[SCM] Samba Shared Repository - branch v3-3-test updated - release-3-2-0pre2-5256-g09b76c5

Mon May 11 11:04:22 GMT 2009

The branch, v3-3-test has been updated
       via  09b76c57098ed4d11855000ae31cd346cb9a765d (commit)
      from  242ae00e56ac553f9ac736b4c2a18b4610bdb6e9 (commit)

http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test


- Log -----------------------------------------------------------------
commit 09b76c57098ed4d11855000ae31cd346cb9a765d
Author: Jeremy Allison <jra at samba.org>
Date:   Tue Apr 28 11:07:51 2009 -0700

    Fix bug #6291 - force user stop working. A previous fix broke the invariant that *uid is always initialized on return from create_token_from_username(). Restore it. Jeremy.

-----------------------------------------------------------------------

Summary of changes:
 source/auth/auth_util.c |   38 +++++++++++++++++++++++++++++++++++++-
 1 files changed, 37 insertions(+), 1 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index 2a535bf..2bd857c 100644
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -884,6 +884,33 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 		*found_username = talloc_strdup(mem_ctx,
 						pdb_get_username(sam_acct));
 
+		/*
+		 * If the SID from lookup_name() was the guest sid, passdb knows
+		 * about the mapping of guest sid to lp_guestaccount()
+		 * username and will return the unix_pw info for a guest
+		 * user. Use it if it's there, else lookup the *uid details
+		 * using getpwnam_alloc(). See bug #6291 for details. JRA.
+		 */
+
+		/* We must always assign the *uid. */
+		if (sam_acct->unix_pw == NULL) {
+			struct passwd *pwd = getpwnam_alloc(sam_acct, *found_username );
+			if (!pwd) {
+				DEBUG(10, ("getpwnam_alloc failed for %s\n",
+					*found_username));
+				result = NT_STATUS_NO_SUCH_USER;
+				goto done;
+			}
+			result = samu_set_unix(sam_acct, pwd );
+			if (!NT_STATUS_IS_OK(result)) {
+				DEBUG(10, ("samu_set_unix failed for %s\n",
+					*found_username));
+				result = NT_STATUS_NO_SUCH_USER;
+				goto done;
+			}
+		}
+		*uid = sam_acct->unix_pw->pw_uid;
+
 	} else 	if (sid_check_is_in_unix_users(&user_sid)) {
 
 		/* This is a unix user not in passdb. We need to ask nss
@@ -900,8 +927,9 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 	unix_user:
 
 		if (!sid_to_uid(&user_sid, uid)) {
-			DEBUG(1, ("sid_to_uid for %s (%s) failed\n",
+			DEBUG(1, ("unix_user case, sid_to_uid for %s (%s) failed\n",
 				  username, sid_string_dbg(&user_sid)));
+			result = NT_STATUS_NO_SUCH_USER;
 			goto done;
 		}
 
@@ -954,6 +982,14 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username,
 
 		uint32 dummy;
 
+		/* We must always assign the *uid. */
+		if (!sid_to_uid(&user_sid, uid)) {
+			DEBUG(1, ("winbindd case, sid_to_uid for %s (%s) failed\n",
+				  username, sid_string_dbg(&user_sid)));
+			result = NT_STATUS_NO_SUCH_USER;
+			goto done;
+		}
+
 		num_group_sids = 1;
 		group_sids = TALLOC_ARRAY(tmp_ctx, DOM_SID, num_group_sids);
 		if (group_sids == NULL) {


-- 
Samba Shared Repository
