c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * CDDL HEADER START
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * The contents of this file are subject to the terms of the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Common Development and Distribution License (the "License").
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * You may not use this file except in compliance with the License.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * See the License for the specific language governing permissions
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * and limitations under the License.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * When distributing Covered Code, include this CDDL HEADER in each
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * If applicable, add the following below this CDDL HEADER, with the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * fields enclosed by brackets "[]" replaced with your own identifying
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * information: Portions Copyright [yyyy] [name of copyright owner]
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * CDDL HEADER END
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * Copyright (c) 2007, 2010, Oracle and/or its affiliates. All rights reserved.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States#include <stdarg.h>
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States#include <note.h>
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Initialization values for pids/rids: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * used in do_show for the type of argument, which can be winname,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * unixname, uid, gid, sid or not given at all:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Identity type strings */
cd37da7426f0c49c14ad9a8a07638ca971477566nw#define INHIBITED(str) (str == NULL || *str == 0 || strcmp(str, "\"\"") == 0)
cd37da7426f0c49c14ad9a8a07638ca971477566nwtypedef struct {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Flags */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* used in the function do_import */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwtypedef struct {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Formats of the output:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Idmap reads/prints mappings in several formats: ordinary mappings,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * name mappings in Samba username map format (smbusers), Netapp
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * DEFAULT_FORMAT are in fact the idmap subcommands suitable for
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * piping to idmap standart input. For example
8e22821528b08c6dba4e8176351560f316f6d0dedm * add -d winuser:bob@foo.com unixuser:fred
8e22821528b08c6dba4e8176351560f316f6d0dedm * add -d winuser:bob2bar.com unixuser:fred
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * SMBUSERS is the format of Samba username map (smbusers). For full
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * documentation, search for "username map" in smb.conf manpage.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * The format is for example
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * fred = bob@foo.com bob2@bar.com
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * USERMAP_CFG is the format of Netapp usermap.cfg file. Search
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * http://www.netapp.com/ for more documentation. IP qualifiers are not
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * supported.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * The format is for example
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * bob@foo.com => fred
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * "Bob With Spaces"@bar.com => fred #comment
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * The previous formats were for name rules. MAPPING_NAME and
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * MAPPING_ID are for the actual mappings, as seen in show/dump
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * commands. MAPPING_NAME prefers the string names of the user over
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * their numerical identificators. MAPPING_ID prints just the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * identificators.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Example of the MAPPING_NAME:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * winname:bob@foo.com -> unixname:fred
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Example of the MAPPING_ID:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * sid:S-1-2-3-4 -> uid:5678
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwtypedef enum {
cd37da7426f0c49c14ad9a8a07638ca971477566nwtypedef struct {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * idmap_api batch related variables:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * idmap can operate in two modes. It the batch mode, the idmap_api
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * batch is committed at the end of a batch of several
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * commands. At the end of input file, typically. This mode is used
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * for processing input from a file.
da6c28aaf62fa55f0fdb8004aa40f88f23bf53f0amw * In the non-batch mode, each command is committed immediately. This
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * mode is used for tty input.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Are we in the batch mode? */
8e22821528b08c6dba4e8176351560f316f6d0dedm/* Self describing stricture for positions */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Handles for idmap_api batch */
61b364a9162c5e321625fcd2f640da7e1dd2417ejptypedef struct {
61b364a9162c5e321625fcd2f640da7e1dd2417ejpstatic namemaps_t namemaps = {NULL, NULL, NULL, NULL, 0, NULL};
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Do we need to commit the udt batch at the end? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Command handlers */
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_show_mapping(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_dump(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_import(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_list_name_mappings(flag_t *f, int argc, char **argv,
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_add_name_mapping(flag_t *f, int argc, char **argv,
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_remove_name_mapping(flag_t *f, int argc, char **argv,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic int do_flush(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_exit(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_export(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic int do_help(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
479ac37569625bae44ffb80071d4bc865fc710eddmstatic int do_set_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
