why is (gid_t)-1 treated as a group mapping failure?
James Peach
jpeach at samba.org
Tue May 1 23:27:58 GMT 2007
Hi all,
There's a bunch of code sprinkled throughout the passdb layer(s) that
asserts that -1 cannot be a valid ID. While this is often true, there
is historical precedent for systems using -1 (and -2). Darwin still
uses -1 for the group "nogroup", which maps to the SID S-1-0-0.
If I reference against the 3.0.10(!!) code, then -1 was still treated
as invalid, but that seems to have been because nametogid() had no way
to return an error. Is there a current justification for excluding -1?
For example, in pdb_default_delete_dom_group():
if (!get_domain_group_from_sid(group_sid, &map)) {
DEBUG(10, ("Could not find group for rid %d\n", rid));
return NT_STATUS_NO_SUCH_GROUP;
}
/* We need the group name for the smb_delete_group later on */
if (map.gid == (gid_t)-1) {
return NT_STATUS_NO_SUCH_GROUP;
}
grp = getgrgid(map.gid);
if (grp == NULL) {
return NT_STATUS_NO_SUCH_GROUP;
}
The check for -1 is superfluous because if get_domain_group_from_sid
failed, it should return False, and if map.gid is invalid, getgrgid
will fail.
--
James Peach | jpeach at samba.org
More information about the samba-technical
mailing list