dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * CDDL HEADER START
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * The contents of this file are subject to the terms of the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Common Development and Distribution License (the "License").
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * You may not use this file except in compliance with the License.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * See the License for the specific language governing permissions
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * and limitations under the License.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * When distributing Covered Code, include this CDDL HEADER in each
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * file and include the License file at usr/src/OPENSOLARIS.LICENSE.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * If applicable, add the following below this CDDL HEADER, with the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * fields enclosed by brackets "[]" replaced with your own identifying
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * information: Portions Copyright [yyyy] [name of copyright owner]
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * CDDL HEADER END
36a00406f380da1f3fd86e1a6af2de4d9f64633cGordon Ross * Copyright 2011 Nexenta Systems, Inc. All rights reserved.
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved.
a7fe1d5bb55904d4c79638b8778bc9dd8ed7fd7bAndy Stormont * Copyright (c) 2013 RackTop Systems.
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb * Local domain SID (aka machine SID) is not stored in the domain table
faa1795a28a5c712eed6d0a3f84d98c368a316c6jb * therefore the index is 0
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * members column of the groups table is an array of
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * member structure smb_lgmid_t defined below.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * privs column of the groups table is an array of bytes
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * where each byte is the id of an enable privilege
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "CREATE TABLE db_info (" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " ver_major INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " ver_minor INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " magic INTEGER" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "CREATE TABLE domains (" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " dom_idx INTEGER PRIMARY KEY," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " dom_sid TEXT UNIQUE," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " dom_cnt INTEGER" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "CREATE UNIQUE INDEX domsid_idx ON domains (dom_sid);" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "CREATE TABLE groups (" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " name TEXT PRIMARY KEY," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " sid_idx INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " sid_rid INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " sid_type INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " sid_attrs INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " comment TEXT," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " n_privs INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " privs BLOB," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " n_members INTEGER," \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " members BLOB" \
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "CREATE INDEX grprid_idx ON groups (sid_rid);"
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Number of groups table columns
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright#define SMB_LGRP_PGRP_MAXGLEN 9 /* max length of group name */
a7fe1d5bb55904d4c79638b8778bc9dd8ed7fd7bAndy Stormont#define SMB_LGRP_PGRP_DEFRID 1000 /* lowest cifs created gid */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Member ID */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Member list */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Privilege ID */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as/* Privilege list */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic struct {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int errnum;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char *errmsg;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States} errtab[] = {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_SUCCESS, "success" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_INVALID_ARG, "invalid argument" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_INVALID_MEMBER, "invalid member type" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_INVALID_NAME, "invalid name" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NOT_FOUND, "group not found" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_EXISTS, "group exists" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_SID, "cannot obtain a SID" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_LOCAL_SID, "cannot get the machine SID" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_SID_NOTLOCAL, "local account has non-local SID" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_WKSID,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "operation not permitted on well-known account" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_MEMORY, "not enough memory" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DB_ERROR, "database operation error" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DBINIT_ERROR, "database initialization error" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_INTERNAL_ERROR, "internal error" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_MEMBER_IN_GROUP, "member already in group" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_MEMBER_NOT_IN_GROUP, "not a member" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_SUCH_PRIV, "no such privilege" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_SUCH_DOMAIN, "no such domain SID" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_PRIV_HELD, "privilege already held" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_PRIV_NOT_HELD, "privilege not held" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_BAD_DATA, "bad data" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_NO_MORE, "no more groups" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DBOPEN_FAILED, "database open failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DBEXEC_FAILED, "database operation failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DBINIT_FAILED, "database initialization failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DOMLKP_FAILED, "domain SID lookup failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DOMINS_FAILED, "domain SID insert failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_INSERT_FAILED, "group insert failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_DELETE_FAILED, "group delete failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_UPDATE_FAILED, "group update failed" },
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States { SMB_LGRP_LOOKUP_FAILED, "group lookup failed" },
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright { SMB_LGRP_OFFLINE, "local group service is offline" },
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright { SMB_LGRP_POSIXCREATE_FAILED, "posix group create failed" }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States};
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States/*
