svn commit: samba r12949 - in trunk/source: auth include lib nsswitch passdb rpc_server smbd

vlendec at samba.org vlendec at samba.org
Sun Jan 15 19:11:40 GMT 2006 

Author: vlendec
Date: 2006-01-15 19:11:35 +0000 (Sun, 15 Jan 2006)
New Revision: 12949

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12949

Log:
Sunday night checkin....

Change handling of 'force user' and 'force group'. My tests show that this
work as expected from the docs, but I need to do further cross-testing with
3_0 vs trunk.

create_token_from_username in auth_util.c does its best to create a token
given just a username. See comments & the samba-technical thread about the
winbind restrictions.

Introduce routines find_forced_[user|group]. These create the NT token, the
unix groups are calculated some lines below them in
make_connection_snum. S-1-22 pays off here, we *always* have reliable
SIDs. Both routines use lookup_name. An effect is that even for forced users
the aliases are reliably applied.

pdb_enum_group_memberships now takes a SAM_ACCOUNT as an argument. One step
closer to SAMR semantics...

In uid.c I directly overwrite the primary group, creating the token is
unnecessarily expensive. Jeremy, we need to talk about that change.

initialise_groups (another getgroups implementation) is gone.

Re-add jerry's trick to add the local admin if we're a domain
administrator. Only do this if 'winbind nested groups = no'. Jerry, is this
ok?

Fix some stuff, in particular memleaks, with init_sam_talloc. It should now
correctly clean up if the talloc context is freed. Does not wipe out passwords
yet. TODO.

Remove some algorithmic fallback stuff

Fix a segfault in winbind. G?\195?\188nther, there's children without a domain...

Volker


Modified:
   trunk/source/auth/auth_util.c
   trunk/source/include/passdb.h
   trunk/source/lib/system_smbd.c
   trunk/source/nsswitch/winbindd_dual.c
   trunk/source/passdb/pdb_get_set.c
   trunk/source/passdb/pdb_interface.c
   trunk/source/passdb/pdb_ldap.c
   trunk/source/passdb/pdb_nds.c
   trunk/source/rpc_server/srv_samr_nt.c
   trunk/source/smbd/lanman.c
   trunk/source/smbd/sec_ctx.c
   trunk/source/smbd/service.c
   trunk/source/smbd/uid.c


Changeset:
Sorry, the patch is too large (1625 lines) to include; please use WebSVN to see it!
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=12949

More information about the samba-cvs mailing list