dealing with usernames containing whitespace

Gerald (Jerry) Carter jerry at samba.org
Tue Jan 30 19:27:06 GMT 2007 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Background: account names with whitespace such as "AD\Space Kadet"
cause failures in various shell scripts, initialization files,
Gnome, etc... because of the assumption that the IFS in base is
whitespace.  This patch introduces the 'winbind replacement character'
parameter which maps names like "Space Kadet" to "Space_Kadet".

For example:

$ ssh -l "ad\space kadet" localhost
Password:
Last login: Tue Jan 30 12:51:53 2007 from localhost

[AD\space_kadet at fiji ~]$ id
uid=100012(AD\space_kadet) gid=100000(AD\domain_users)
groups=100000(AD\domain_users)

[AD\space_kadet at fiji ~]$ getent group "AD\Domain Users"
AD\domain_users:x:100000:AD\space_kadet

[AD\space_kadet at fiji ~]$ getent group "AD\Domain_Users"
AD\domain_users:x:100000:AD\space_kadet

This is one of those patches I feel dirty about but have
a legitimate need for.  What do others think?





cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFv5wKIR7qMdg1EfYRAh3RAKDVw0V/oYPY4MJ3WoBKPWW1fZAUfgCffg0e
sOYhddcOpLXaouqZEIQvPWI=
=2B+T
-----END PGP SIGNATURE-----
-------------- next part --------------
=== modified file 'source/nsswitch/winbindd_group.c'
--- source/nsswitch/winbindd_group.c	2007-01-25 02:37:08 +0000
+++ source/nsswitch/winbindd_group.c	2007-01-30 19:11:24 +0000
@@ -462,6 +462,7 @@
 	gid_t gid;
 	union unid_t id;
 	NTSTATUS status;
+	char replace_char[2] = { 0x0, 0x0 };
 	
 	/* Ensure null termination */
 	state->request.data.groupname[sizeof(state->request.data.groupname)-1]='\0';
@@ -502,6 +503,11 @@
 	}
 
 	/* Get rid and name type from name */
+
+	replace_char[0] = *lp_winbind_replacement_char();
+	if ( replace_char[0] != '\0' ) {
+		all_string_sub( name_group, " ", replace_char, 0 );
+	}
         
 	if (!winbindd_lookup_sid_by_name(state->mem_ctx, domain, domain->name,
 					 name_group, &group_sid, &name_type)) {

=== modified file 'source/nsswitch/winbindd_rpc.c'
--- source/nsswitch/winbindd_rpc.c	2006-12-09 14:15:03 +0000
+++ source/nsswitch/winbindd_rpc.c	2007-01-30 19:11:24 +0000
@@ -246,9 +246,10 @@
 	NTSTATUS result;
 	DOM_SID *sids = NULL;
 	enum lsa_SidType *types = NULL;
-	const char *full_name;
+	char *full_name;
 	struct rpc_pipe_client *cli;
 	POLICY_HND lsa_policy;
+	char replace_char[2] = { 0x0, 0x0 };
 
         if(name == NULL || *name=='\0') {
                 DEBUG(3,("rpc: name_to_sid name=%s\n", domain_name));
@@ -262,6 +263,11 @@
 		return NT_STATUS_NO_MEMORY;
 	}
 
+	replace_char[0] = *lp_winbind_replacement_char();
+	if ( replace_char[0] != '\0' ) {
+		all_string_sub( full_name, replace_char, " ", 0 );	
+	}
+
 	DEBUG(3,("name_to_sid [rpc] %s for domain %s\n", full_name?full_name:"", domain_name ));
 
 	result = cm_connect_lsa(domain, mem_ctx, &cli, &lsa_policy);
@@ -298,6 +304,7 @@
 	NTSTATUS result;
 	struct rpc_pipe_client *cli;
 	POLICY_HND lsa_policy;
+	char replace_char[2] = { 0x0, 0x0 };	
 
 	DEBUG(3,("sid_to_name [rpc] %s for domain %s\n", sid_string_static(sid),
 			domain->name ));
@@ -314,6 +321,12 @@
 	*type = (enum lsa_SidType)types[0];
 	*domain_name = domains[0];
 	*name = names[0];
+
+	replace_char[0] = *lp_winbind_replacement_char();
+	if ( replace_char[0] != '\0' ) {
+		all_string_sub( *name, " ", replace_char, 0 );	
+	}
+
 	DEBUG(5,("Mapped sid to [%s]\\[%s]\n", domains[0], *name));
 	return NT_STATUS_OK;
 }
@@ -333,6 +346,8 @@
 	POLICY_HND lsa_policy;
 	DOM_SID *sids;
 	size_t i;
+	char **ret_names;
+	char replace_char[2] = { 0x0, 0x0 };	
 