479ac37569625bae44ffb80071d4bc865fc710eddmstatic int do_unset_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
479ac37569625bae44ffb80071d4bc865fc710eddmstatic int do_get_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States/* Command names and their handlers to be passed to idmap_engine */
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright "c(create)v(verbose)V(trace)",
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp "n(names)v(verbose)",
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw "F(flush)f:(file)",
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw "f:(file)",
8e22821528b08c6dba4e8176351560f316f6d0dedm "d(directional)",
8e22821528b08c6dba4e8176351560f316f6d0dedm "a(all)t(to)f(from)d(directional)",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "flush",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "a(all)",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States do_flush
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States },
479ac37569625bae44ffb80071d4bc865fc710eddm "set-namemap",
479ac37569625bae44ffb80071d4bc865fc710eddm "a:(authentication)D:(bindDN)j:(passwd-file)",
479ac37569625bae44ffb80071d4bc865fc710eddm "get-namemap",
479ac37569625bae44ffb80071d4bc865fc710eddm "unset-namemap",
479ac37569625bae44ffb80071d4bc865fc710eddm "a:(authentication)D:(bindDN)j:(passwd-file):",
8e22821528b08c6dba4e8176351560f316f6d0dedm/* Print error message, possibly with a position */
8e22821528b08c6dba4e8176351560f316f6d0dedm/* printflike */
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic void
8e22821528b08c6dba4e8176351560f316f6d0dedm /* Skip newlines etc at the end: */
8e22821528b08c6dba4e8176351560f316f6d0dedm/* Inits positions sds. 0 means everything went OK, -1 for errors */
8e22821528b08c6dba4e8176351560f316f6d0dedm int init_size = 32; /* Initial size of the positions array */
8e22821528b08c6dba4e8176351560f316f6d0dedm positions = (struct pos_sds *) malloc(sizeof (struct pos_sds) +
8e22821528b08c6dba4e8176351560f316f6d0dedm return (-1);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (0);
8e22821528b08c6dba4e8176351560f316f6d0dedm/* Free the positions array */
8e22821528b08c6dba4e8176351560f316f6d0dedmstatic void
8e22821528b08c6dba4e8176351560f316f6d0dedm * Add another position to the positions array. 0 means everything
8e22821528b08c6dba4e8176351560f316f6d0dedm * went OK, -1 for errors
8e22821528b08c6dba4e8176351560f316f6d0dedm sizeof (struct pos_sds) +
8e22821528b08c6dba4e8176351560f316f6d0dedm positions->pos[positions->last]->line = strdup(pos->line);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (0);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (-1);
821da340f9590922ba8761a64fadda18843a0e88dm * Compare two strings just like strcmp, but stop before the end of
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Print help message */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic void
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw "idmap -f command-file\n"
8e22821528b08c6dba4e8176351560f316f6d0dedm "idmap add [-d] name1 name2\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap dump [-n] [-v]\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap export [-f file] format\n"
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "idmap flush [-a]\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap get-namemap name\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap help\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap import [-F] [-f file] format\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap list\n"
8e22821528b08c6dba4e8176351560f316f6d0dedm "idmap remove -a\n"
cd37da7426f0c49c14ad9a8a07638ca971477566nw "idmap remove [-f|-t] name\n"
8e22821528b08c6dba4e8176351560f316f6d0dedm "idmap remove [-d] name1 name2\n"
fd9ee8b58485b20072eeef1310a88ff348d5e7fajoyce mcintosh "idmap set-namemap [-a authenticationMethod] [-D bindDN]\n"
fd9ee8b58485b20072eeef1310a88ff348d5e7fajoyce mcintosh " [-j passwdfile] name1 name2\n"
479ac37569625bae44ffb80071d4bc865fc710eddm "idmap show [-c] [-v] identity [targettype]\n"
fd9ee8b58485b20072eeef1310a88ff348d5e7fajoyce mcintosh "idmap unset-namemap [-a authenticationMethod] [-D bindDN]\n"
fd9ee8b58485b20072eeef1310a88ff348d5e7fajoyce mcintosh " [-j passwdfile] name [targettype]\n");
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* The handler for the "help" command. */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Initialization of the commands which perform write operations */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Finalization of the write commands */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* If everythings is OK, send the udt batch to idmapd */
8e22821528b08c6dba4e8176351560f316f6d0dedm return (0);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (-1);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (rc);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp * Compare two possibly NULL strings
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (0);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (strcasecmp(a, b));
61b364a9162c5e321625fcd2f640da7e1dd2417ejp * Compare two possibly NULL strings
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (0);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (strcmp(a, b));
61b364a9162c5e321625fcd2f640da7e1dd2417ejpstatic void
61b364a9162c5e321625fcd2f640da7e1dd2417ejp (void) memset(namemaps.passwd, 0, strlen(namemaps.passwd));
61b364a9162c5e321625fcd2f640da7e1dd2417ejp/* Initialization of the commands which perform write operations */
61b364a9162c5e321625fcd2f640da7e1dd2417ejpinit_nm_command(char *user, char *passwd, char *auth, char *windomain,
1fdeec650620e8498c06f832ea4bd2292f7e9632joyce mcintosh stat = idmap_init_namemaps(&namemaps.handle, user,
61b364a9162c5e321625fcd2f640da7e1dd2417ejp "name mapping operation (%s)"),
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp if (user != NULL && (namemaps.user = strdup(user)) == NULL ||
61b364a9162c5e321625fcd2f640da7e1dd2417ejp auth != NULL && (namemaps.auth = strdup(auth)) == NULL ||
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (0);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp/* Cleanup after the xxx-namemaps commands */
61b364a9162c5e321625fcd2f640da7e1dd2417ejpstatic void
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Convert numeric expression of the direction to it's string form */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic char *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return ("==");
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return ("=>");
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return ("<=");
821da340f9590922ba8761a64fadda18843a0e88dm /* This can never happen: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return ("");
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* never reached */
821da340f9590922ba8761a64fadda18843a0e88dm * Returns 1 if c is a shell-meta-character requiring quoting, 0
821da340f9590922ba8761a64fadda18843a0e88dm * otherwise.