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Serialization for the local group API.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statestypedef struct {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States mutex_t lg_mutex;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States cond_t lg_cv;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States boolean_t lg_online;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States uint32_t lg_refcnt;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_sid_t *lg_machine_sid;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States} smb_localgrp_t;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic smb_localgrp_t smb_localgrp;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic boolean_t smb_lgrp_enter(void);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic void smb_lgrp_exit(void);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_db_init(void);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_gtbl_lookup(sqlite *, int, smb_group_t *, int, ...);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_gtbl_update(sqlite *, char *, smb_group_t *, int);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_gtbl_update_mlist(sqlite *, char *, smb_gsid_t *, int);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_gtbl_update_plist(sqlite *, char *, uint8_t, boolean_t);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_dtbl_insert(sqlite *, char *, uint32_t *);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2easstatic int smb_lgrp_dtbl_getidx(sqlite *, smb_sid_t *, uint16_t,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2easstatic int smb_lgrp_dtbl_getsid(sqlite *, uint32_t, smb_sid_t **);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_mlist_add(smb_lgmlist_t *, smb_lgmid_t *, smb_lgmlist_t *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_mlist_del(smb_lgmlist_t *, smb_lgmid_t *, smb_lgmlist_t *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_plist_add(smb_lgplist_t *, smb_lgpid_t, smb_lgplist_t *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_plist_del(smb_lgplist_t *, smb_lgpid_t, smb_lgplist_t *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic void smb_lgrp_encode_privset(smb_group_t *, smb_lgplist_t *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_decode(smb_group_t *, char **, int, sqlite *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_decode_privset(smb_group_t *, char *, char *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic int smb_lgrp_decode_members(smb_group_t *, char *, char *, sqlite *);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2easstatic int smb_lgrp_getsid(int, uint32_t *, uint16_t, sqlite *, smb_sid_t **);
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borregostatic int smb_lgrp_getgid(uint32_t rid, gid_t *gid);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wrightstatic int smb_lgrp_pgrp_add(char *);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_add
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Create a local group with the given name and comment.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * This new group doesn't have any members and no enabled
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * privileges.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * No well-known accounts can be added other than Administators,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Backup Operators and Power Users. These built-in groups
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * won't have any members when created but a set of default
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * privileges will be enabled for them.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((pxgrp = getgrnam(gname)) == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Make sure a local SID can be obtained
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (smb_idmap_getsid(pxgrp->gr_gid, SMB_IDMAP_GROUP, &sid)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States != IDMAP_SUCCESS) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_sid_indomain(smb_localgrp.lg_machine_sid, sid)) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States free(sid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States grp.sg_domain = SMB_DOMAIN_LOCAL;
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* cannot add well-known accounts */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((sid = smb_sid_fromstr(wka->wka_sid)) == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States grp.sg_domain = SMB_DOMAIN_BUILTIN;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (smb_lgrp_exists(grp.sg_name)) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as grp.sg_attr = SE_GROUP_MANDATORY | SE_GROUP_ENABLED_BY_DEFAULT |
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_rename
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Renames the given group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* Cannot rename well-known groups */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* Cannot rename to a well-known groups */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_update(db, gname, &grp, SMB_LGRP_GTBL_NAME);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_delete
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Deletes the specified local group.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* Cannot remove a built-in group */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_setcmnt
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Sets the description for the given group
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_update(db, gname, &grp, SMB_LGRP_GTBL_CMNT);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_getcmnt
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Obtain the description of the specified group
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_setpriv
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Enable/disable the specified privilge for the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_setpriv(char *gname, uint8_t priv_lid, boolean_t enable)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if ((priv_lid < SE_MIN_LUID) || (priv_lid > SE_MAX_LUID))
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_update_plist(db, gname, priv_lid, enable);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_getpriv
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Obtain the status of the specified privilge for the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_getpriv(char *gname, uint8_t priv_lid, boolean_t *enable)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if ((priv_lid < SE_MIN_LUID) || (priv_lid > SE_MAX_LUID))
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as *enable = (smb_privset_query(grp.sg_privs, priv_lid) == 1);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_add_member
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Add the given account to the specified group as its member.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eassmb_lgrp_add_member(char *gname, smb_sid_t *msid, uint16_t sid_type)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_update_mlist(db, gname, &mid, SMB_LGRP_DB_ADDMEMBER);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_del_member
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Delete the specified member from the given group.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eassmb_lgrp_del_member(char *gname, smb_sid_t *msid, uint16_t sid_type)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_update_mlist(db, gname, &mid, SMB_LGRP_DB_DELMEMBER);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_getbyname
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Retrieves the information of the group specified by
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the given name.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Note that this function doesn't allocate the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * structure itself only the fields, so the given grp
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * pointer has to point to a group structure.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Caller must free the allocated memories for the fields
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * by calling smb_lgrp_free().
