diff options
author | cvs2svn Import User <samba-bugs@samba.org> | 2001-10-10 17:04:24 +0000 |
---|---|---|
committer | cvs2svn Import User <samba-bugs@samba.org> | 2001-10-10 17:04:24 +0000 |
commit | 8d4870bccd026d059c160de3642bb427338256ec (patch) | |
tree | 0e96f4ea88ad27caef33451c52f7d1c0c43b9f6a /source/utils | |
parent | 155c3073b178a9bcfee942807c4a98f8b1a1bfde (diff) | |
parent | 96c9df577bcffeec1b7d516a5431e54e679bd6b4 (diff) | |
download | samba-8d4870bccd026d059c160de3642bb427338256ec.tar.gz |
This commit was manufactured by cvs2svn to create branch
'SAMBA_2_2_RELEASE'.
Diffstat (limited to 'source/utils')
-rw-r--r-- | source/utils/pdbedit.c | 709 |
1 files changed, 709 insertions, 0 deletions
diff --git a/source/utils/pdbedit.c b/source/utils/pdbedit.c new file mode 100644 index 00000000000..6e7458fb4e9 --- /dev/null +++ b/source/utils/pdbedit.c @@ -0,0 +1,709 @@ +/* + Unix SMB/Netbios implementation. + passdb editing frontend + Version 3.0 + + Copyright (C) Simo Sorce 2000 + Copyright (C) Andrew Bartlett 2001 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. +*/ + +/* base uid for trust accounts is set to 60000 ! + * May be we should add the defines in smb.h to make it possible having + * different values on different platforms? + */ + +#define BASE_MACHINE_UID 60000 +#define MAX_MACHINE_UID 65500 /* 5500 trust accounts aren't enough? */ + +#include "includes.h" + +extern pstring global_myname; + +/* + * Next two lines needed for SunOS and don't + * hurt anything else... + */ +extern char *optarg; +extern int optind; + +/********************************************************* + Print command usage on stderr and die. +**********************************************************/ +static void usage(void) +{ + if (getuid() == 0) { + printf("tdbedit options\n"); + } else { + printf("You need to be root to use this tool!\n"); + } + printf("(actually to add a user you need to use smbpasswd)\n"); + printf("options:\n"); + printf(" -l list usernames\n"); + printf(" -v verbose output\n"); + printf(" -w smbpasswd file style\n"); + printf(" -u username print user's info\n"); + printf(" -f fullname set Full Name\n"); + printf(" -h homedir set home directory\n"); + printf(" -d drive set home dir drive\n"); + printf(" -s script set logon script\n"); + printf(" -p profile set profile path\n"); + printf(" -a create new account\n"); + printf(" -m it is a machine trust\n"); + printf(" -x delete this user\n"); + printf(" -i file import account from file (smbpasswd style)\n"); + exit(1); +} + +/********************************************************* + Print info from sam structure +**********************************************************/ + +static int print_sam_info (SAM_ACCOUNT *sam_pwent, BOOL verbosity, BOOL smbpwdstyle) +{ + /* TODO: chaeck if entry is a user or a workstation */ + if (!sam_pwent) return -1; + + if (verbosity) { + printf ("username: %s\n", sam_pwent->username); + printf ("user ID/Group: %d/%d\n", sam_pwent->uid, + sam_pwent->gid); + printf ("user RID/GRID: %d/%d\n", sam_pwent->user_rid, + sam_pwent->group_rid); + printf ("Full Name: %s\n", sam_pwent->full_name); + printf ("Home Directory: %s\n", sam_pwent->home_dir); + printf ("HomeDir Drive: %s\n", sam_pwent->dir_drive); + printf ("Logon Script: %s\n", sam_pwent->logon_script); + printf ("Profile Path: %s\n", sam_pwent->profile_path); + } else if (smbpwdstyle) { + char lm_passwd[33]; + char nt_passwd[33]; + pdb_sethexpwd(lm_passwd, + pdb_get_lanman_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + pdb_sethexpwd(nt_passwd, + pdb_get_nt_passwd(sam_pwent), + pdb_get_acct_ctrl(sam_pwent)); + + printf("%s:%d:%s:%s:%s:LCT-%08X:\n", + pdb_get_username(sam_pwent), + pdb_get_uid(sam_pwent), + lm_passwd, + nt_passwd, + pdb_encode_acct_ctrl(pdb_get_acct_ctrl(sam_pwent),NEW_PW_FORMAT_SPACE_PADDED_LEN), + (uint32)pdb_get_pass_last_set_time(sam_pwent)); + } else { + printf ("%s:%d:%s\n", sam_pwent->username, sam_pwent->uid, sam_pwent->full_name); + } + + return 0; +} + +/********************************************************* + Get an Print User Info +**********************************************************/ + +static int print_user_info (char *username, BOOL verbosity, BOOL smbpwdstyle) +{ + SAM_ACCOUNT *sam_pwent=NULL; + BOOL ret; + + pdb_init_sam(&sam_pwent); + + ret = pdb_getsampwnam (sam_pwent, username); + + if (ret==False) { + fprintf (stderr, "Username not found!\n"); + pdb_free_sam(&sam_pwent); + return -1; + } + + ret=print_sam_info (sam_pwent, verbosity, smbpwdstyle); + pdb_free_sam(&sam_pwent); + + return ret; +} + +/********************************************************* + List Users +**********************************************************/ +static int print_users_list (BOOL verbosity, BOOL smbpwdstyle) +{ + SAM_ACCOUNT *sam_pwent=NULL; + BOOL ret; + + pdb_init_sam(&sam_pwent); + + ret = pdb_setsampwent(False); + if (ret && errno == ENOENT) { + fprintf (stderr,"Password database not found!\n"); + pdb_free_sam(&sam_pwent); + exit(1); + } + + while ((ret = pdb_getsampwent (sam_pwent))) { + if (verbosity) + printf ("---------------\n"); + print_sam_info (sam_pwent, verbosity, smbpwdstyle); + pdb_reset_sam(sam_pwent); + } + + pdb_endsampwent (); + pdb_free_sam(&sam_pwent); + return 0; +} + +/********************************************************* + Set User Info +**********************************************************/ + +static int set_user_info (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +{ + SAM_ACCOUNT *sam_pwent=NULL; + BOOL ret; + + pdb_init_sam(&sam_pwent); + + ret = pdb_getsampwnam (sam_pwent, username); + if (ret==False) { + fprintf (stderr, "Username not found!\n"); + pdb_free_sam(&sam_pwent); + return -1; + } + + if (fullname) + pdb_set_fullname(sam_pwent, fullname); + if (homedir) + pdb_set_homedir(sam_pwent, homedir); + if (drive) + pdb_set_dir_drive(sam_pwent,drive); + if (script) + pdb_set_logon_script(sam_pwent, script); + if (profile) + pdb_set_profile_path (sam_pwent, profile); + + if (pdb_update_sam_account (sam_pwent, True)) + print_user_info (username, True, False); + else { + fprintf (stderr, "Unable to modify entry!\n"); + pdb_free_sam(&sam_pwent); + return -1; + } + pdb_free_sam(&sam_pwent); + return 0; +} + +/********************************************************* + Add New User +**********************************************************/ +static int new_user (char *username, char *fullname, char *homedir, char *drive, char *script, char *profile) +{ + SAM_ACCOUNT *sam_pwent=NULL; + struct passwd *pwd = NULL; + char *password1, *password2; + + ZERO_STRUCT(sam_pwent); + + pdb_init_sam (&sam_pwent); + + if (!(pwd = sys_getpwnam(username))) { + fprintf (stderr, "User %s does not exist in system passwd!\n", username); + pdb_free_sam (&sam_pwent); + return -1; + } + + password1 = getpass("new password:"); + password2 = getpass("retype new password:"); + if (strcmp (password1, password2)) { + fprintf (stderr, "Passwords does not match!\n"); + pdb_free_sam (&sam_pwent); + return -1; + } + + pdb_set_plaintext_passwd(sam_pwent, password1); + + pdb_set_username(sam_pwent, username); + if (fullname) + pdb_set_fullname(sam_pwent, fullname); + if (homedir) + pdb_set_homedir (sam_pwent, homedir); + if (drive) + pdb_set_dir_drive (sam_pwent, drive); + if (script) + pdb_set_logon_script(sam_pwent, script); + if (profile) + pdb_set_profile_path (sam_pwent, profile); + + /* TODO: Check uid not being in MACHINE UID range!! */ + pdb_set_uid (sam_pwent, pwd->pw_uid); + pdb_set_gid (sam_pwent, pwd->pw_gid); + pdb_set_user_rid (sam_pwent, pdb_uid_to_user_rid (pwd->pw_uid)); + pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (pwd->pw_gid)); + + pdb_set_acct_ctrl (sam_pwent, ACB_NORMAL); + + if (pdb_add_sam_account (sam_pwent)) { + print_user_info (username, True, False); + } else { + fprintf (stderr, "Unable to add user! (does it alredy exist?)