821da340f9590922ba8761a64fadda18843a0e88dm * We don't quote '*' and ':' because they cannot do any harm
821da340f9590922ba8761a64fadda18843a0e88dm * a) they have no meaning to idmap_engine b) even ifsomebody copy &
821da340f9590922ba8761a64fadda18843a0e88dm * paste idmap output to a shell commandline, there is the identity
821da340f9590922ba8761a64fadda18843a0e88dm * type string in front of them. On the other hand, '*' and ':' are
821da340f9590922ba8761a64fadda18843a0e88dm * everywhere.
821da340f9590922ba8761a64fadda18843a0e88dm return (1);
821da340f9590922ba8761a64fadda18843a0e88dm return (1);
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
8e22821528b08c6dba4e8176351560f316f6d0dedm * Returns 1 if c is a shell-meta-character requiring quoting even
8e22821528b08c6dba4e8176351560f316f6d0dedm * inside double quotes, 0 otherwise. It means \, " and $ .
8e22821528b08c6dba4e8176351560f316f6d0dedm * This set of characters is a subset of those in is_shell_special().
8e22821528b08c6dba4e8176351560f316f6d0dedm return (1);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm * Quote any shell meta-characters in the given string. If 'quote' is
821da340f9590922ba8761a64fadda18843a0e88dm * true then use double-quotes to quote the whole string, else use
821da340f9590922ba8761a64fadda18843a0e88dm * back-slash to quote each individual meta-character.
821da340f9590922ba8761a64fadda18843a0e88dm * The resulting string is placed in *res. Callers must free *res if the
821da340f9590922ba8761a64fadda18843a0e88dm * return value isn't 0 (even if the given string had no meta-chars).
821da340f9590922ba8761a64fadda18843a0e88dm * If there are any errors this returns -1, else 0.
821da340f9590922ba8761a64fadda18843a0e88dm uint_t noss = 0; /* Number Of Shell Special chars in the input */
821da340f9590922ba8761a64fadda18843a0e88dm uint_t noqb = 0; /* Number Of Quotes and Backslahes in the input */
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* First, let us count how many characters we need to quote: */
821da340f9590922ba8761a64fadda18843a0e88dm for (i = 0; i < len_orig; i++) {
821da340f9590922ba8761a64fadda18843a0e88dm /* Do we need to quote at all? */
821da340f9590922ba8761a64fadda18843a0e88dm if (noss == 0) {
821da340f9590922ba8761a64fadda18843a0e88dm return (-1);
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* What is the length of the result? */
821da340f9590922ba8761a64fadda18843a0e88dm len = strlen(string) + 2 + noqb + 1; /* 2 for quotation marks */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
821da340f9590922ba8761a64fadda18843a0e88dm for (i = 0; i < len_orig; i++) {
821da340f9590922ba8761a64fadda18843a0e88dm /* Quote the dangerous chars by a backslash */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Assemble string form sid */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic char *
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* 'usid:' + sidprefix + '-' + rid + '\0' */
cd37da7426f0c49c14ad9a8a07638ca971477566nw (void) snprintf(to, len, "%s:%s-%u", typestring, nm->sidprefix,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (to);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Assemble string form uid or gid */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic char *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* ID_UID ":" + uid + '\0' */
479ac37569625bae44ffb80071d4bc865fc710eddm (void) snprintf(to, len, "%s:%u", is_user ? ID_UID : ID_GID, from);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (to);
8e22821528b08c6dba4e8176351560f316f6d0dedm/* Assemble winname, e.g. "winuser:bob@foo.sun.com", from name_mapping_t */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Sometimes there are no text names. Return a sid, then. */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Windomain is not mandatory: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* LINTED E_NOP_IF_STMT */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw * Assemble a text unixname, e.g. unixuser:fred. Use only for
cd37da7426f0c49c14ad9a8a07638ca971477566nw * mapping, not namerules - there an empty name means inhibited
cd37da7426f0c49c14ad9a8a07638ca971477566nw * mappings, while here pid is printed if there is no name.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Sometimes there is no name, just pid: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw/* Allocate a new name_mapping_t and initialize the values. */
cd37da7426f0c49c14ad9a8a07638ca971477566nw name_mapping_t *nm = (name_mapping_t *)malloc(sizeof (name_mapping_t));
cd37da7426f0c49c14ad9a8a07638ca971477566nw nm->winname = nm->windomain = nm->unixname = nm->sidprefix = NULL;
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (nm);
cd37da7426f0c49c14ad9a8a07638ca971477566nw/* Free name_mapping_t */
cd37da7426f0c49c14ad9a8a07638ca971477566nwstatic void
cd37da7426f0c49c14ad9a8a07638ca971477566nwname_mapping_cpy(name_mapping_t *to, name_mapping_t *from)