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_getbyrid
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Retrieves the information of the group specified by
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the given RID and domain type.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Note that this function doesn't allocate the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * structure itself only the fields, so the given grp
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * pointer has to point to a group structure.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Caller must free the allocated memories for the fields
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * by calling smb_lgrp_free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * If grp is NULL no information would be returned. The
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * return value of SMB_LGRP_SUCCESS will indicate that a
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * group with the given information exists.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_getbyrid(uint32_t rid, smb_domain_type_t domtype, smb_group_t *grp)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_gtbl_lookup(db, SMB_LGRP_GTBL_SIDRID, grp, infolvl,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_numbydomain
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Returns the number of groups in the given domain in the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * arg 'count'
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_numbydomain(smb_domain_type_t dom_type, int *count)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States case SMB_DOMAIN_LOCAL:
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States case SMB_DOMAIN_BUILTIN:
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_free
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Frees the allocated memory for the fields of the given
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * group structure. Note that this function doesn't free
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the group itself.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_iteropen
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Initializes the given group iterator by opening
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the group database and creating a virtual machine
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * for iteration.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (sql == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_compile(iter->sgi_db, sql, NULL, &iter->sgi_vm, &errmsg);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_iterclose
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Closes the given group iterator.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States}
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States/*
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Returns B_TRUE if there has been an error during
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * iteration.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States */
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesboolean_t
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_itererror(smb_giter_t *iter)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States{
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (iter->sgi_nerr != 0);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_iterate
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Iterate through group database
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Group information is returned in provided group structure.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Note that this function doesn't allocate the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * structure itself only the fields, so the given grp
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * pointer has to point to a group structure.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Caller must free the allocated memories for the fields
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * by calling smb_lgrp_free().
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_lgrp_enter())
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_OFFLINE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States for (;;) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States bzero(grp, sizeof (smb_group_t));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States rc = sqlite_step(iter->sgi_vm, &ncol, &values, NULL);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc == SQLITE_DONE) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_NO_MORE);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc != SQLITE_ROW) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_DBEXEC_FAILED);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (ncol != SMB_LGRP_GTBL_NCOL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States for (i = 0; i < ncol; i++) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (values[i] == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (SMB_LGRP_DB_ERROR);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States rc = smb_lgrp_decode(grp, (char **)values, SMB_LGRP_INFO_ALL,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States iter->sgi_db);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc == SMB_LGRP_SUCCESS)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States break;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States iter->sgi_nerr++;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States syslog(LOG_ERR, "smb_lgrp_iterate: %s", smb_lgrp_strerror(rc));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_lgrp_exit();
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (rc);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_is_member
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Check to see if the specified account is a member of
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the given group.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (grp == NULL || grp->sg_members == NULL || sid == NULL)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_strerror
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Returns a text for the given group error code.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_strerror(int errnum)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int i;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int nerr = (sizeof (errtab) / sizeof (errtab[0]));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States for (i = 0; i < nerr; ++i) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (errnum == errtab[i].errnum)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (errtab[i].errmsg);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return ("unknown local group error");
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * smb_lgrp_err_to_ntstatus
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai * This routine maps Local group operation errors to NT Status error codes.
