about local group member detection

Jeremy Allison jra at samba.org
Fri Dec 3 15:05:55 MST 2010 

On Fri, Dec 03, 2010 at 03:07:12PM +0800, drag chan wrote:
> Hi,
> 
> when getting group info for a user, the domain which the user belongs
> to is first checked, then the local domain, and the builtin domain.
> but in samba-3.5.4/source3/winbind/wb_gettoken.c, find_our_domain() is
> called to get the local domain.
> 
> What's the meaning of local domain? If it means local SAM,
> find_our_domain() return error result:
> 
> struct winbindd_domain *find_our_domain(void)
> {
> 	struct winbindd_domain *domain;
> 
> 	/* Search through list */
> 
> 	for (domain = domain_list(); domain != NULL; domain = domain->next) {
> 		if (domain->primary)
> 			return domain;
> 	}
> 
> 	smb_panic("Could not find our domain");
> 	return NULL;
> }
> 
> If samba rule is a domain member, find_our_domain() doesn't return the
> local SAM.
> 
> Maybe we should call find_domain_from_sid(get_global_sam_sid()) to get
> the local domain in samba-3.5.4/source3/winbind/wb_gettoken.c?

So you're thinking of something like this patch (attached) ? Can you give an
example of how this bug would affect winbindd - how did you discover this
issue ?

Jeremy.
-------------- next part --------------
diff --git a/source3/winbindd/wb_gettoken.c b/source3/winbindd/wb_gettoken.c
index ca407b21..f2fbe4c 100644
--- a/source3/winbindd/wb_gettoken.c
+++ b/source3/winbindd/wb_gettoken.c
@@ -106,7 +106,7 @@ static void wb_gettoken_gotgroups(struct tevent_req *subreq)
 	/*
 	 * Expand our domain's aliases
 	 */
-	domain = find_our_domain();
+	domain = find_domain_from_sid_noinit(get_global_sam_sid());
 	if (domain == NULL) {
 		tevent_req_nterror(req, NT_STATUS_INTERNAL_ERROR);
 		return;
@@ -137,7 +137,7 @@ static void wb_gettoken_gotlocalgroups(struct tevent_req *subreq)
 		tevent_req_nterror(req, status);
 		return;
 	}
-	domain = find_our_domain();
+	domain = find_domain_from_sid_noinit(get_global_sam_sid());
 	if (!wb_add_rids_to_sids(state, &state->num_sids, &state->sids,
 				 &domain->sid, num_rids, rids)) {
 		tevent_req_nterror(req, NT_STATUS_NO_MEMORY);

More information about the samba-technical mailing list