cd37da7426f0c49c14ad9a8a07638ca971477566nw to->winname = to->windomain = to->unixname = to->sidprefix = NULL;
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* 10 is strlen("add -d\t\t\n") + 1 */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw/* Initialize print_mapping variables. Must be called before print_mapping */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Finalize print_mapping. */
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (rc >= 0) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (rc);
cd37da7426f0c49c14ad9a8a07638ca971477566nwstatic char *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * This prints both name rules and ordinary mappings, based on the pnm_format
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * set in print_mapping_init().
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* LINTED E_CASE_FALLTHRU */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm if (nm->is_user != IDMAP_YES || nm->is_wuser != IDMAP_YES) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw } else if (INHIBITED(nm->winname) || INHIBITED(nm->unixname)) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw unixname = INHIBITED(nm->unixname) ? "\"\"" : nm->unixname;
479ac37569625bae44ffb80071d4bc865fc710eddm if (nm->is_user != IDMAP_YES || nm->is_wuser != IDMAP_YES) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw if ((winname = usermap_cfg_string(nm->winname)) == NULL ||
cd37da7426f0c49c14ad9a8a07638ca971477566nw (windomain = usermap_cfg_string(nm->windomain)) == NULL) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw "%s\\%s\t%s\t%s\n" :
cd37da7426f0c49c14ad9a8a07638ca971477566nw "%2$s@%1$s\t%3$s\t%4$s\n",
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* This is a format for namerules */
cd37da7426f0c49c14ad9a8a07638ca971477566nw * If nm is the same as the last one except is_wuser, we combine
cd37da7426f0c49c14ad9a8a07638ca971477566nw * winuser & wingroup to winname
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
821da340f9590922ba8761a64fadda18843a0e88dm /* This can never happen: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp (void) printf(gettext("Method:\tNative LDAP Directory\n"));
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * The name rules as specified by the user can have a
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * "winname", "winuser" or "wingroup". "Winname" rules are
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * decomposed to a "winuser" and "wingroup" rules by idmap.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * Currently is_wuser is a boolean. Due to these reasons
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * the returned is_wuser does not represent the original rule.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * It is therefore better set is_wuser to unknown.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp (void) fprintf(stderr, gettext("Failed Method:\tName Rule\n"));
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * The name rules as specified by the user can have a
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * "winname", "winuser" or "wingroup". "Winname" rules are
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * decomposed to a "winuser" and "wingroup" rules by idmap.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * Currently is_wuser is a boolean. Due to these reasons
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * the returned is_wuser does not represent the original rule.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp * It is therefore better to set is_wuser to unknown.
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp (void) fprintf(stderr, gettext("Failed Method:\tEphemeral\n"));
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp (void) fprintf(stderr, gettext("Failed Method:\tLocal SID\n"));
e3f2c991a8548408db0a2787bd8b43d5124821d3Keyur Desai (void) fprintf(stderr, gettext("Attribute:\t%s=%s\n"),
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* dump command handler */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
cd37da7426f0c49c14ad9a8a07638ca971477566nw ph = print_mapping_init(f[n_FLAG] != NULL ? MAPPING_NAME : MAPPING_ID,
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (stat < 0) {
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp if (stat >= 0) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw } while (stat > 0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* IDMAP_ERR_NOTFOUND indicates end of the list */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
821da340f9590922ba8761a64fadda18843a0e88dm * Convert pid from string to it's numerical representation. If it is
821da340f9590922ba8761a64fadda18843a0e88dm * a valid string, i.e. number of a proper length, return 1. Otherwise
821da340f9590922ba8761a64fadda18843a0e88dm * print an error message and return 0.