\n"); + pdb_free_sam (&sam_pwent); + return -1; + } + pdb_free_sam (&sam_pwent); + return 0; +} + +/********************************************************* + Add New Machine +**********************************************************/ + +static int new_machine (char *machinename) +{ + SAM_ACCOUNT *sam_pwent=NULL; + SAM_ACCOUNT *sam_trust=NULL; + char name[16]; + char *password = NULL; + uid_t uid; + + pdb_init_sam (&sam_pwent); + + if (machinename[strlen (machinename) -1] == '$') + machinename[strlen (machinename) -1] = '\0'; + + safe_strcpy (name, machinename, 16); + safe_strcat (name, "$", 16); + + string_set (&password, machinename); + strlower_m(password); + + pdb_set_plaintext_passwd (sam_pwent, password); + + pdb_set_username (sam_pwent, name); + + for (uid=BASE_MACHINE_UID; uid<=MAX_MACHINE_UID; uid++) { + pdb_init_sam (&sam_trust); + if (pdb_getsampwuid (sam_trust, uid)) { + pdb_free_sam (&sam_trust); + } else { + break; + } + } + + if (uid>MAX_MACHINE_UID) { + fprintf (stderr, "No more free UIDs available to Machine accounts!\n"); + pdb_free_sam(&sam_pwent); + return -1; + } + + pdb_set_uid (sam_pwent, uid); + pdb_set_gid (sam_pwent, BASE_MACHINE_UID); /* TODO: set there more appropriate value!! */ + pdb_set_user_rid (sam_pwent,pdb_uid_to_user_rid (uid)); + pdb_set_group_rid (sam_pwent, pdb_gid_to_group_rid (BASE_MACHINE_UID)); + pdb_set_acct_ctrl (sam_pwent, ACB_WSTRUST); + + if (pdb_add_sam_account (sam_pwent)) { + print_user_info (name, True, False); + } else { + fprintf (stderr, "Unable to add machine! (does it already exist?)\n"); + pdb_free_sam (&sam_pwent); + return -1; + } + pdb_free_sam (&sam_pwent); + return 0; +} + +/********************************************************* + Delete user entry +**********************************************************/ + +static int delete_user_entry (char *username) +{ + return pdb_delete_sam_account (username); +} + +/********************************************************* + Delete machine entry +**********************************************************/ + +static int delete_machine_entry (char *machinename) +{ + char name[16]; + + safe_strcpy (name, machinename, 16); + if (name[strlen(name)] != '$') + safe_strcat (name, "$", 16); + return pdb_delete_sam_account (name); +} + +/********************************************************* + Import smbpasswd style file +**********************************************************/ + +static int import_users (char *filename) +{ + FILE *fp = NULL; + SAM_ACCOUNT *sam_pwent = NULL; + static pstring user_name; + static unsigned char smbpwd[16]; + static unsigned char smbntpwd[16]; + char linebuf[256]; + size_t linebuf_len; + unsigned char c; + unsigned char *p; + long uidval; + int line = 0; + int good = 0; + + if (!pdb_init_sam (&sam_pwent)) { + fprintf (stderr, "pdb_init_sam FAILED!\n"); + } + + if((fp = sys_fopen(filename, "rb")) == NULL) { + fprintf (stderr, "%s\n", strerror (ferror (fp))); + return -1; + } + + while (!feof(fp)) { + /*Get a new line*/ + linebuf[0] = '\0'; + fgets(linebuf, 256, fp); + if (ferror(fp)) { + fprintf (stderr, "%s\n", strerror (ferror (fp))); + pdb_free_sam(&sam_pwent); + return -1; + } + if ((linebuf_len = strlen(linebuf)) == 0) { + line++; + continue; + } + if (linebuf[linebuf_len - 1] != '\n') { + c = '\0'; + while (!ferror(fp) && !feof(fp)) { + c = fgetc(fp); + if (c == '\n') break; + } + } else + linebuf[linebuf_len - 1] = '\0'; + linebuf[linebuf_len] = '\0'; + if ((linebuf[0] == 0) && feof(fp)) { + /*end of file!!