (unsigned long)state->pid,
state->request.data.sid));
if (!string_to_sid(&sid, state->request.data.sid)) {
DEBUG(1, ("Could not cvt string to sid %s\n", state->request.data.sid));
return WINBINDD_ERROR;
}
/* This gets a little tricky. If we assume that usernames are syncd between
/etc/passwd and the windows domain (such as a member of a Samba domain),
the we need to get the uid from the OS and not alocate one ourselves */
if ( lp_winbind_trusted_domains_only() ) {
struct winbindd_domain *domain = NULL;
DOM_SID sid2;
uint32 rid;
unid_t id;
domain = find_our_domain();
if ( !domain ) {
DEBUG(0,("winbindd_sid_to_uid: can't find my own domain!\n"));
return WINBINDD_ERROR;
}
sid_copy( &sid2, &sid );
sid_split_rid( &sid2, &rid );
if ( sid_equal( &sid2, &domain->sid ) ) {
fstring domain_name;
fstring group;
enum SID_NAME_USE type;
struct group *grp = NULL;
/* ok...here's we know that we are dealing with our
own domain (the one to which we are joined). And
we know that there must be a UNIX account for this group.
So we lookup the sid and the call getpwnam().*/
/* But first check and see if we don't already have a mapping */
flags = ID_QUERY_ONLY;
if ( NT_STATUS_IS_OK(idmap_sid_to_gid(&sid, &(state->response.data.gid), flags)) )
return WINBINDD_OK;
/* now fall back to the hard way */
if ( !winbindd_lookup_name_by_sid(&sid, domain_name, group, &type) )
return WINBINDD_ERROR;
if ( !(grp = sys_getgrnam(group)) ) {
DEBUG(0,("winbindd_sid_to_uid: 'winbind trusted domains only' is "
"set but this group [%s] doesn't exist!\n", group));
return WINBINDD_ERROR;
}
state->response.data.gid = grp->gr_gid;
id.gid = grp->gr_gid;
idmap_set_mapping( &sid, id, ID_GROUPID );
return WINBINDD_OK;
}
}
if ( state->request.flags & WBFLAG_QUERY_ONLY )
flags = ID_QUERY_ONLY;
/* Find gid for this sid and return it */
if ( !NT_STATUS_IS_OK(idmap_sid_to_gid(&sid, &(state->response.data.gid), flags)) ) {
DEBUG(1, ("Could not get gid for sid %s\n", state->request.data.sid));
return WINBINDD_ERROR;
}
return WINBINDD_OK;
}