cd37da7426f0c49c14ad9a8a07638ca971477566nwpid_convert(char *string, uid_t *number, int type, cmd_pos_t *pos)
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm for (i = 0; i < len; i++) {
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* Isn't it too large? */
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm return (1);
821da340f9590922ba8761a64fadda18843a0e88dm * Convert SID from string to prefix and rid. If it has a valid
821da340f9590922ba8761a64fadda18843a0e88dm * format, i.e. S(\-\d+)+, return 1. Otherwise print an error
821da340f9590922ba8761a64fadda18843a0e88dm * message and return 0.
cd37da7426f0c49c14ad9a8a07638ca971477566nwsid_convert(char *from, char **prefix, idmap_rid_t *rid, cmd_pos_t *pos)
821da340f9590922ba8761a64fadda18843a0e88dm unsigned long r;
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm gettext("Invalid %s \"%s\": the authority and RID parts are"
cd37da7426f0c49c14ad9a8a07638ca971477566nw " missing.\n"),
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* count '-'s */
821da340f9590922ba8761a64fadda18843a0e88dm /* can't end on a '-' */
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* check that we only have digits and '-' */
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* 64-bit safe parsing of unsigned 48-bit authority value */
821da340f9590922ba8761a64fadda18843a0e88dm /* errors parsing the authority or too many bits */
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm (a & 0x0000ffffffffffffULL) != a) {
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm if (j < 3) {
821da340f9590922ba8761a64fadda18843a0e88dm gettext("Invalid %s \"%s\": must have at least one RID.\n"),
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm for (i = 2; i < j; i++) {
821da340f9590922ba8761a64fadda18843a0e88dm /* Should never happen */
cd37da7426f0c49c14ad9a8a07638ca971477566nw " '-' missing.\n"),
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* 32-bit safe parsing of unsigned 32-bit RID */
821da340f9590922ba8761a64fadda18843a0e88dm /* errors parsing the RID */
821da340f9590922ba8761a64fadda18843a0e88dm /* should never happen */
cd37da7426f0c49c14ad9a8a07638ca971477566nw "unable to parse the RID "
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* check that all of the string SID has been consumed */
821da340f9590922ba8761a64fadda18843a0e88dm /* Should never happen */
cd37da7426f0c49c14ad9a8a07638ca971477566nw "something is still left.\n"),
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* -1 for the '-' at the end: */
821da340f9590922ba8761a64fadda18843a0e88dm return (0);
821da340f9590922ba8761a64fadda18843a0e88dm return (1);
821da340f9590922ba8761a64fadda18843a0e88dm/* Does the line start with USERMAP_CFG IP qualifier? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * returns interior of quotation marks in USERMAP_CFG. In this format,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * there cannot be a protected quotation mark inside.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic char *
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Grab next token from the line in USERMAP_CFG format. terminators,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * the 3rd parameter, contains all the characters which can terminate
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * the token. line_num is the line number of input used for error
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * reporting.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic char *
cd37da7426f0c49c14ad9a8a07638ca971477566nwucp_grab_token(char **line, cmd_pos_t *pos, const char *terminators)
8e22821528b08c6dba4e8176351560f316f6d0dedm * Convert a line in usermap.cfg format to name_mapping.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Return values: -1 for error, 0 for empty line, 1 for a mapping
cd37da7426f0c49c14ad9a8a07638ca971477566nwucp_line2nm(char *line, cmd_pos_t *pos, name_mapping_t *nm)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* empty or comment lines are OK: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* We do not support network qualifiers */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* The windows name: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Didn't we bump to the end of line? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Do we have a domainname? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Direction string is optional: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Now unixname: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* nm->winname to be freed by name_mapping_fini */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Neither here we support IP qualifiers */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Does something remain on the line */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Parse SMBUSERS line to name_mapping_t. if line is NULL, then
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * pasrsing of the previous line is continued. line_num is input line
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * number used for error reporting.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Return values:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * rc -1: error
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * rc = 0: mapping found and the line is finished,
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * rc = 1: mapping found and there remains other on the line
cd37da7426f0c49c14ad9a8a07638ca971477566nwsup_line2nm(char *line, cmd_pos_t *pos, name_mapping_t *nm)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Parse line to name_mapping_t. Basicaly just a format switch. */
cd37da7426f0c49c14ad9a8a07638ca971477566nwline2nm(char *line, cmd_pos_t *pos, name_mapping_t *nm, format_t f)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw switch (f) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* This can never happen */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Examine -f flag and return the appropriate format_t */
cd37da7426f0c49c14ad9a8a07638ca971477566nw gettext("The only known formats are: \"usermap.cfg\" and "
cd37da7426f0c49c14ad9a8a07638ca971477566nw "\"smbusers\".\n"));
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* Delete all namerules of the given type */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (stat < 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
8e22821528b08c6dba4e8176351560f316f6d0dedm return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* import command handler */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
8e22821528b08c6dba4e8176351560f316f6d0dedmdo_import(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* We don't flush groups in the usermap.cfg nor smbusers format */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Where we import from? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * In SMBUSERS format there can be more mappings on
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * each line. So we need the internal cycle for each line.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (stat < 0) {
8e22821528b08c6dba4e8176351560f316f6d0dedm if (rc >= 0)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw } while (rc >= 0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (rc < 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * List name mappings in the format specified. list_users /
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * list_groups determine which type to list. The output goes to the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * file fi.