*/ + pdb_free_sam(&sam_pwent); + return 0; + } + line++; + if (linebuf[0] == '#' || linebuf[0] == '\0') + continue; + + pdb_set_acct_ctrl (sam_pwent,ACB_NORMAL); + + /* Get user name */ + p = (unsigned char *) strchr_m(linebuf, ':'); + if (p == NULL) { + fprintf (stderr, "Error: malformed password entry at line %d !!\n", line); + pdb_reset_sam (sam_pwent); + continue; + } + strncpy(user_name, linebuf, PTR_DIFF(p, linebuf)); + user_name[PTR_DIFF(p, linebuf)] = '\0'; + + /* Get smb uid. */ + p++; + if(*p == '-') { + fprintf (stderr, "Error: negative uid at line %d\n", line); + pdb_reset_sam (sam_pwent); + continue; + } + if (!isdigit(*p)) { + fprintf (stderr, "Error: malformed password entry at line %d (uid not number)\n", line); + pdb_reset_sam (sam_pwent); + continue; + } + uidval = atoi((char *) p); + while (*p && isdigit(*p)) p++; + if (*p != ':') { + fprintf (stderr, "Error: malformed password entry at line %d (no : after uid)\n", line); + pdb_reset_sam (sam_pwent); + continue; + } + + pdb_set_username(sam_pwent, user_name); + pdb_set_uid (sam_pwent, uidval); + + /* Get passwords */ + p++; + if (*p == '*' || *p == 'X') { + /* Password deliberately invalid */ + fprintf (stderr, "Warning: entry invalidated for user %s\n", user_name); + pdb_set_lanman_passwd(sam_pwent, NULL); + pdb_set_nt_passwd(sam_pwent,NULL); + pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_DISABLED); + } else { + if (linebuf_len < (PTR_DIFF(p, linebuf) + 33)) { + fprintf (stderr, "Error: malformed password entry at line %d (password too short)\n",line); + pdb_reset_sam (sam_pwent); + continue; + } + if (p[32] != ':') { + fprintf (stderr, "Error: malformed password entry at line %d (no terminating :)\n",line); + pdb_reset_sam (sam_pwent); + continue; + } + if (!strncasecmp((char *) p, "NO PASSWORD", 11)) { + pdb_set_lanman_passwd(sam_pwent, NULL); + pdb_set_acct_ctrl(sam_pwent, pdb_get_acct_ctrl(sam_pwent) | ACB_PWNOTREQ); + } else { + if (!pdb_gethexpwd((char *)p, smbpwd)) { + fprintf (stderr, "Error: malformed Lanman password entry at line %d (non hex chars)\n", line); + pdb_reset_sam (sam_pwent); + continue; + } + pdb_set_lanman_passwd(sam_pwent, smbpwd); + } + /* NT password */ + p += 33; + if ((linebuf_len >= (PTR_DIFF(p, linebuf) + 33)) && (p[32] == ':')) { + if (*p != '*' && *p != 'X') { + if (pdb_gethexpwd((char *)p,smbntpwd)) { + pdb_set_nt_passwd(sam_pwent, smbntpwd); + } + } + p += 33; + } + } + + /* Get ACCT_CTRL field if any */ + if (*p == '[') { + uint16 acct_ctrl; + unsigned char *end_p = (unsigned char *)strchr_m((char *)p, ']'); + + acct_ctrl = pdb_decode_acct_ctrl((char*)p); + if (acct_ctrl) + acct_ctrl = ACB_NORMAL; + + pdb_set_acct_ctrl(sam_pwent, acct_ctrl); + + /* Get last change time */ + if(end_p) + p = end_p + 1; + if(*p == ':') { + p++; + if(*p && (StrnCaseCmp((char *)p, "LCT-", 4)==0)) { + int i; + + p += 4; + for(i = 0; i < 8; i++) { + if(p[i] == '\0' || !isxdigit(p[i])) break; + } + if(i == 8) { + pdb_set_pass_last_set_time (sam_pwent, (time_t)strtol((char *)p, NULL, 16)); + } + } + } + } + + /* Old-style workstation account code droped. */ + + if (pdb_get_acct_ctrl(sam_pwent) & ACB_WSTRUST) { + if ((uidval < BASE_MACHINE_UID) || (uidval > MAX_MACHINE_UID)) { + fprintf (stderr, "Warning: Machine UID out of normal range %d-%d\n", + BASE_MACHINE_UID, + MAX_MACHINE_UID); + } + pdb_set_uid(sam_pwent, BASE_MACHINE_UID); + } + + /* Test if user is valid */ + if (pdb_get_acct_ctrl(sam_pwent) & ACB_NORMAL) { + struct passwd *pwd = NULL; + + if (!