[SCM] Samba Shared Repository - branch v3-5-test updated
Bo Yang
boyang at samba.org
Sun Oct 18 20:07:36 MDT 2009
The branch, v3-5-test has been updated
via 5d62b2f... s3: Don't fail authentication when one or some group of require-membership-of is invalid.
from 3555704... s3:configure: fix avahi activation
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-5-test
- Log -----------------------------------------------------------------
commit 5d62b2fcce7d846bf5adb4407c05d281afa6a9e9
Author: Bo Yang <boyang at samba.org>
Date: Thu Oct 15 06:23:48 2009 +0800
s3: Don't fail authentication when one or some group of require-membership-of is invalid.
Signed-off-by: Bo Yang <boyang at samba.org>
(cherry picked from commit 31f1a36901b5b8959dc51401c09c114829b50392)
-----------------------------------------------------------------------
Summary of changes:
nsswitch/pam_winbind.c | 25 +++++++++++++++++++++++--
1 files changed, 23 insertions(+), 2 deletions(-)
Changeset truncated at 500 lines:
diff --git a/nsswitch/pam_winbind.c b/nsswitch/pam_winbind.c
index 0b00c95..0eb24a2 100644
--- a/nsswitch/pam_winbind.c
+++ b/nsswitch/pam_winbind.c
@@ -1057,7 +1057,23 @@ static bool winbind_name_list_to_sid_string_list(struct pwb_context *ctx,
current_name,
sid_list_buffer,
sid_list_buffer_size)) {
- goto out;
+ /*
+ * If one group name failed, we must not fail
+ * the authentication totally, continue with
+ * the following group names. If user belongs to
+ * one of the valid groups, we must allow it
+ * login. -- BoYang
+ */
+
+ _pam_log(ctx, LOG_INFO, "cannot convert group %s to sid, "
+ "check if group %s is valid group.", current_name,
+ current_name);
+ _make_remark_format(ctx, PAM_TEXT_INFO, _("Cannot convert group %s "
+ "to sid, please contact your administrator to see "
+ "if group %s is valid."), current_name, current_name);
+ SAFE_FREE(current_name);
+ search_location = comma + 1;
+ continue;
}
SAFE_FREE(current_name);
@@ -1073,7 +1089,12 @@ static bool winbind_name_list_to_sid_string_list(struct pwb_context *ctx,
if (!winbind_name_to_sid_string(ctx, user, search_location,
sid_list_buffer,
sid_list_buffer_size)) {
- goto out;
+ _pam_log(ctx, LOG_INFO, "cannot convert group %s to sid, "
+ "check if group %s is valid group.", search_location,
+ search_location);
+ _make_remark_format(ctx, PAM_TEXT_INFO, _("Cannot convert group %s "
+ "to sid, please contact your administrator to see "
+ "if group %s is valid."), search_location, search_location);
}
result = true;
--
Samba Shared Repository
More information about the samba-cvs
mailing list