1fdeec650620e8498c06f832ea4bd2292f7e9632joyce mcintosh stat = idmap_iter_namerules(NULL, 0, 0, NULL, NULL, &ihandle);
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (stat < 0) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (stat >= 0) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw } while (stat > 0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm/* Export command handler */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
cd37da7426f0c49c14ad9a8a07638ca971477566nwdo_export(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Where do we output to? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* List the requested types: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* List command handler */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
8e22821528b08c6dba4e8176351560f316f6d0dedmdo_list_name_mappings(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* List the requested types: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* This is just a debug function for dumping flags */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nwstatic void
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw for (c = 0; c < FLAG_ALPHABET_SIZE; c++) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (f[c] == FLAG_SET)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw (void *) f[c]);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw else if (f[c])
479ac37569625bae44ffb80071d4bc865fc710eddm/* Convert string like sid or winname to the identity type code */
479ac37569625bae44ffb80071d4bc865fc710eddm for (i = 0; i < sizeof (identity2code) / sizeof (id_code_t); i++) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw * Split argument to its identity code and a name part
cd37da7426f0c49c14ad9a8a07638ca971477566nw * return values:
479ac37569625bae44ffb80071d4bc865fc710eddm * TYPE_INVALID for unknown identity
479ac37569625bae44ffb80071d4bc865fc710eddm * TYPE_AUTO for no identity (to be autodetected)
479ac37569625bae44ffb80071d4bc865fc710eddm * <TYPE_XXX> for known identity
cd37da7426f0c49c14ad9a8a07638ca971477566nw * This function splits name to the relevant pieces: is_user, winname,
cd37da7426f0c49c14ad9a8a07638ca971477566nw * windomain unixname. E.g. for winname, it strdups nm->winname and possibly
cd37da7426f0c49c14ad9a8a07638ca971477566nw * nm->windomain and return TYPE_WN.
cd37da7426f0c49c14ad9a8a07638ca971477566nw * If there is already one of the text fields allocated, it is OK.
cd37da7426f0c49c14ad9a8a07638ca971477566nw * Return values:
cd37da7426f0c49c14ad9a8a07638ca971477566nw * -1 ... syntax error
cd37da7426f0c49c14ad9a8a07638ca971477566nw * 0 ... it wasnt possible to determine
cd37da7426f0c49c14ad9a8a07638ca971477566nw * <TYPE_XXX> otherwise
cd37da7426f0c49c14ad9a8a07638ca971477566nwname2parts(char *name, name_mapping_t *nm, cmd_pos_t *pos)
cd37da7426f0c49c14ad9a8a07638ca971477566nw switch (code) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* syntax error: */
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* autodetection: */
479ac37569625bae44ffb80071d4bc865fc710eddm if (nm->winname != NULL && nm->is_wuser != IDMAP_UNKNOWN)
479ac37569625bae44ffb80071d4bc865fc710eddm /* btw, nm->is_user can never be IDMAP_UNKNOWN here */
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (0);
cd37da7426f0c49c14ad9a8a07638ca971477566nw /* If the code was guessed succesfully, we are OK. */
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw * it is (!(code & TYPE_WIN) && !(code & TYPE_NAME)) here - the other
cd37da7426f0c49c14ad9a8a07638ca971477566nw * possiblities are exhausted.
cd37da7426f0c49c14ad9a8a07638ca971477566nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw * Cycle through add/remove arguments until they are identified or found
cd37da7426f0c49c14ad9a8a07638ca971477566nw * invalid.
