[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-4895-g8c64302

Michael Adam obnox at samba.org
Mon Feb 2 00:14:55 GMT 2009 

The branch, v3-3-test has been updated
       via  8c64302915bde8a5400b575389b12e0eaf2cf140 (commit)
       via  877808450bb108ed306ef77db97a3acc7297e579 (commit)
       via  f2acdca4ded8646752d154d55a0ade405f159e17 (commit)
      from  9ffb1e6f0ded2647efe567912873a1a63e2ffed1 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit 8c64302915bde8a5400b575389b12e0eaf2cf140
Author: Michael Adam <obnox at samba.org>
Date:   Mon Feb 2 00:46:57 2009 +0100

    s3:winbind_group: fix "getent group" to allocate new gids.
    
    "getent group" used to fill the idmap cache with negative
    cache entries for unmapped group sids.
    
    Don't pass domain name unconditionally to idmap_sid_to_gid().
    idmap_sid_to_gid() only creates new mappings (allocating
    idmap backends tdb, tdb2, ldap...) when the domain name passed
    in is "".
    
    Note that it is _wrong_ to directly call the idmap_sid_to_gid()
    functions here, in the main winbindd. The correct fix would be
    to send a sid_to_gid request to winbindd itself, but this needs
    more work to prepare the async mechanisms, and we nee a quick
    fix for getent passwd now.
    
    Michael

commit 877808450bb108ed306ef77db97a3acc7297e579
Author: Michael Adam <obnox at samba.org>
Date:   Mon Feb 2 00:36:59 2009 +0100

    s3:winbind_user: fix "getent passwd" to allocate new uids.
    
    "getent passwd" used to fill the idmap cache with negative
    cache entries for unmapped user sids.
    
    Don't pass domain name unconditionally to idmap_sid_to_[ug]id().
    idmap_sid_to_[ug]id() only creates new mappings (allocating
    idmap backends tdb, tdb2, ldap...) when the domain name passed
    in is "".
    
    Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id()
    functions here, in the main winbindd. The correct fix would be
    to send a sid_to_[ug]id request to winbindd itself, but this needs
    more work to prepare the async mechanisms, and we nee a quick
    fix for getent passwd now.
    
    Michael

commit f2acdca4ded8646752d154d55a0ade405f159e17
Author: Michael Adam <obnox at samba.org>
Date:   Mon Feb 2 00:35:43 2009 +0100

    s3:winbind_user: move initialization of domain up in winbindd_fill_pwent()
    
    and streamline logic some
    
    Michael

-----------------------------------------------------------------------

Summary of changes:
 source/winbindd/winbindd_group.c |   10 ++++++++--
 source/winbindd/winbindd_user.c  |   29 ++++++++++++++++-------------
 2 files changed, 24 insertions(+), 15 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/winbindd/winbindd_group.c b/source/winbindd/winbindd_group.c
index bc532bb..48e6577 100644
--- a/source/winbindd/winbindd_group.c
+++ b/source/winbindd/winbindd_group.c
@@ -1306,6 +1306,7 @@ void winbindd_getgrent(struct winbindd_cli_state *state)
 		char *gr_mem;
 		DOM_SID group_sid;
 		struct winbindd_domain *domain;
+		char *domain_name_idmap;
 
 		/* Do we need to fetch another chunk of groups? */
 
@@ -1353,8 +1354,13 @@ void winbindd_getgrent(struct winbindd_cli_state *state)
 		sid_copy(&group_sid, &domain->sid);
 		sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid);
 
-		if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain->name, &group_sid,
-						      &group_gid))) {
+		domain_name_idmap = domain->have_idmap_config
+				  ? domain->name
+				  : "";
+
+		if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain_name_idmap,
+						      &group_sid, &group_gid)))
+		{
 			union unid_t id;
 			enum lsa_SidType type;
 
diff --git a/source/winbindd/winbindd_user.c b/source/winbindd/winbindd_user.c
index 5356e16..b01e184 100644
--- a/source/winbindd/winbindd_user.c
+++ b/source/winbindd/winbindd_user.c
@@ -76,13 +76,25 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
 	char *mapped_name = NULL;
 	struct winbindd_domain *domain = NULL;
 	NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+	char *dom_name_idmap = "";
 
 	if (!pw || !dom_name || !user_name)
 		return False;
 
+	domain = find_domain_from_name_noinit(dom_name);
+	if (domain == NULL) {
+		DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s.  "
+			 "Disabling name alias support\n", dom_name));
+		nt_status = NT_STATUS_NO_SUCH_DOMAIN;
+	}
+
+	if (domain->have_idmap_config) {
+		dom_name_idmap = dom_name;
+	}
+
 	/* Resolve the uid number */
 
-	if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name, user_sid,
+	if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name_idmap, user_sid,
 					      &pw->pw_uid))) {
 		DEBUG(1, ("error getting user id for sid %s\n",
 			  sid_string_dbg(user_sid)));
@@ -91,26 +103,17 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
 
 	/* Resolve the gid number */
 
-	if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name, group_sid,
+	if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name_idmap, group_sid,
 					      &pw->pw_gid))) {
 		DEBUG(1, ("error getting group id for sid %s\n",
 			  sid_string_dbg(group_sid)));
 		return False;
 	}
 
-	strlower_m(user_name);
-
 	/* Username */
 
-	domain = find_domain_from_name_noinit(dom_name);
-	if (domain) {
-		nt_status = normalize_name_map(ctx, domain, user_name,
-					       &mapped_name);
-	} else {
-		DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s.  "
-			 "Disabling name alias support\n", dom_name));
-		nt_status = NT_STATUS_NO_SUCH_DOMAIN;
-	}
+	strlower_m(user_name);
+	nt_status = normalize_name_map(ctx, domain, user_name, &mapped_name);
 
 	/* Basic removal of whitespace */
 	if (NT_STATUS_IS_OK(nt_status)) {


-- 
Samba Shared Repository

More information about the samba-cvs mailing list