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_INVALID_ARG, NT_STATUS_INVALID_PARAMETER },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_INVALID_MEMBER, NT_STATUS_INVALID_MEMBER },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_INVALID_NAME, NT_STATUS_INVALID_PARAMETER },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_NOT_FOUND, NT_STATUS_NO_SUCH_ALIAS },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_NO_LOCAL_SID, NT_STATUS_INVALID_SID },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_SID_NOTLOCAL, NT_STATUS_INVALID_SID },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DB_ERROR, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DBINIT_ERROR, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_INTERNAL_ERROR, NT_STATUS_INTERNAL_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_MEMBER_IN_GROUP, NT_STATUS_MEMBER_IN_ALIAS },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_MEMBER_NOT_IN_GROUP, NT_STATUS_MEMBER_NOT_IN_ALIAS },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_NO_SUCH_PRIV, NT_STATUS_NO_SUCH_PRIVILEGE },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_NO_SUCH_DOMAIN, NT_STATUS_NO_SUCH_DOMAIN },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_PRIV_NOT_HELD, NT_STATUS_PRIVILEGE_NOT_HELD },
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright { SMB_LGRP_NO_MORE, NT_STATUS_NO_MORE_ENTRIES },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DBOPEN_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DBEXEC_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DBINIT_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DOMLKP_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DOMINS_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_INSERT_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_DELETE_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_UPDATE_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_LOOKUP_FAILED, NT_STATUS_INTERNAL_DB_ERROR },
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai { SMB_LGRP_NOT_SUPPORTED, NT_STATUS_NOT_SUPPORTED },
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright { SMB_LGRP_POSIXCREATE_FAILED, NT_STATUS_UNSUCCESSFUL }
c586600796766c83eb9485c446886fd9ed2359a9Keyur Desai for (i = 0; i < sizeof (err_map)/sizeof (err_map[0]); ++i) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_chkmember
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Determines valid account types for being member of
36a00406f380da1f3fd86e1a6af2de4d9f64633cGordon Ross * a local group. We really have no business trying to
36a00406f380da1f3fd86e1a6af2de4d9f64633cGordon Ross * keep track of the "type" of SIDs in a group, so just
36a00406f380da1f3fd86e1a6af2de4d9f64633cGordon Ross * validate that the SID type is a known enum value.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_start
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Initializes the library private global variables.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * Create the database, if it doesn't exist, and add
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States * the predefined builtin groups.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States static char *builtin[] = {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "Administrators",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "Backup Operators",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "Power Users"
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States };
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_wka_t *wka;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States char *localsid;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int i, rc;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States int ngrp = sizeof (builtin) / sizeof (builtin[0]);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_lock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((localsid = smb_config_get_localsid()) == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_machine_sid = smb_sid_fromstr(localsid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States free(localsid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_sid_isvalid(smb_localgrp.lg_machine_sid)) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States free(smb_localgrp.lg_machine_sid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_machine_sid = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States free(smb_localgrp.lg_machine_sid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_machine_sid = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_online = B_TRUE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as for (i = 0; i < ngrp; i++) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((wka = smb_wka_lookup_name(builtin[i])) == NULL)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_stop
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Unintialize the library global private variables.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_lock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_localgrp.lg_online)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_online = B_FALSE;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States while (smb_localgrp.lg_refcnt > 0)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) cond_wait(&smb_localgrp.lg_cv, &smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States free(smb_localgrp.lg_machine_sid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States smb_localgrp.lg_machine_sid = NULL;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States}
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic boolean_t
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_enter(void)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States{
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States boolean_t status;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_lock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States status = smb_localgrp.lg_online;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (smb_localgrp.lg_online)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States ++smb_localgrp.lg_refcnt;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (status);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States}
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statesstatic void
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United Statessmb_lgrp_exit(void)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States{
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_lock(&smb_localgrp.lg_mutex);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States assert(smb_localgrp.lg_refcnt > 0);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((--smb_localgrp.lg_refcnt) == 0)
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) cond_signal(&smb_localgrp.lg_cv);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (void) mutex_unlock(&smb_localgrp.lg_mutex);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_db_open
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Opens group database with the given mode.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (db);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_db_close
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Closes the given database handle
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic void
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_db_init
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Creates the group database based on the defined SQL statement.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * It also initializes db_info and domain tables.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as dbrc = sqlite_exec(db, "BEGIN TRANSACTION;", NULL, NULL, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as syslog(LOG_DEBUG, "failed to begin database transaction (%s)",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (sqlite_exec(db, SMB_LGRP_DB_SQL, NULL, NULL, &errmsg)) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * This is the normal situation: CREATE probably failed because
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * tables already exist. It may indicate an error in SQL as well
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * but we cannot tell.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as dbrc = sqlite_exec(db, "ROLLBACK TRANSACTION", NULL, NULL,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as dbrc = sqlite_exec(db, "ROLLBACK TRANSACTION", NULL, NULL,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* this is bad - database may be left in a locked state */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_lookup
