svn commit: samba r17388 - in branches: SAMBA_3_0/source/auth
SAMBA_3_0_23/source/auth
jra at samba.org
jra at samba.org
Thu Aug 3 19:07:12 GMT 2006
Author: jra
Date: 2006-08-03 19:07:12 +0000 (Thu, 03 Aug 2006)
New Revision: 17388
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17388
Log:
Fix the "valid users"/token issue for now. Volker,
please come in and fix it in a less ugly way once
you have some time. Thanks,
Jeremy.
Modified:
branches/SAMBA_3_0/source/auth/auth_util.c
branches/SAMBA_3_0_23/source/auth/auth_util.c
Changeset:
Modified: branches/SAMBA_3_0/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0/source/auth/auth_util.c 2006-08-03 16:43:26 UTC (rev 17387)
+++ branches/SAMBA_3_0/source/auth/auth_util.c 2006-08-03 19:07:12 UTC (rev 17388)
@@ -599,6 +599,14 @@
* simple first. */
TALLOC_FREE(gids);
+ /* For a local user the real primary group sid is the result->sids[0] */
+
+ if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
+ result->sam_account = NULL; /* Don't free on error exit. */
+ TALLOC_FREE(result);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
pdb_get_username(sampass), result->unix_name));
@@ -1089,7 +1097,7 @@
gr_sid = pdb_get_group_sid(sam_acct);
if (!gr_sid) {
- goto unix_user;
+ goto unix_group;
}
sid_copy(&primary_group_sid, gr_sid);
@@ -1097,8 +1105,8 @@
if (!sid_to_gid(&primary_group_sid, gid)) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
sid_string_static(&primary_group_sid)));
- DEBUGADD(1, ("Fall back to unix user %s\n", username));
- goto unix_user;
+ DEBUGADD(1, ("Fall back to unix group %s\n", username));
+ goto unix_group;
}
result = pdb_enum_group_memberships(tmp_ctx, sam_acct,
@@ -1107,8 +1115,8 @@
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10, ("enum_group_memberships failed for %s\n",
username));
- DEBUGADD(1, ("Fall back to unix user %s\n", username));
- goto unix_user;
+ DEBUGADD(1, ("Fall back to unix group %s\n", username));
+ goto unix_group;
}
*found_username = talloc_strdup(mem_ctx,
@@ -1132,6 +1140,8 @@
uid_to_unix_users_sid(*uid, &user_sid);
+ unix_group:
+
pass = getpwuid_alloc(tmp_ctx, *uid);
if (pass == NULL) {
DEBUG(1, ("getpwuid(%d) for user %s failed\n",
@@ -1316,6 +1326,14 @@
* simple first. */
TALLOC_FREE(gids);
+ /* For a local user the real primary group sid is the result->sids[0] */
+
+ if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
+ result->sam_account = NULL; /* Don't free on error exit. */
+ TALLOC_FREE(sampass);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
*server_info = result;
return NT_STATUS_OK;
Modified: branches/SAMBA_3_0_23/source/auth/auth_util.c
===================================================================
--- branches/SAMBA_3_0_23/source/auth/auth_util.c 2006-08-03 16:43:26 UTC (rev 17387)
+++ branches/SAMBA_3_0_23/source/auth/auth_util.c 2006-08-03 19:07:12 UTC (rev 17388)
@@ -599,6 +599,14 @@
* simple first. */
TALLOC_FREE(gids);
+ /* For a local user the real primary group sid is the result->sids[0] */
+
+ if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
+ result->sam_account = NULL; /* Don't free on error exit. */
+ TALLOC_FREE(result);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
DEBUG(5,("make_server_info_sam: made server info for user %s -> %s\n",
pdb_get_username(sampass), result->unix_name));
@@ -1088,7 +1096,7 @@
gr_sid = pdb_get_group_sid(sam_acct);
if (!gr_sid) {
- goto unix_user;
+ goto unix_group;
}
sid_copy(&primary_group_sid, gr_sid);
@@ -1096,8 +1104,8 @@
if (!sid_to_gid(&primary_group_sid, gid)) {
DEBUG(1, ("sid_to_gid(%s) failed\n",
sid_string_static(&primary_group_sid)));
- DEBUGADD(1, ("Fall back to unix user %s\n", username));
- goto unix_user;
+ DEBUGADD(1, ("Fall back to unix group %s\n", username));
+ goto unix_group;
}
result = pdb_enum_group_memberships(tmp_ctx, sam_acct,
@@ -1106,8 +1114,8 @@
if (!NT_STATUS_IS_OK(result)) {
DEBUG(10, ("enum_group_memberships failed for %s\n",
username));
- DEBUGADD(1, ("Fall back to unix user %s\n", username));
- goto unix_user;
+ DEBUGADD(1, ("Fall back to unix group %s\n", username));
+ goto unix_group;
}
*found_username = talloc_strdup(mem_ctx,
@@ -1131,6 +1139,8 @@
uid_to_unix_users_sid(*uid, &user_sid);
+ unix_group:
+
pass = getpwuid_alloc(tmp_ctx, *uid);
if (pass == NULL) {
DEBUG(1, ("getpwuid(%d) for user %s failed\n",
@@ -1315,6 +1325,14 @@
* simple first. */
TALLOC_FREE(gids);
+ /* For a local user the real primary group sid is the result->sids[0] */
+
+ if (!pdb_set_group_sid(sampass, &result->sids[0], PDB_CHANGED)) {
+ result->sam_account = NULL; /* Don't free on error exit. */
+ TALLOC_FREE(sampass);
+ return NT_STATUS_UNSUCCESSFUL;
+ }
+
*server_info = result;
return NT_STATUS_OK;
More information about the samba-cvs
mailing list