Hi! This patch adds a pdb_unix password database. It's just a wrapper for getpwnam. Users retrieved with this database can not login (there is no lm_pw and nt_pw specified in unix..).
The use of this pdb would be that files on the samba server owned by users not in the samba database can be displayed under windows too! example: passdb backend = tdbsam plugin:pdb_mysql.so:user:pass@host/db unixsam I think this should be a pdb module because that makes it more flexible and easier to understand. pdb_unix.so currently maps uid's to rid's using the fallback_uid_to_user_rid and fallback_user_rid_to_uid functions (same as used by pdb_smbpasswd), but can be easily extended to use a different uid->rid/sid and sid/rid->uid mapping (such as the one proposed by idra). Jelmer -- Jelmer Vernooij <[EMAIL PROTECTED]> - http://nl.linux.org/~jelmer/ Development And Underdevelopment: http://library.thinkquest.org/C0110231/ Listening to Radio 3FM 17:02:07 up 4:08, 8 users, load average: 2.10, 1.80, 1.58
? pdb_unix.diff
? pdbedit-sun.diff
? source/passdb/pdb_unix.c
Index: docs/docbook/manpages/pdbedit.8.sgml
===================================================================
RCS file: /cvsroot/samba/docs/docbook/manpages/pdbedit.8.sgml,v
retrieving revision 1.3
diff -u -3 -p -r1.3 pdbedit.8.sgml
--- docs/docbook/manpages/pdbedit.8.sgml 8 Jan 2002 22:53:58 -0000 1.3
+++ docs/docbook/manpages/pdbedit.8.sgml 14 Apr 2002 16:34:12 -0000
@@ -27,7 +27,9 @@
<arg choice="opt">-a</arg>
<arg choice="opt">-m</arg>
<arg choice="opt">-x</arg>
- <arg choice="opt">-i file</arg>
+ <arg choice="opt">-i passdb-backend</arg>
+ <arg choice="opt">-e passdb-backend</arg>
+ <arg choice="opt">-D debuglevel</arg>
</cmdsynopsis>
</refsynopsisdiv>
@@ -233,16 +235,24 @@
<varlistentry>
- <term>-i file</term>
- <listitem><para>This command is used to import a smbpasswd
- file into the database.</para>
-
- <para>This option will ease migration from the plain smbpasswd
- file database to more powerful backend databases like tdb and
- ldap.</para>
+ <term>-i passdb-backend</term>
+ <listitem><para>Use a different passdb backend to retrieve users than
+the one specified in smb.conf.</para>
- <para>Example: <command>pdbedit -i /etc/smbpasswd.old</command>
+ <para>This option will ease migration from one passdb backend to
+another.
</para>
+
+ <para>Example: <command>pdbedit -i smbpasswd:/etc/smbpasswd.old -e
+tdbsam:/etc/samba/passwd.tdb</command>
+ </para>
+ </listitem>
+ </varlistentry>
+
+ <varlistentry>
+ <term>-e passdb-backend</term>
+ <listitem><para>Export all currently available users to the specified
+password database backend.</para>
+
+ <para>This option will ease migration from one passdb backend to
+another and will ease backupping</para>
+
+ <para>Example: <command>pdbedit -e
+smbpasswd:/root/samba-users.backup</command></para>
</listitem>
</varlistentry>
</variablelist>
Index: docs/docbook/manpages/smb.conf.5.sgml
===================================================================
RCS file: /cvsroot/samba/docs/docbook/manpages/smb.conf.5.sgml,v
retrieving revision 1.28
diff -u -3 -p -r1.28 smb.conf.5.sgml
--- docs/docbook/manpages/smb.conf.5.sgml 13 Apr 2002 22:52:28 -0000 1.28
+++ docs/docbook/manpages/smb.conf.5.sgml 14 Apr 2002 16:34:18 -0000
@@ -5136,7 +5136,14 @@
<para>Any characters after the (optional) second : are passed
to the plugin
for its own processing</para>
</listitem>
-
+
+
+<listitem><para><command>unixsam</command> - Allows samba to map all (other)
+available unix users</para>
+
+ <para>This backend uses the standard
+unix database for retrieving users. Users included in this pdb are NOT listed in
+samba user listings and users included in this pdb won't be able to login. The use of
+this backend is to always be able to display the owner of a file on the samba server
+- even when the user doesn't have a 'real' samba account in one of the other passdb
+backends.