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * This is a flexible lookup function for the group database.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * The key type can be specified by the 'key' arg and the actual key
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * values can be passed after the 'infolvl' arg. 'infolvl' arg specifies
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * what information items for the specified group is needed.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Note that the function assumes the given key is unique and only
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * specifies one or 0 group. The keys that are supported now are
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the group name and the group SID
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Note that this function doesn't allocate the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * structure itself only the fields, so the given grp
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * pointer has to point to a group structure.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Caller must free the allocated memories for the fields
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * by calling smb_lgrp_free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_gtbl_lookup(sqlite *db, int key, smb_group_t *grp, int infolvl, ...)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (key) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT * FROM groups WHERE name = '%s'",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States grpkey.sg_domain = va_arg(ap, smb_domain_type_t);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (grpkey.sg_domain == SMB_DOMAIN_LOCAL) {
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego /* need to map the given rid to a gid */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "WHERE (sid_idx = %d) AND (sid_rid = %u)",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as syslog(LOG_DEBUG, "failed to lookup (%s)", NULL_MSGCHK(errmsg));
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (nrow == 0) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* group not found */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_decode(grp, &result[SMB_LGRP_GTBL_NCOL], infolvl, db);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_exists
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Checks to see if the given group exists or not.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT name FROM groups WHERE name = '%s'",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (nrow != 0);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_count
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Counts the number of groups in the domain specified by
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * 'dom_idx'
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT sid_idx FROM groups WHERE sid_idx = %d",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as syslog(LOG_DEBUG, "failed to count (%s)", NULL_MSGCHK(errmsg));
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_insert
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Insert a record for the given group in the group database.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * NOTE: this function assumes that this group has no members
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * at this time.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States dom_idx = (grp->sg_domain == SMB_DOMAIN_LOCAL)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "(name, sid_idx, sid_rid, sid_type, sid_attrs, comment, "
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "n_privs, privs, n_members, members) "
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as "VALUES('%s', %u, %u, %u, %u, '%q', %u, '%q', %u, '%q')",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_delete
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Removes the specified group from the database
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("DELETE FROM groups WHERE name = '%s'", gname);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_update
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Updates the specified group information, the supported items
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * are group name and comment
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_gtbl_update(sqlite *db, char *gname, smb_group_t *grp, int col_id)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* UPDATE doesn't fail if gname doesn't exist */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (col_id) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_update_mlist
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Adds/removes the specified member from the member list of the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * given group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_gtbl_update_mlist(sqlite *db, char *gname, smb_gsid_t *member,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT n_members, members FROM groups "
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (nrow == 0) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* group not found */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_dtbl_getidx(db, member->gs_sid, mid.m_type,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (flags) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("UPDATE groups SET n_members = %u, members = '%s'"
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " WHERE name = '%s'", new_members.m_cnt, new_members.m_ids, gname);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_gtbl_update_plist
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Adds/removes the specified privilege from the privilege list of the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * given group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_gtbl_update_plist(sqlite *db, char *gname, uint8_t priv_id,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT n_privs, privs FROM groups "
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (nrow == 0) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* group not found */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("UPDATE groups SET n_privs = %u, privs = '%q'"
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as " WHERE name = '%s'", new_privs.p_cnt, (char *)new_privs.p_ids,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_dtbl_insert
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Inserts the specified domain SID in the dmain table.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Upon successful insert the index will be returned in
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * 'dom_idx' arg.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_dtbl_insert(sqlite *db, char *dom_sid, uint32_t *dom_idx)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("INSERT INTO domains (dom_sid, dom_cnt)"
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_dtbl_getidx
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Searches the domain table for the domain SID of the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * given member SID. If it finds the domain SID it'll
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * return the index and the RID, otherwise it'll insert
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * it in the domain table as a new SID.
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eassmb_lgrp_dtbl_getidx(sqlite *db, smb_sid_t *sid, uint16_t sid_type,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (smb_sid_indomain(smb_localgrp.lg_machine_sid, sid)) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* This is a local SID */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as if (smb_idmap_getid(sid, rid, &id_type) != IDMAP_SUCCESS)
7f667e74610492ddbce8ce60f52ece95d2401949jose borrego if ((dom_sid = smb_sid_split(sid, rid)) == NULL)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT dom_idx FROM domains WHERE dom_sid = '%s'",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (nrow) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as /* new domain SID; insert it into the domains table */
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_dtbl_getsid
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Searchs the domain table for the given domain index.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Converts the found domain SID to binary format and
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * returns it in the 'sid' arg.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Caller must free the returned SID by calling free().
