svn commit: samba r22481 - in branches: SAMBA_3_0/source/lib
SAMBA_3_0/source/smbd SAMBA_3_0_25/source/lib
SAMBA_3_0_25/source/smbd
jra at samba.org
jra at samba.org
Mon Apr 23 09:19:36 GMT 2007
Author: jra
Date: 2007-04-23 09:19:35 +0000 (Mon, 23 Apr 2007)
New Revision: 22481
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=22481
Log:
Move check for non-mappable SIDs to after sid_to_uid,
sid_to_gid mapping, add LocalSystem to non-mappable
list.
Jeremy.
Modified:
branches/SAMBA_3_0/source/lib/util_sid.c
branches/SAMBA_3_0/source/smbd/posix_acls.c
branches/SAMBA_3_0_25/source/lib/util_sid.c
branches/SAMBA_3_0_25/source/smbd/posix_acls.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/util_sid.c
===================================================================
--- branches/SAMBA_3_0/source/lib/util_sid.c 2007-04-23 08:46:10 UTC (rev 22480)
+++ branches/SAMBA_3_0/source/lib/util_sid.c 2007-04-23 09:19:35 UTC (rev 22481)
@@ -510,6 +510,9 @@
DOM_SID dom;
uint32 rid;
+ if (sid_equal(sid, &global_sid_System))
+ return True;
+
sid_copy(&dom, sid);
sid_split_rid(&dom, &rid);
Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-04-23 08:46:10 UTC (rev 22480)
+++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2007-04-23 09:19:35 UTC (rev 22481)
@@ -1347,17 +1347,6 @@
SEC_ACE *psa = &dacl->aces[i];
/*
- * Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
- */
-
- if (non_mappable_sid(&psa->trustee)) {
- fstring str;
- DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
- sid_to_string(str, &psa->trustee) ));
- continue;
- }
-
- /*
* Create a cannon_ace entry representing this NT DACL ACE.
*/
@@ -1417,6 +1406,16 @@
} else {
fstring str;
+ /*
+ * Silently ignore map failures in non-mappable SIDs (NT Authority, BUILTIN etc).
+ */
+
+ if (non_mappable_sid(&psa->trustee)) {
+ DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
+ sid_to_string(str, &psa->trustee) ));
+ continue;
+ }
+
free_canon_ace_list(file_ace);
free_canon_ace_list(dir_ace);
DEBUG(0,("create_canon_ace_lists: unable to map SID %s to uid or gid.\n",
Modified: branches/SAMBA_3_0_25/source/lib/util_sid.c
===================================================================
--- branches/SAMBA_3_0_25/source/lib/util_sid.c 2007-04-23 08:46:10 UTC (rev 22480)
+++ branches/SAMBA_3_0_25/source/lib/util_sid.c 2007-04-23 09:19:35 UTC (rev 22481)
@@ -510,6 +510,9 @@
DOM_SID dom;
uint32 rid;
+ if (sid_equal(sid, &global_sid_System))
+ return True;
+
sid_copy(&dom, sid);
sid_split_rid(&dom, &rid);
Modified: branches/SAMBA_3_0_25/source/smbd/posix_acls.c
===================================================================
--- branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-04-23 08:46:10 UTC (rev 22480)
+++ branches/SAMBA_3_0_25/source/smbd/posix_acls.c 2007-04-23 09:19:35 UTC (rev 22481)
@@ -1347,17 +1347,6 @@
SEC_ACE *psa = &dacl->aces[i];
/*
- * Ignore non-mappable SIDs (NT Authority, BUILTIN etc).
- */
-
- if (non_mappable_sid(&psa->trustee)) {
- fstring str;
- DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
- sid_to_string(str, &psa->trustee) ));
- continue;
- }
-
- /*
* Create a cannon_ace entry representing this NT DACL ACE.
*/
@@ -1417,6 +1406,16 @@
} else {
fstring str;
+ /*
+ * Silently ignore map failures in non-mappable SIDs (NT Authority, BUILTIN etc).
+ */
+
+ if (non_mappable_sid(&psa->trustee)) {
+ DEBUG(10,("create_canon_ace_lists: ignoring non-mappable SID %s\n",
+ sid_to_string(str, &psa->trustee) ));
+ continue;
+ }
+
free_canon_ace_list(file_ace);
free_canon_ace_list(dir_ace);
DEBUG(0,("create_canon_ace_lists: unable to map SID %s to uid or gid.\n",
More information about the samba-cvs
mailing list