Author: jerry Date: 2005-01-18 14:46:24 +0000 (Tue, 18 Jan 2005) New Revision: 4820
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=4820 Log: add beginnings of 'net rpc rights' for managing privilege assignments Added: branches/SAMBA_3_0/source/utils/net_rpc_rights.c Modified: branches/SAMBA_3_0/source/Makefile.in branches/SAMBA_3_0/source/utils/net.h branches/SAMBA_3_0/source/utils/net_rpc.c Changeset: Modified: branches/SAMBA_3_0/source/Makefile.in =================================================================== --- branches/SAMBA_3_0/source/Makefile.in 2005-01-18 10:10:35 UTC (rev 4819) +++ branches/SAMBA_3_0/source/Makefile.in 2005-01-18 14:46:24 UTC (rev 4820) @@ -532,7 +532,7 @@ utils/net_rap.o utils/net_rpc.o utils/net_rpc_samsync.o \ utils/net_rpc_join.o utils/net_time.o utils/net_lookup.o \ utils/net_cache.o utils/net_groupmap.o utils/net_idmap.o \ - utils/net_status.o utils/net_rpc_printer.o + utils/net_status.o utils/net_rpc_printer.o utils/net_rpc_rights.o NET_OBJ = $(NET_OBJ1) $(PARAM_OBJ) $(SECRETS_OBJ) $(LIBSMB_OBJ) \ $(RPC_PARSE_OBJ) $(PASSDB_OBJ) $(GROUPDB_OBJ) \ Modified: branches/SAMBA_3_0/source/utils/net.h =================================================================== --- branches/SAMBA_3_0/source/utils/net.h 2005-01-18 10:10:35 UTC (rev 4819) +++ branches/SAMBA_3_0/source/utils/net.h 2005-01-18 14:46:24 UTC (rev 4820) @@ -17,8 +17,21 @@ along with this program; if not, write to the Free Software Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ +/* + * A function of this type is passed to the ' + * run_rpc_command' wrapper. Must go before the net_proto.h + * include + */ + +typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, const char *, + struct cli_state *, TALLOC_CTX *, int, const char **); + +/* INCLUDE FILES */ + #include "utils/net_proto.h" +/* MACROS & DEFINES */ + #define NET_FLAGS_MASTER 1 #define NET_FLAGS_DMB 2 Modified: branches/SAMBA_3_0/source/utils/net_rpc.c =================================================================== --- branches/SAMBA_3_0/source/utils/net_rpc.c 2005-01-18 10:10:35 UTC (rev 4819) +++ branches/SAMBA_3_0/source/utils/net_rpc.c 2005-01-18 14:46:24 UTC (rev 4820) @@ -37,10 +37,6 @@ **/ -/* A function of this type is passed to the 'run_rpc_command' wrapper */ -typedef NTSTATUS (*rpc_command_fn)(const DOM_SID *, const char *, - struct cli_state *, TALLOC_CTX *, int, const char **); - /** * Many of the RPC functions need the domain sid. This function gets * it at the start of every run @@ -100,7 +96,7 @@ * @return A shell status integer (0 for success) */ -static int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flags, +int run_rpc_command(struct cli_state *cli_arg, const int pipe_idx, int conn_flags, rpc_command_fn fn, int argc, const char **argv) { @@ -5260,10 +5256,10 @@ d_printf(" net rpc getsid \t\tfetch the domain sid into the local secrets.tdb\n"); d_printf(" net rpc vampire \t\tsyncronise an NT PDC's users and groups into the local passdb\n"); d_printf(" net rpc samdump \t\tdiplay an NT PDC's users, groups and other data\n"); - d_printf(" net rpc trustdom \t\tto create trusting domain's account\n" - "\t\t\t\t\tor establish trust\n"); + d_printf(" net rpc trustdom \t\tto create trusting domain's account or establish trust\n"); d_printf(" net rpc abortshutdown \tto abort the shutdown of a remote server\n"); d_printf(" net rpc shutdown \t\tto shutdown a remote server\n"); + d_printf(" net rpc rights\t\tto manage privileges assigned to SIDs\n"); d_printf("\n"); d_printf("'net rpc shutdown' also accepts the following miscellaneous options:\n"); /* misc options */ d_printf("\t-r or --reboot\trequest remote server reboot on shutdown\n"); @@ -5332,6 +5328,7 @@ {"samdump", rpc_samdump}, {"vampire", rpc_vampire}, {"getsid", net_rpc_getsid}, + {"rights", net_rpc_rights}, {"help", net_rpc_help}, {NULL, NULL} }; Added: branches/SAMBA_3_0/source/utils/net_rpc_rights.c =================================================================== --- branches/SAMBA_3_0/source/utils/net_rpc_rights.c 2005-01-18 10:10:35 UTC (rev 4819) +++ branches/SAMBA_3_0/source/utils/net_rpc_rights.c 2005-01-18 14:46:24 UTC (rev 4820) @@ -0,0 +1,116 @@ +/* + Samba Unix/Linux SMB client library + Distributed SMB/CIFS Server Management Utility + Copyright (C) Gerald (Jerry) Carter 2004 + + This program is free software; you can redistribute it and/or modify + it under the terms of the GNU General Public License as published by + the Free Software Foundation; either version 2 of the License, or + (at your option) any later version. + + This program is distributed in the hope that it will be useful, + but WITHOUT ANY WARRANTY; without even the implied warranty of + MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the + GNU General Public License for more details. + + You should have received a copy of the GNU General Public License + along with this program; if not, write to the Free Software + Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA. */ + +#include "includes.h" +#include "utils/net.h" + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_list_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_grant_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static NTSTATUS rpc_rights_revoke_internal( const DOM_SID *domain_sid, const char *domain_name, + struct cli_state *cli, TALLOC_CTX *mem_ctx, + int argc, const char **argv ) +{ + return NT_STATUS_OK; +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_list( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_list_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_grant( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_grant_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int rpc_rights_revoke( int argc, const char **argv ) +{ + return run_rpc_command( NULL, PI_LSARPC, 0, + rpc_rights_revoke_internal, argc, argv ); +} + +/******************************************************************** +********************************************************************/ + +static int net_help_rights( int argc, const char **argv ) +{ + d_printf("net rpc rights list View available privileges\n"); + d_printf("net rpc rights grant View available privileges\n"); + d_printf("net rpc rights revoke View available privileges\n"); + + d_printf("Both 'grant' and 'revoke' require a SID and a commaa separated\n"); + d_printf("list of privilege names. For example\n"); + d_printf(" net rpc grant S-1-5-32-550 SePrintOperatorsPrivilege\n"); + d_printf("would grant the printer admin right to the 'BUILTIN\\Print Operators' group\n"); + + + return -1; +} + +/******************************************************************** +********************************************************************/ + +int net_rpc_rights(int argc, const char **argv) +{ + struct functable func[] = { + {"list", rpc_rights_list}, + {"grant", rpc_rights_grant}, + {"revoke", rpc_rights_revoke}, + {NULL, NULL} + }; + + if ( argc ) + return net_run_function( argc, argv, func, net_help_rights ); + + return net_help_rights( argc, argv ); +} + +