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eassmb_lgrp_dtbl_getsid(sqlite *db, uint32_t dom_idx, smb_sid_t **sid)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("SELECT dom_sid FROM domains WHERE dom_idx = %u",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = sqlite_get_table(db, sql, &result, &nrow, &ncol, &errmsg);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as switch (nrow) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_db_setinfo
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Initializes the db_info table upon database creation.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as sql = sqlite_mprintf("INSERT INTO db_info (ver_major, ver_minor,"
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as syslog(LOG_DEBUG, "failed to insert database information (%s)",
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_mlist_add
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Adds the given member (newm) to the input member list (in_members)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * if it's not already there. The result list will be returned in
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * out_members. The caller must free the allocated memory for
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * out_members by calling free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * in_members and out_members are hex strings.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_mlist_add(smb_lgmlist_t *in_members, smb_lgmid_t *newm,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as mid_hexsz = bintohex((const char *)newm, sizeof (smb_lgmid_t),
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Check to see if this is already a group member
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as in_size = (in_members->m_ids) ? strlen(in_members->m_ids) : 0;
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_mlist_del
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Removes the given member (msid) from the input member list
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * (in_members) if it's already there. The result list will b
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * returned in out_members. The caller must free the allocated
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * memory for out_members by calling free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * in_members and out_members are hex strings.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_mlist_del(smb_lgmlist_t *in_members, smb_lgmid_t *mid,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as mid_hexsz = bintohex((const char *)mid, sizeof (smb_lgmid_t),
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_plist_add
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Adds the given privilege to the input list (in_privs)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * if it's not already there. The result list is returned
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * in out_privs. The caller must free the allocated memory
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * for out_privs by calling free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_plist_add(smb_lgplist_t *in_privs, smb_lgpid_t priv_id,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as bcopy(in_privs->p_ids, pbuf, in_privs->p_cnt * sizeof (smb_lgpid_t));
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_plist_del
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Removes the given privilege from the input list (in_privs)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * if it's already there. The result list is returned
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * in out_privs. The caller must free the allocated memory
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * for out_privs by calling free().
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_plist_del(smb_lgplist_t *in_privs, smb_lgpid_t priv_id,
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_encode_privset
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Encodes given privilege set into a buffer to be stored in the group
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * database. Each entry of the encoded buffer contains the privilege ID
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * of an enable privilege. The returned buffer is null-terminated.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic void
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_encode_privset(smb_group_t *grp, smb_lgplist_t *plist)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as bzero(plist->p_ids, sizeof (smb_lgpid_t) * plist->p_cnt);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_decode_privset
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Decodes the privilege information read from group table
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * (nprivs, privs) into a binray format specified by the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * privilege field of smb_group_t
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_decode_privset(smb_group_t *grp, char *nprivs, char *privs)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_decode_members
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Decodes the members information read from group table
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas * (nmembers, members) into a binary format specified by the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * member fields of smb_group_t
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_decode_members(smb_group_t *grp, char *nmembers, char *members,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States m_sids = calloc(m_num, sizeof (smb_gsid_t));
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as (void) hextobin(members, strlen(members), (char *)m_ids, mids_size);
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas rc = smb_lgrp_getsid(m_id->m_idx, &m_id->m_rid, m_id->m_type,
6537f381d2d9e7b4e2f7b29c3e7a3f13be036f2eas return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_decode
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Fills out the fields of the given group (grp) based in the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * string information read from the group table. infolvl determines
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * which fields are requested and need to be decoded.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Allocated memories must be freed by calling smb_lgrp_free()
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * upon successful return.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_decode(smb_group_t *grp, char **values, int infolvl, sqlite *db)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_getsid(sid_idx, &grp->sg_rid, grp->sg_id.gs_type,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States return (rc);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States ? SMB_DOMAIN_LOCAL : SMB_DOMAIN_BUILTIN;
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_decode_privset(grp, values[SMB_LGRP_GTBL_NPRIVS],
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as rc = smb_lgrp_decode_members(grp, values[SMB_LGRP_GTBL_NMEMBS],
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as return (rc);
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * smb_lgrp_normalize_name
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier * Trim whitespace, validate the group name and convert it to lowercase.