+ </para>
+
+ <para>This backend should always be
+the last backend listed, since it contains all users in the unix passdb and might
+'override' mappings if specified earlier. It's meant to only return accounts for
+users that aren't covered by the previous backends.</para>
+ </listitem>
</itemizedlist>
</para>
Index: source/Makefile.in
===================================================================
RCS file: /cvsroot/samba/source/Makefile.in,v
retrieving revision 1.470
diff -u -3 -p -r1.470 Makefile.in
--- source/Makefile.in 13 Apr 2002 11:45:33 -0000 1.470
+++ source/Makefile.in 14 Apr 2002 16:34:19 -0000
@@ -190,7 +190,7 @@ RPC_CLIENT_OBJ = rpc_client/cli_netlogon
LOCKING_OBJ = locking/locking.o locking/brlock.o locking/posix.o
PASSDB_OBJ = passdb/passdb.o passdb/pdb_interface.o passdb/pdb_get_set.o \
- passdb/machine_sid.o passdb/pdb_smbpasswd.o \
+ passdb/machine_sid.o passdb/pdb_smbpasswd.o passdb/pdb_unix.o \
passdb/pdb_tdb.o passdb/pdb_ldap.o passdb/pdb_plugin.o \
passdb/pdb_nisplus.o
Index: source/passdb/pdb_interface.c
===================================================================
RCS file: /cvsroot/samba/source/passdb/pdb_interface.c,v
retrieving revision 1.12
diff -u -3 -p -r1.12 pdb_interface.c
--- source/passdb/pdb_interface.c 13 Apr 2002 09:35:51 -0000 1.12
+++ source/passdb/pdb_interface.c 14 Apr 2002 16:34:20 -0000
@@ -30,6 +30,7 @@ const struct pdb_init_function_entry bui
{ "tdbsam_nua", pdb_init_tdbsam_nua },
{ "ldapsam", pdb_init_ldapsam },
{ "ldapsam_nua", pdb_init_ldapsam_nua },
+ { "unixsam", pdb_init_unixsam },
{ "plugin", pdb_init_plugin },
{ NULL, NULL}
};
Index: source/utils/pdbedit.c
===================================================================
RCS file: /cvsroot/samba/source/utils/pdbedit.c,v
retrieving revision 1.41
diff -u -3 -p -r1.41 pdbedit.c
--- source/utils/pdbedit.c 13 Apr 2002 10:32:09 -0000 1.41
+++ source/utils/pdbedit.c 14 Apr 2002 16:34:20 -0000
@@ -26,6 +26,25 @@
extern pstring global_myname;
extern BOOL AllowDebugChange;
+/* These are globals to prevent errors on sun machines */
+BOOL list_users = False;
+BOOL verbose = False;
+BOOL spstyle = False;
+BOOL setparms = False;
+BOOL machine = False;
+BOOL add_user = False;
+BOOL delete_user = False;
+BOOL import = False;
+int opt;
+char *full_name = NULL;
+char *user_name = NULL;
+char *home_dir = NULL;
+char *home_drive = NULL;
+char *backend_in = NULL;
+char *backend_out = NULL;
+char *logon_script = NULL;
+char *profile_path = NULL;
+
/*********************************************************
Add all currently available users to another db
********************************************************/
@@ -395,23 +414,6 @@ static int delete_machine_entry (struct
int main (int argc, char **argv)
{
struct pdb_context *in;
- BOOL list_users = False;
- BOOL verbose = False;
- BOOL spstyle = False;
- BOOL setparms = False;
- BOOL machine = False;
- BOOL add_user = False;
- BOOL delete_user = False;
- BOOL import = False;
- int opt;
- char *full_name = NULL;
- char *user_name = NULL;
- char *home_dir = NULL;
- char *home_drive = NULL;
- char *backend_in = NULL;
- char *backend_out = NULL;
- char *logon_script = NULL;
- char *profile_path = NULL;
poptContext pc;
struct poptOption long_options[] = {
POPT_AUTOHELP
/*
* Unix password backend for samba
* Copyright (C) Jelmer Vernooij 2002
*
* This program is free software; you can redistribute it and/or modify it under
* the terms of the GNU General Public License as published by the Free
* Software Foundation; either version 2 of the License, or (at your option)
* any later version.
*
* This program is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
* more details.
*
* You should have received a copy of the GNU General Public License along with
* this program; if not, write to the Free Software Foundation, Inc., 675
* Mass Ave, Cambridge, MA 02139, USA.
