patch: (samba/nss_ldap) calling initgroups with correct pw_name
Jochen Schneider
jochen.schneider at mediaways.net
Fri Oct 19 16:38:01 GMT 2001
Hi everybody,
i've tracked down a very nasty problem, that prevents users with
uppercase
uid's form accessing group folders if their password information is
stored
in LDAP directories (nss_ldap an --with-ldap/--with-samldap).
The initgroups call must not be called with the user parameter, but
with the actual passwd->pw_name for the uid.
This patch is against 2.2.1a, but should do against against 2.2.2 also.
Have fun,
Jochen
--- samba-2.2.1a/source/smbd/sec_ctx.c Fri Jul 6 04:02:03 2001
+++ ../samba-2.2.1a/source/smbd/sec_ctx.c Sat Oct 20 03:09:21 2001
@@ -222,10 +222,26 @@
{
struct sec_ctx *prev_ctx_p;
BOOL result = True;
+ struct passwd* pass;
become_root();
+
+ if((pass = getpwuid(uid))==NULL)
+ {
+ result=False;
+ DEBUG(0,("could not find passwd struct for uid: %d\n",uid));
+ }
+ else
+ {
+ DEBUG(3,("The real username is %s\n",pass->pw_name));
+ slprintf(user,strlen(user)+1,"%s",pass->pw_name);
+ }
+
+ DEBUG(3,("uid: %d. Calling initgroups() for user: %s and gid
%d\n",uid,user,gid));
+
/* Call initgroups() to get user groups */
+
if (winbind_initgroups(user,gid) == -1) {
DEBUG(0,("Unable to initgroups. Error was %s\n", strerror(errno) ));
--
jochen.schneider at mediaways.net
http://www.legasthenie-ist-keine-schande.de
<< Premature optimization is the root of all evil >>
More information about the samba-technical
mailing list