profile bug and 2.2alpha2
Jean Francois Micouleau
Jean-Francois.Micouleau at dalalu.fr
Sat Feb 3 15:11:33 GMT 2001
samba 2.2alpha2 (and current CVS) is crashing when writing the user's
profile to the server from a W2K box as reported by others already.
It's coredumping in unpack_nt_owners():
if (security_info_sent & OWNER_SECURITY_INFORMATION) {
sid_copy(&owner_sid, psd->owner_sid);
if (!sid_to_uid( &owner_sid, puser, &sid_type))
DEBUG(3,("unpack_nt_owners: unable to validate owner sid.\n"));
exactly in the sid_copy() call.
now the why: easy there is not owner_sid in the ACL and there is no
group_sid neither !
The full code path is:
call_nt_transact_create() -> set_sd() -> set_nt_acl() -> unpack_nt_owners()
Now an extract of the unmarshalling of the SD (log level 100):
open_directory: opening directory micoulea
000000 sec_io_desc sd data
0000 revision : 0001
0002 type : 8004
0004 off_owner_sid: 00000000
0008 off_grp_sid : 00000000
000c off_sacl : 00000000
0010 off_dacl : 00000014
000014 sec_io_acl dacl
0014 revision: 0002
0016 size : 0078
0018 num_aces : 00000004
00001c sec_io_ace ace_list[00]:
001c type : 00
001d flags: 00
001e size : 0024
000020 sec_io_access info
0020 mask: 001f01ff
000024 smb_io_dom_sid sid
0024 sid_rev_num: 01
0025 num_auths : 05
0026 id_auth[0] : 00
0027 id_auth[1] : 00
0028 id_auth[2] : 00
0029 id_auth[3] : 00
002a id_auth[4] : 00
002b id_auth[5] : 05
002c sub_auths : 00000015 3df8ba6b 51bff040 090d4cca 000007d0
000040 sec_io_ace ace_list[01]:
0040 type : 00
0041 flags: 00
0042 size : 0014
000044 sec_io_access info
0044 mask: 001f01ff
000048 smb_io_dom_sid sid
0048 sid_rev_num: 01
0049 num_auths : 01
004a id_auth[0] : 00
004b id_auth[1] : 00
004c id_auth[2] : 00
004d id_auth[3] : 00
004e id_auth[4] : 00
004f id_auth[5] : 05
0050 sub_auths : 00000012
000054 sec_io_ace ace_list[02]:
0054 type : 00
0055 flags: 0b
0056 size : 0024
000058 sec_io_access info
0058 mask: 10000000
00005c smb_io_dom_sid sid
005c sid_rev_num: 01
005d num_auths : 05
005e id_auth[0] : 00
005f id_auth[1] : 00
0060 id_auth[2] : 00
0061 id_auth[3] : 00
0062 id_auth[4] : 00
0063 id_auth[5] : 05
0064 sub_auths : 00000015 3df8ba6b 51bff040 090d4cca 000007d0
000078 sec_io_ace ace_list[03]:
0078 type : 00
0079 flags: 0b
007a size : 0014
00007c sec_io_access info
007c mask: 10000000
000080 smb_io_dom_sid sid
0080 sid_rev_num: 01
0081 num_auths : 01
0082 id_auth[0] : 00
0083 id_auth[1] : 00
0084 id_auth[2] : 00
0085 id_auth[3] : 00
0086 id_auth[4] : 00
0087 id_auth[5] : 05
0088 sub_auths : 00000012
set_nt_acl: called for file micoulea
Solution: add a test in set_sd():
if(!sec_io_desc( "sd data", &psd, &pd, 1)) {
free_sec_desc(&psd);
....
return False;
}
+ if (psd->off_owner_sid==0)
+ security_info_sent|= ~OWNER_SECURITY_INFORMATION;
+ if (psd->off_grp_sid==0)
+ security_info_sent|= ~GROUP_SECURITY_INFORMATION;
+ if (psd->off_sacl==0)
+ security_info_sent|= ~DACL_SECURITY_INFORMATION;
+ if (psd->off_dacl==0)
+ security_info_sent|= ~SACL_SECURITY_INFORMATION;
ret = set_nt_acl( fsp, security_info_sent, psd);
But we still have a problem as the ACEs in the DACL are not completly
useless.
The S-1-5-21-x-y-z-2000 SID is the owner SID, so we should apply it.
I know it's the owner SID but how do we make samba knows that too ?
The S-1-5-18 SID LOCAL_SYSTEM_RID, that one I don't know.
J.F.
More information about the samba-technical
mailing list