fe1c642d06e14b412cd83ae2179303186ab08972Bill Krier if (smb_name_validate_account(name) != ERROR_SUCCESS)
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_set_default_privs
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * set default privileges for Administrators and Backup Operators
dc20a3024900c47dd2ee44b9707e6df38f7d62a5asstatic void
bbf6f00c25b6a2bed23c35eac6d62998ecdb338cJordan Brown if (smb_strcasecmp(grp->sg_name, "Administrators", 0) == 0) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as smb_privset_enable(grp->sg_privs, SE_TAKE_OWNERSHIP_LUID);
bbf6f00c25b6a2bed23c35eac6d62998ecdb338cJordan Brown if (smb_strcasecmp(grp->sg_name, "Backup Operators", 0) == 0) {
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * smb_lgrp_getsid
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Returns a SID based on the provided information
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * If dom_idx is 0, it means 'rid' contains a UID/GID and the
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * returned SID will be a local SID. If dom_idx is not 0 then
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * the domain SID will be fetched from the domain table.
dc20a3024900c47dd2ee44b9707e6df38f7d62a5assmb_lgrp_getsid(int dom_idx, uint32_t *rid, uint16_t sid_type,
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States idmap_stat stat;
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States stat = smb_idmap_getsid(*rid, id_type, &res_sid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (stat != IDMAP_SUCCESS) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States syslog(LOG_ERR, "smb_lgrp_getsid: "
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "failed to get a SID for %s id=%u (%d)",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (id_type == SMB_IDMAP_USER) ? "user" : "group",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States *rid, stat);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
dc20a3024900c47dd2ee44b9707e6df38f7d62a5as * Make sure the returned SID is local
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (!smb_sid_indomain(smb_localgrp.lg_machine_sid, res_sid)) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States syslog(LOG_ERR, "smb_lgrp_getsid: "
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States "local %s (%u) is mapped to a non-local SID",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States (id_type == SMB_IDMAP_USER) ? "user" : "group",
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States *rid);
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (rc != SMB_LGRP_SUCCESS) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States syslog(LOG_ERR, "smb_lgrp_getsid: %s", smb_lgrp_strerror(rc));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if (res_sid == NULL) {
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States syslog(LOG_ERR, "smb_lgrp_getsid: %s", smb_lgrp_strerror(rc));
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States }
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego * smb_lgrp_getgid
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego * Converts given local RID to a local gid since for user
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego * defined local groups, gid is stored in the table.
9fb67ea305c66b6a297583b9b0db6796b0dfe497afshin salek ardakani - Sun Microsystems - Irvine United States if ((sid = smb_sid_splice(smb_localgrp.lg_machine_sid, rid)) == NULL)
c8ec8eea9849cac239663c46be8a7f5d2ba7ca00jose borrego return ((rc == IDMAP_SUCCESS) ? SMB_LGRP_SUCCESS : SMB_LGRP_NOT_FOUND);
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * smb_lgrp_exists
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * Returns B_TRUE if the local group with the given name exists.
29bd28862cfb8abbd3a0f0a4b17e08bbc3652836Alan Wright * Otherwise, returns B_FALSE.
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * smb_lgrp_pgrp_valid_gname
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * Validate posix group name string.
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright if ((len > SMB_LGRP_PGRP_MAXGLEN - 1) || (badchar != 0))
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * smb_lgrp_pgrp_add
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * Create a posix group with the given name.
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright * This group will be added to the /etc/group file.
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright if ((rc == SMB_LGRP_PGRP_INVALID) || (rc == SMB_LGRP_PGRP_NOTUNIQUE))
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
a7fe1d5bb55904d4c79638b8778bc9dd8ed7fd7bAndy Stormont if ((findnextgid(SMB_LGRP_PGRP_DEFRID, MAXUID, &gid)) != 0)
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright if ((etcgrp = fopen(SMB_LGRP_PGRP_GROUP, "r")) == NULL)
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright fchown(fileno(etctmp), sb.st_uid, sb.st_gid) != 0) {
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright while (fgets(buf, SMB_LGRP_PGRP_GRPBUFSIZ, etcgrp) != NULL) {
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright /* Check for NameService reference */
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright if (!newdone && (buf[0] == '+' || buf[0] == '-')) {
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright (void) fprintf(etctmp, "%s::%u:\n", group, gid);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright (void) fprintf(etctmp, "%s::%u:\n", group, gid);
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright if (rename(SMB_LGRP_PGRP_GRPTMP, SMB_LGRP_PGRP_GROUP) < 0) {
148c5f43199ca0b43fc8e3b643aab11cd66ea327Alan Wright return (-1);