On Sat, 2002-05-18 at 20:54, Andrew Bartlett wrote:
> > The patch and a sample module are attached. The tarball also includes a
> > readme, changelog, and a Makefile.
>
> This looks *much* better.
>
> I'm not sure on the 'reload' functionality, but I suppose its a good
> idea. Other than minor things like indenting, (Try 8-space tabs) I
> think this is well on its way to inclusion.
A new rev of the patch is out. Here is the changelog for this release.
winbindd: Fixed up formatting to get rid of 4-space tabs that existed
before. Builds off of today's SAMBA_2_2 branch.
winbindd: If idmap object is defined but fails to load, it no longer
reverts to sequential assignment
The patch, a sample module, changelog, and a readme are available at
http://www.cae.wisc.edu/~gerdts/samba/idmap_file-0.0.4.tar.gz
Enjoy!
Mike
Index: source/nsswitch/winbindd.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd.c,v
retrieving revision 1.3.2.29
diff -u -r1.3.2.29 winbindd.c
--- source/nsswitch/winbindd.c 8 May 2002 23:33:31 -0000 1.3.2.29
+++ source/nsswitch/winbindd.c 20 May 2002 17:23:17 -0000
@@ -66,6 +66,7 @@
}
load_interfaces();
+ load_idmap();
return(ret);
}
Index: source/nsswitch/winbindd.h
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd.h,v
retrieving revision 1.3.4.8
diff -u -r1.3.4.8 winbindd.h
--- source/nsswitch/winbindd.h 10 Apr 2002 00:40:10 -0000 1.3.4.8
+++ source/nsswitch/winbindd.h 20 May 2002 17:23:17 -0000
@@ -203,4 +203,15 @@
#define SETENV(name, value, overwrite) ;
#endif
+/* Required for the winbindd UID/GID mapping plugin */
+
+#define WINBINDD_IDMAP_INTERFACE_VERSION 0
+extern struct winbind_idmap_ops *idmap_ops;
+
+/* Functions for winbind plug-ins */
+
+struct winbind_idmap_ops {
+ BOOL (*allocate_id)(DOM_SID *sid, uid_t *id, BOOL isgroup);
+};
+
#endif /* _WINBINDD_H */
Index: source/nsswitch/winbindd_idmap.c
===================================================================
RCS file: /cvsroot/samba/source/nsswitch/winbindd_idmap.c,v
retrieving revision 1.3.4.13
diff -u -r1.3.4.13 winbindd_idmap.c
--- source/nsswitch/winbindd_idmap.c 27 Apr 2002 03:04:08 -0000 1.3.4.13
+++ source/nsswitch/winbindd_idmap.c 20 May 2002 17:23:17 -0000
@@ -34,11 +34,91 @@
static TDB_CONTEXT *idmap_tdb;
+struct winbind_idmap_ops *idmap_ops; /* idmap plug-in */
+
+/* (Re)load the id allocation plugin */
+
+BOOL load_idmap(void) {
+ BOOL rv;
+ struct winbind_idmap_ops* (*idmap_init)(int *);
+ static void *idmap_object = NULL;
+ char *libfile;
+ int idmap_version;
+
+ libfile = lp_winbind_idmap_object();
+
+ /* Disable any previously loaded idmap object */
+ if ( *libfile == '\0' ) {
+ DEBUG(5, ("No winbindd idmap object defined\n"));
+ rv = True;
+ goto bail;
+ }
+
+ /* if it was previously loaded, unload it before reloading */
+ /* TODO: determine if this is even a good thing to support */
+ if ( idmap_object != NULL ) {
+ sys_dlclose(idmap_object);
+ }
+
+ idmap_object = sys_dlopen(libfile, RTLD_NOW | RTLD_GLOBAL);
+ if ( idmap_object == NULL ) {
+ DEBUG(0, ("Error opening '%s': %s\n", libfile, sys_dlerror()));
+ rv = False;
+ goto bail;
+ }
+
+ idmap_init = sys_dlsym(idmap_object, "idmap_init");
+ if ( idmap_init == NULL ) {
+ DEBUG(0, ("No idmap_init() symbol found in %s\n", libfile));
+ rv = False;
+ goto bail;
+ }
+
+ if ( (idmap_ops = idmap_init(&idmap_version)) == NULL ) {
+ DEBUG(0, ("idmap_init function from %s failed\n", libfile));
+ rv = False;
+ goto bail;
+ }
+
+ if ( idmap_version != WINBINDD_IDMAP_INTERFACE_VERSION ) {
+ DEBUG(0, ("idmap_init returned wrong interface version info (was %d, should be %d)\n",
+ idmap_version, WINBINDD_IDMAP_INTERFACE_VERSION));