cd37da7426f0c49c14ad9a8a07638ca971477566nw switch (code) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (i > 0) {
cd37da7426f0c49c14ad9a8a07638ca971477566nw " cannot be determined for %s.\n"),
cd37da7426f0c49c14ad9a8a07638ca971477566nw print_error(pos, gettext("No windows identity found.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm if (argc == 1 && nm->winname == NULL && nm->unixname == NULL) {
479ac37569625bae44ffb80071d4bc865fc710eddm print_error(pos, gettext("No identity type determined.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (nm);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* add command handler. */
8e22821528b08c6dba4e8176351560f316f6d0dedmdo_add_name_mapping(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
8e22821528b08c6dba4e8176351560f316f6d0dedm /* Exactly two arguments must be specified */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Now let us write it: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm for (is_wuser = IDMAP_YES; is_wuser >= IDMAP_NO; is_wuser--) {
479ac37569625bae44ffb80071d4bc865fc710eddm /* nm->is_wuser can be IDMAP_YES, IDMAP_NO or IDMAP_UNKNOWN */
479ac37569625bae44ffb80071d4bc865fc710eddm if ((is_wuser == IDMAP_YES && nm->is_wuser == IDMAP_NO) ||
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* We echo the mapping */
8e22821528b08c6dba4e8176351560f316f6d0dedm if (rc == 0)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* remove command handler */
8e22821528b08c6dba4e8176351560f316f6d0dedmdo_remove_name_mapping(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* "-a" means we flush all of them */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
8e22821528b08c6dba4e8176351560f316f6d0dedm if (rc >= 0)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Contrary to add_name_mapping, we can have only one argument */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw } else if (
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* both -f and -t: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* -d with a single argument: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* -f or -t with two arguments: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * Similar to do_add_name_mapping - see the comments
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * there. Except we may have only one argument here.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * If the direction is not specified by a -d/-f/-t flag, then it
8e22821528b08c6dba4e8176351560f316f6d0dedm * is IDMAP_DIRECTION_UNDEF, because in that case we want to
8e22821528b08c6dba4e8176351560f316f6d0dedm * remove any mapping. If it was IDMAP_DIRECTION_BI, idmap_api would
8e22821528b08c6dba4e8176351560f316f6d0dedm * delete a bidirectional one only.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm for (is_wuser = IDMAP_YES; is_wuser >= IDMAP_NO; is_wuser--) {
479ac37569625bae44ffb80071d4bc865fc710eddm if ((is_wuser == IDMAP_YES && nm->is_wuser == IDMAP_NO) ||
8e22821528b08c6dba4e8176351560f316f6d0dedm nm->windomain, nm->winname, nm->unixname, nm->direction);
8e22821528b08c6dba4e8176351560f316f6d0dedm if (rc == 0)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (rc);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States/* flush command handler */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic int
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesdo_flush(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States{
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States NOTE(ARGUNUSED(argv))
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States idmap_flush_op op;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States idmap_stat stat;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int rc = 0;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (argc > 0) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States print_error(pos,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States gettext("Too many arguments.\n"));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (-1);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (f[a_FLAG] != NULL)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States op = IDMAP_FLUSH_DELETE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States else
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States op = IDMAP_FLUSH_EXPIRE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (stat != IDMAP_SUCCESS) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States print_error(pos,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States gettext("%s\n"),
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States rc = -1;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (rc);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States}
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* exit command handler */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_FUNC_ARG_UNUSED */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* debug command handler: just print the parameters */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* LINTED E_STATIC_UNUSED */
8e22821528b08c6dba4e8176351560f316f6d0dedmdebug_print_params(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw for (i = 0; i < argc; i++) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * From name_mapping_t, asseble a string containing identity of the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * given type.
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw switch (type) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (0);
821da340f9590922ba8761a64fadda18843a0e88dm /* This can never happen: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* never reached */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* show command handler */
8e22821528b08c6dba4e8176351560f316f6d0dedmdo_show_mapping(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (argc == 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (-1);
cd37da7426f0c49c14ad9a8a07638ca971477566nw if (type_from <= 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Second, determine type_to: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Are both arguments the same OS side? */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * We have two interfaces for retrieving the mappings:
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * idmap_get_sidbyuid & comp (the batch interface) and
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * idmap_get_w2u_mapping & comp. We want to use both of them, because
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * the former mimicks kernel interface better and the later offers the
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * string names. In the batch case, our batch has always size 1.