(pwd = sys_getpwnam(user_name))) { + fprintf (stderr, "Error: User %s does not exist in system passwd!\n", user_name); + continue; + } + pdb_set_gid(sam_pwent, pwd->pw_gid); + } + + /* Fill in sam_pwent structure */ + pdb_set_user_rid(sam_pwent, pdb_uid_to_user_rid (pdb_get_uid(sam_pwent))); + pdb_set_group_rid(sam_pwent, pdb_gid_to_group_rid (pdb_get_gid(sam_pwent))); + + /* TODO: set also full_name, home_dir, dir_drive, logon_script, profile_path, ecc... + * when defaults will be available (after passdb redesign) + * let them blank just now they are not used anyway + */ + + /* Now ADD the entry */ + if (!(pdb_add_sam_account (sam_pwent))) { + fprintf (stderr, "Unable to add user entry!\n"); + pdb_reset_sam (sam_pwent); + continue; + } + printf ("%s imported!\n", user_name); + good++; + pdb_reset_sam (sam_pwent); + } + printf ("%d lines read.\n%d entryes imported\n", line, good); + pdb_free_sam(&sam_pwent); + return 0; +} + +/********************************************************* + Start here. +**********************************************************/ + +int main (int argc, char **argv) +{ + int ch; + static pstring servicesf = CONFIGFILE; + BOOL list_users = False; + BOOL verbose = False; + BOOL spstyle = False; + BOOL setparms = False; + BOOL machine = False; + BOOL add_user = False; + BOOL delete_user = False; + BOOL import = False; + char *user_name = NULL; + char *full_name = NULL; + char *home_dir = NULL; + char *home_drive = NULL; + char *logon_script = NULL; + char *profile_path = NULL; + char *smbpasswd = NULL; + + TimeInit(); + + setup_logging("tdbedit", True); + + if (argc < 2) { + usage(); + return 0; + } + + if(!initialize_password_db(True)) { + fprintf(stderr, "Can't setup password database vectors.\n"); + exit(1); + } + + if (!lp_load(servicesf,True,False,False)) { + fprintf(stderr, "Can't load %s - run testparm to debug it\n", + servicesf); + exit(1); + } + + while ((ch = getopt(argc, argv, "ad:f:h:i:lmp:s:u:vwx")) != EOF) { + switch(ch) { + case 'a': + add_user = True; + break; + case 'm': + machine = True; + break; + case 'l': + list_users = True; + break; + case 'v': + verbose = True; + break; + case 'w': + spstyle = True; + break; + case 'u': + user_name = optarg; + break; + case 'f': + setparms = True; + full_name = optarg; + break; + case 'h': + setparms = True; + home_dir = optarg; + break; + case 'd': + setparms = True; + home_drive = optarg; + break; + case 's': + setparms = True; + logon_script = optarg; + break; + case 'p': + setparms = True; + profile_path = optarg; + break; + case 'x': + delete_user = True; + break; + case 'i': + import = True; + smbpasswd = optarg; + break; + default: + usage(); + } + } + if (((add_user?1:0) + (delete_user?1:0) + (list_users?1:0) + (import?1:0) + (setparms?1:0)) > 1) { + fprintf (stderr, "Incompatible options on command line!\n"); + usage(); + exit(1); + } + + if (add_user) { + if (!user_name) { + fprintf (stderr, "Username not specified! (use -u option)\n"); + return -1; + } + if (machine) + return new_machine (user_name); + else + return new_user (user_name, full_name, home_dir, home_drive, logon_script, profile_path); + } + + if (delete_user) { + if (!user_name) { + fprintf (stderr, "Username not specified! (use -u option)\n"); + return -1; + } + if (machine) + return delete_machine_entry (user_name); + else + return delete_user_entry (user_name); + } + + if (user_name) { + if (setparms) + set_user_info ( user_name, full_name, + home_dir, + home_drive, + logon_script, + profile_path); + else + return print_user_info (user_name, verbose, spstyle); + + return 0; + } + + + if (list_users) + return print_users_list (verbose, spstyle); + + if (import) + return import_users (smbpasswd); + + usage(); + + return 0; +} |