+ rv = False;
+ goto bail;
+ }
+
+ DEBUG(5, ("Loaded winbind idmap object '%s'\n", libfile));
+ DEBUG(5, ("idmap_ops->allocate_id is %sdefined\n",
+ idmap_ops->allocate_id ? "" : "NOT "));
+ return True;
+
+bail:
+ if ( idmap_object ) {
+ sys_dlclose(idmap_object);
+ idmap_object = NULL;
+ }
+ idmap_ops = NULL;
+ return rv;
+}
+
/* Allocate either a user or group id from the pool */
-static BOOL allocate_id(uid_t *id, BOOL isgroup)
+static BOOL allocate_id(DOM_SID *sid, uid_t *id, BOOL isgroup)
{
int hwm;
+ char *idmapfile;
+
+ if ( idmap_ops && idmap_ops->allocate_id ) {
+ DEBUG(4,("allocate_id using module '%s'\n",
+ lp_winbind_idmap_object()));
+ return(idmap_ops->allocate_id(sid, id, isgroup));
+ }
+
+ if ( *(lp_winbind_idmap_object()) ) {
+ DEBUG(0,("allocate_id configured to use idmap module, but "
+ "module failed to load\n"));
+ return(False);
+ }
/* Get current high water mark */
@@ -105,7 +185,7 @@
/* Allocate a new id for this sid */
- if (id && allocate_id(id, isgroup)) {
+ if (id && allocate_id(sid, id, isgroup)) {
fstring keystr2;
/* Store new id */
Index: source/param/loadparm.c
===================================================================
RCS file: /cvsroot/samba/source/param/loadparm.c,v
retrieving revision 1.251.2.106
diff -u -r1.251.2.106 loadparm.c
--- source/param/loadparm.c 14 May 2002 14:02:57 -0000 1.251.2.106
+++ source/param/loadparm.c 20 May 2002 17:23:18 -0000
@@ -169,6 +169,7 @@
char *szTemplateHomedir;
char *szTemplateShell;
char *szWinbindSeparator;
+ char *szWinbindIdMapObject;
BOOL bWinbindEnumUsers;
BOOL bWinbindEnumGroups;
BOOL bWinbindUseDefaultDomain;
@@ -554,6 +555,7 @@
static BOOL handle_netbios_name(char *pszParmValue, char **ptr);
static BOOL handle_winbind_uid(char *pszParmValue, char **ptr);
static BOOL handle_winbind_gid(char *pszParmValue, char **ptr);
+static BOOL handle_winbind_idmap_object(char *pszParmValue, char **ptr);
static BOOL handle_wins_server_list(char *pszParmValue, char **ptr);
static BOOL handle_debug_list( char *pszParmValue, char **ptr );
@@ -1098,6 +1100,7 @@
{"winbind enum users", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumUsers, NULL, NULL, 0},
{"winbind enum groups", P_BOOL, P_GLOBAL, &Globals.bWinbindEnumGroups, NULL, NULL, 0},
{"winbind use default domain", P_BOOL, P_GLOBAL, &Globals.bWinbindUseDefaultDomain, NULL, NULL, 0},
+ {"winbind idmap object", P_STRING, P_GLOBAL, &Globals.szWinbindIdMapObject, handle_winbind_idmap_object, NULL, 0},
{NULL, P_BOOL, P_NONE, NULL, NULL, NULL, 0}
};
@@ -1431,6 +1434,7 @@
Globals.bWinbindEnumUsers = True;
Globals.bWinbindEnumGroups = True;
Globals.bWinbindUseDefaultDomain = False;
+ string_set(&Globals.szWinbindIdMapObject, "");
Globals.bHostMSDfs = False;
@@ -1570,6 +1574,7 @@
FN_GLOBAL_BOOL(lp_winbind_enum_users, &Globals.bWinbindEnumUsers)
FN_GLOBAL_BOOL(lp_winbind_enum_groups, &Globals.bWinbindEnumGroups)
FN_GLOBAL_BOOL(lp_winbind_use_default_domain, &Globals.bWinbindUseDefaultDomain)
+FN_GLOBAL_STRING(lp_winbind_idmap_object, &Globals.szWinbindIdMapObject)
FN_GLOBAL_STRING(lp_codepagedir,&Globals.szCodePageDir)
#ifdef WITH_LDAP_SAM
FN_GLOBAL_STRING(lp_ldap_server, &Globals.szLdapServer)
@@ -2649,6 +2654,23 @@
winbind_gid_low = low;
winbind_gid_high = high;
+ return True;
+}
+
+static BOOL handle_winbind_idmap_object( char *pszParmValue, char **ptr )
+{
+ void *dl_handle;
+
+ if ( (dl_handle = sys_dlopen(pszParmValue, RTLD_NOW | RTLD_GLOBAL))
+ == NULL ) {
+ DEBUG(0, ("Error opening '%s': %s\n", pszParmValue,
+ sys_dlerror()));
+ string_set(ptr, pszParmValue);
+ return False;
+ }
+ sys_dlclose(dl_handle);
+
+ string_set(ptr, pszParmValue);
return True;
}
