[Samba] Questions about 3.0.12rc1

[Sergey Loskutov]

Hello!

Before this post, i'm send 3 problems in 3.0.11
I'm compiled 3.0.12rc1 and found next:

1) Settings primary group .... problem solved, but question to developer
    You append to mapping.c  in smb_set_primary_group
    ret = smbrun(add_script,NULL);
    flush_pwnam_cache();
    ^^^^^^^^^^^^^^^^^^^^
  But not check ret code .....if my script exit in code != 0, i'm change 
primary group ... ( script "set primary group" still needed ? )

2) Next in this code is winbind, but debug message string have code 
DEBUG(3,("smb_delete_group:

You use copy/paste  ;)

This is affect in function:   smb_add_user_group,smb_delete_user_group

smb_add_user_group  have bug

   if ( winbind_add_user_to_group( unix_user, unix_group ) ) {
      DEBUG(3,("smb_delete_group: winbindd added user (%s) to the group 
(%s)\n",
       unix_user, unix_group));
       return -1;
^^^^^^^^^^^^^^^^^^^^^^^^^^
needed  return 0;

   }

3)  I'm analized  problems 1
( user who not have privileges "add machine account" )

In function _samr_create_user ( srv_samr_nt.c ) you have code:

if ( can_add_account )
   become_root();

And if user not have privileges(user|machine)  you MAY CREATE USER ( 
posix account or machine account ) through SCRIPT  :(((((

I'm change code to:

if ( can_add_account == False ) {
   return NT_STATUS_ACCESS_DENIED;
}
it's fixed problem ....
I'm do simple test and is work correct, ... but i'm do not full test.

and I want to apologize for my english, well .. you understand ;)


Sergey Loskutov