The branch, master has been updated
via d75b3913c9e03ff97336aa7a6e1cbac2eb03f230 (commit)
via a0d05192006c4bade760bd945ab91b5268ca47a6 (commit)
via 8c57f34b99b9bd587e1c2be0905a8c41eebbd568 (commit)
from d936be23cd9d04adc2dca27cfc7772b53383f298 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit d75b3913c9e03ff97336aa7a6e1cbac2eb03f230
Author: Michael Adam <[email protected]>
Date: Mon Feb 2 00:46:57 2009 +0100
s3:winbind_group: fix "getent group" to allocate new gids.
"getent group" used to fill the idmap cache with negative
cache entries for unmapped group sids.
Don't pass domain name unconditionally to idmap_sid_to_gid().
idmap_sid_to_gid() only creates new mappings (allocating
idmap backends tdb, tdb2, ldap...) when the domain name passed
in is "".
Note that it is _wrong_ to directly call the idmap_sid_to_gid()
functions here, in the main winbindd. The correct fix would be
to send a sid_to_gid request to winbindd itself, but this needs
more work to prepare the async mechanisms, and we nee a quick
fix for getent passwd now.
Michael
commit a0d05192006c4bade760bd945ab91b5268ca47a6
Author: Michael Adam <[email protected]>
Date: Mon Feb 2 00:36:59 2009 +0100
s3:winbind_user: fix "getent passwd" to allocate new uids.
"getent passwd" used to fill the idmap cache with negative
cache entries for unmapped user sids.
Don't pass domain name unconditionally to idmap_sid_to_[ug]id().
idmap_sid_to_[ug]id() only creates new mappings (allocating
idmap backends tdb, tdb2, ldap...) when the domain name passed
in is "".
Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id()
functions here, in the main winbindd. The correct fix would be
to send a sid_to_[ug]id request to winbindd itself, but this needs
more work to prepare the async mechanisms, and we nee a quick
fix for getent passwd now.
Michael
commit 8c57f34b99b9bd587e1c2be0905a8c41eebbd568
Author: Michael Adam <[email protected]>
Date: Mon Feb 2 00:35:43 2009 +0100
s3:winbind_user: move initialization of domain up in winbindd_fill_pwent()
and streamline logic some
Michael
-----------------------------------------------------------------------
Summary of changes:
source3/winbindd/winbindd_group.c | 10 ++++++++--
source3/winbindd/winbindd_user.c | 29 ++++++++++++++++-------------
2 files changed, 24 insertions(+), 15 deletions(-)
Changeset truncated at 500 lines:
diff --git a/source3/winbindd/winbindd_group.c
b/source3/winbindd/winbindd_group.c
index bc532bb..48e6577 100644
--- a/source3/winbindd/winbindd_group.c
+++ b/source3/winbindd/winbindd_group.c
@@ -1306,6 +1306,7 @@ void winbindd_getgrent(struct winbindd_cli_state *state)
char *gr_mem;
DOM_SID group_sid;
struct winbindd_domain *domain;
+ char *domain_name_idmap;
/* Do we need to fetch another chunk of groups? */
@@ -1353,8 +1354,13 @@ void winbindd_getgrent(struct winbindd_cli_state *state)
sid_copy(&group_sid, &domain->sid);
sid_append_rid(&group_sid, name_list[ent->sam_entry_index].rid);
- if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain->name, &group_sid,
- &group_gid))) {
+ domain_name_idmap = domain->have_idmap_config
+ ? domain->name
+ : "";
+
+ if (!NT_STATUS_IS_OK(idmap_sid_to_gid(domain_name_idmap,
+ &group_sid, &group_gid)))
+ {
union unid_t id;
enum lsa_SidType type;
diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c
index 5356e16..b01e184 100644
--- a/source3/winbindd/winbindd_user.c
+++ b/source3/winbindd/winbindd_user.c
@@ -76,13 +76,25 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char
*dom_name, char *user_name
char *mapped_name = NULL;
struct winbindd_domain *domain = NULL;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ char *dom_name_idmap = "";
if (!pw || !dom_name || !user_name)
return False;
+ domain = find_domain_from_name_noinit(dom_name);
+ if (domain == NULL) {
+ DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s. "
+ "Disabling name alias support\n", dom_name));
+ nt_status = NT_STATUS_NO_SUCH_DOMAIN;
+ }
+
+ if (domain->have_idmap_config) {
+ dom_name_idmap = dom_name;
+ }
+
/* Resolve the uid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name, user_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name_idmap, user_sid,
&pw->pw_uid))) {
DEBUG(1, ("error getting user id for sid %s\n",
sid_string_dbg(user_sid)));
@@ -91,26 +103,17 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char
*dom_name, char *user_name
/* Resolve the gid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name, group_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name_idmap, group_sid,
&pw->pw_gid))) {
DEBUG(1, ("error getting group id for sid %s\n",
sid_string_dbg(group_sid)));
return False;
}
- strlower_m(user_name);
-
/* Username */
- domain = find_domain_from_name_noinit(dom_name);
- if (domain) {
- nt_status = normalize_name_map(ctx, domain, user_name,
- &mapped_name);
- } else {
- DEBUG(5,("winbindd_fill_pwent: Failed to find domain for %s. "
- "Disabling name alias support\n", dom_name));
- nt_status = NT_STATUS_NO_SUCH_DOMAIN;
- }
+ strlower_m(user_name);
+ nt_status = normalize_name_map(ctx, domain, user_name, &mapped_name);
/* Basic removal of whitespace */
if (NT_STATUS_IS_OK(nt_status)) {
--
Samba Shared Repository