cd37da7426f0c49c14ad9a8a07638ca971477566nw * Btw, type_from cannot be IDMAP_PID, because there is no type string
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* batch handle */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* To be passed to idmap_get_uidbysid */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* To be passed to idmap_get_gidbysid */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Create an in-memory structure for all the batch: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw " with idmapd(1M) (%s)\n"),
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Schedule the request: */
821da340f9590922ba8761a64fadda18843a0e88dm /* This can never happen: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (stat < 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Send the batch to idmapd and obtain results: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (stat < 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw " RPC problem (%s)\n"),
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* Destroy the batch handle: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * If there was -c flag, we do output whatever we can even in
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw * the case of error:
48258c6b4e17f36ab09fba0bd6307d1fec9dcbcejp if (map_stat < 0 && flag & IDMAP_REQ_FLG_NO_NEW_ID_ALLOC)
8e22821528b08c6dba4e8176351560f316f6d0dedm * idmapd returns fallback uid/gid in case of errors. However
8e22821528b08c6dba4e8176351560f316f6d0dedm * it uses special sentinel value i.e 4294967295 (or -1) to
8e22821528b08c6dba4e8176351560f316f6d0dedm * indicate that falbback pid is not available either. In such
8e22821528b08c6dba4e8176351560f316f6d0dedm * case idmap(1M) should not display the mapping because there
8e22821528b08c6dba4e8176351560f316f6d0dedm * is no fallback mapping.
479ac37569625bae44ffb80071d4bc865fc710eddmflags2cred(flag_t *f, char **user, char **passwd, cmd_pos_t *pos)
479ac37569625bae44ffb80071d4bc865fc710eddm return (0); /* GSSAPI authentification => OK */
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm /* Password: */
479ac37569625bae44ffb80071d4bc865fc710eddm /* The password is the fist line, we ignore the rest: */
479ac37569625bae44ffb80071d4bc865fc710eddm /* Trim the eol: */
479ac37569625bae44ffb80071d4bc865fc710eddm } else if (!batch_mode) {
479ac37569625bae44ffb80071d4bc865fc710eddm /* If in the interactive mode, read the terminal input: */
479ac37569625bae44ffb80071d4bc865fc710eddm return (0);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddmdo_set_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
479ac37569625bae44ffb80071d4bc865fc710eddm "namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm "namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp if (init_nm_command(user, passwd, f[a_FLAG], nm->windomain,
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp stat = idmap_set_namemap(namemaps.handle, nm->winname, nm->unixname,
479ac37569625bae44ffb80071d4bc865fc710eddmdo_unset_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
479ac37569625bae44ffb80071d4bc865fc710eddm gettext("Not enough arguments: a name needed to unset a "
479ac37569625bae44ffb80071d4bc865fc710eddm "namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm gettext("Too many arguments: Only target name and type is "
479ac37569625bae44ffb80071d4bc865fc710eddm "needed to unset namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm "possible target type is unixuser or "
61b364a9162c5e321625fcd2f640da7e1dd2417ejp if (init_nm_command(user, passwd, f[a_FLAG], nm->windomain,
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp stat = idmap_unset_namemap(namemaps.handle, nm->winname, nm->unixname,
479ac37569625bae44ffb80071d4bc865fc710eddm/* LINTED E_FUNC_ARG_UNUSED */
479ac37569625bae44ffb80071d4bc865fc710eddmdo_get_namemap(flag_t *f, int argc, char **argv, cmd_pos_t *pos)
479ac37569625bae44ffb80071d4bc865fc710eddm "namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm gettext("Too many arguments: just one name needed to get "
479ac37569625bae44ffb80071d4bc865fc710eddm "a namemap.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm return (-1);
479ac37569625bae44ffb80071d4bc865fc710eddm /* nm->is_user is IDMAP_UNKNOWN for IDMAP_DIRECTION_W2U */
61b364a9162c5e321625fcd2f640da7e1dd2417ejp return (-1);
61b364a9162c5e321625fcd2f640da7e1dd2417ejp stat = idmap_get_namemap(namemaps.handle, &is_source_ad, &nm->winname,
479ac37569625bae44ffb80071d4bc865fc710eddm "native LDAP.\n"));
479ac37569625bae44ffb80071d4bc865fc710eddm * This can never happen; the error must be recognized in
479ac37569625bae44ffb80071d4bc865fc710eddm gettext("Internal error: unknown source of namemaps.\n"));
7a8a68f5e3efbaec1a375c2d50bd20b566631755Julian Pullen/* printflike */
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desaiidmap_cli_logger(int pri, const char *format, ...)
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw/* main function. Returns 1 for error, 0 otherwise */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* set locale and domain for internationalization */
7a8a68f5e3efbaec1a375c2d50bd20b566631755Julian Pullen /* Redirect logging */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw /* idmap_engine determines the batch_mode: */
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw if (rc < 0) {
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (1);
c5c4113dfcabb1eed3d4bdf7609de5170027a794nw return (1);