 	DEBUG(3, ("rids_to_names [rpc] for domain %s\n", domain->name ));
 
@@ -360,10 +375,15 @@
 		return result;
 	}
 
+	replace_char[0] = *lp_winbind_replacement_char();
+	ret_names = *names;	
+
 	for (i=0; i<num_rids; i++) {
 		if ((*types)[i] != SID_NAME_UNKNOWN) {
+			if ( replace_char[0] != '\0' ) {
+				all_string_sub( ret_names[i], " ", replace_char, 0 );	
+			}
 			*domain_name = domains[i];
-			break;
 		}
 	}
 

=== modified file 'source/nsswitch/winbindd_user.c'
--- source/nsswitch/winbindd_user.c	2007-01-24 02:29:39 +0000
+++ source/nsswitch/winbindd_user.c	2007-01-30 19:11:24 +0000
@@ -228,6 +228,7 @@
 				    uint32 group_rid)
 {
 	fstring username;
+	char replace_char[2] = { 0x0, 0x0 };
 	struct getpwsid_state *s =
 		talloc_get_type_abort(private_data, struct getpwsid_state);
 
@@ -241,6 +242,12 @@
 	fstrcpy( username, acct_name );
 	strlower_m( username );
 	s->username = talloc_strdup(s->state->mem_ctx, username);
+
+	replace_char[0] = *lp_winbind_replacement_char();
+	if ( replace_char[0] != '\0' ) {
+		all_string_sub( s->username, " ", replace_char, 0 );	
+	}
+
 	s->fullname = talloc_strdup(s->state->mem_ctx, full_name);
 	s->homedir = talloc_strdup(s->state->mem_ctx, homedir);
 	s->shell = talloc_strdup(s->state->mem_ctx, shell);

=== modified file 'source/param/loadparm.c'
--- source/param/loadparm.c	2007-01-24 02:29:39 +0000
+++ source/param/loadparm.c	2007-01-30 19:11:24 +0000
@@ -180,6 +180,7 @@
 	BOOL bWinbindNestedGroups;
 	BOOL bWinbindRefreshTickets;
 	BOOL bWinbindOfflineLogon;
+	char *szWinbindReplacementCharacter;
 	char **szIdmapDomains;
 	char **szIdmapBackend; /* deprecated */
 	char *szIdmapAllocBackend;
@@ -1288,6 +1289,7 @@
 	{"winbind nss info", P_LIST, P_GLOBAL, &Globals.szWinbindNssInfo, NULL, NULL, FLAG_ADVANCED}, 
 	{"winbind refresh tickets", P_BOOL, P_GLOBAL, &Globals.bWinbindRefreshTickets, NULL, NULL, FLAG_ADVANCED}, 
 	{"winbind offline logon", P_BOOL, P_GLOBAL, &Globals.bWinbindOfflineLogon, NULL, NULL, FLAG_ADVANCED},
+	{"winbind replacement character", P_STRING, P_GLOBAL, &Globals.szWinbindReplacementCharacter, NULL, NULL, FLAG_ADVANCED},
 
 	{NULL,  P_BOOL,  P_NONE,  NULL,  NULL,  NULL,  0}
 };
@@ -1622,6 +1624,7 @@
 	string_set(&Globals.szTemplateShell, "/bin/false");
 	string_set(&Globals.szTemplateHomedir, "/home/%D/%U");
 	string_set(&Globals.szWinbindSeparator, "\\");
+	string_set(&Globals.szWinbindReplacementCharacter, "_");
 
 	string_set(&Globals.szCupsServer, "");
 	string_set(&Globals.szIPrintServer, "");
@@ -1855,6 +1858,7 @@
 FN_GLOBAL_BOOL(lp_winbind_nested_groups, &Globals.bWinbindNestedGroups)
 FN_GLOBAL_BOOL(lp_winbind_refresh_tickets, &Globals.bWinbindRefreshTickets)
 FN_GLOBAL_BOOL(lp_winbind_offline_logon, &Globals.bWinbindOfflineLogon)
+FN_GLOBAL_STRING(lp_winbind_replacement_char, &Globals.szWinbindReplacementCharacter)
 
 FN_GLOBAL_LIST(lp_idmap_domains, &Globals.szIdmapDomains)
 FN_GLOBAL_LIST(lp_idmap_backend, &Globals.szIdmapBackend) /* deprecated */

More information about the samba-technical mailing list