*/
#include "includes.h"
#include <stdio.h>
#include <stdarg.h>
#include <stdlib.h>
#include <string.h>
static BOOL unix_to_sam(struct passwd *unix_pw, SAM_ACCOUNT *sam){
if(unix_pw == NULL){
DEBUG(5,("User not found\n"));
return False;
}
pdb_set_username(sam, unix_pw->pw_name);
pdb_set_nt_username(sam, unix_pw->pw_name);
pdb_set_fullname(sam, unix_pw->pw_gecos);
pdb_set_homedir(sam, unix_pw->pw_dir, True);
pdb_set_uid(sam, unix_pw->pw_uid);
pdb_set_gid(sam, unix_pw->pw_gid);
pdb_set_user_rid(sam, fallback_pdb_uid_to_user_rid (unix_pw->pw_uid));
pdb_set_group_rid (sam, DOMAIN_GROUP_RID_USERS);
pdb_set_domain (sam, lp_workgroup());
/* No need to set any other variables */
return True;
}
static BOOL unixsam_setsampwent(struct pdb_methods *methods, BOOL update)
{
/* We don't support this function
* It would cause duplicates because the users in this db
* could also be in the other pdb's loaded (and this pdb plugin
* can't be used stand-alone)
* */
return False;
}
/***************************************************************
End enumeration of the passwd list.
****************************************************************/
static void unixsam_endsampwent(struct pdb_methods *methods)
{ }
/*****************************************************************
Get one SAM_ACCOUNT from the list (next in line)
*****************************************************************/
static BOOL unixsam_getsampwent(struct pdb_methods *methods, SAM_ACCOUNT *user)
{
/* We don't support getent's because of duplicates */
return False;
}
/******************************************************************
Lookup a name in the SAM database
******************************************************************/
static BOOL unixsam_getsampwnam (struct pdb_methods *methods, SAM_ACCOUNT *user, const char *sname)
{
struct passwd *pass;
if(!methods){
DEBUG(0,("invalid methods\n"));
return False;
}
if(!sname){
DEBUG(0,("invalid name specified"));
return False;
}
pass = sys_getpwnam(sname);
return unix_to_sam(pass, user);
}
/***************************************************************************
Search by rid
**************************************************************************/
static BOOL unixsam_getsampwrid (struct pdb_methods *methods, SAM_ACCOUNT *user, uint32 rid)
{
struct passwd *pass;
if(!methods){
DEBUG(0,("invalid methods\n"));
return False;
}
pass = sys_getpwuid(fallback_pdb_user_rid_to_uid (rid));
return unix_to_sam(pass, user);
}
/***************************************************************************
Delete a SAM_ACCOUNT
****************************************************************************/
static BOOL unixsam_delete_sam_account(struct pdb_methods *methods, const SAM_ACCOUNT *sam_pass)
{
/* Unsupported as well - we don't need to get involved in
* unix passdb's - and hey, we would need to use pam for that anyway */
return False;
}
/***************************************************************************
Modifies an existing SAM_ACCOUNT
****************************************************************************/
static BOOL unixsam_update_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
{
return False;
}
/***************************************************************************
Adds an existing SAM_ACCOUNT
****************************************************************************/
static BOOL unixsam_add_sam_account (struct pdb_methods *methods, const SAM_ACCOUNT *newpwd)
{
DEBUG(0,("pdb_unix should not be listed as the first passdb backend! You can't add users to it.\n"));
return False;
}
NTSTATUS pdb_init_unixsam(PDB_CONTEXT *pdb_context, PDB_METHODS **pdb_method, const char *location)
{
NTSTATUS nt_status;
if (!pdb_context){
DEBUG(0,("invalid pdb_context specified\n"));
return NT_STATUS_UNSUCCESSFUL;
}
if (!NT_STATUS_IS_OK(
nt_status = make_pdb_methods(pdb_context->mem_ctx, pdb_method))) {
return nt_status;
}
(*pdb_method)->name = "unixsam";
(*pdb_method)->setsampwent = unixsam_setsampwent;
(*pdb_method)->endsampwent = unixsam_endsampwent;
(*pdb_method)->getsampwent = unixsam_getsampwent;
(*pdb_method)->getsampwnam = unixsam_getsampwnam;
(*pdb_method)->getsampwrid = unixsam_getsampwrid;
(*pdb_method)->add_sam_account = unixsam_add_sam_account;
(*pdb_method)->update_sam_account = unixsam_update_sam_account;
(*pdb_method)->delete_sam_account = unixsam_delete_sam_account;
/* There's not very much to initialise here */
return NT_STATUS_OK;
}
msg00199/pgp00000.pgp
Description: PGP signature
