The branch, v3-2-test has been updated via c0d9732cf4482b0db02c75f316ff2b41f3336425 (commit) via 6c7c6c3f85a4bd171c62031b2b8e59d3f7054061 (commit) via 373a00ae0d667d257fa93ab14c773e841f2c4f1a (commit) via 723e877c241dd5a0c8addb89507c9eda75b88ea4 (commit) via ba5373ed7f74d560a9de8620039b596b8938d1dc (commit) via 8bb21b8b3802e7b093a3c4fb41b8550033388878 (commit) from ef2913a66c3888d4813d8b778ddd63b2c7e48f3e (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-2-test - Log ----------------------------------------------------------------- commit c0d9732cf4482b0db02c75f316ff2b41f3336425 Author: Michael Adam <[EMAIL PROTECTED]> Date: Fri Jan 25 01:40:42 2008 +0100 Fix lookup_sids to detect unix_groups and unix_users domain sids. This fixes panics in wbcLookupRids when 1-2-22 was passed as a domain sid. Michael commit 6c7c6c3f85a4bd171c62031b2b8e59d3f7054061 Author: Michael Adam <[EMAIL PROTECTED]> Date: Fri Jan 25 01:40:01 2008 +0100 Add a debug message: show the sid lookup_sid() was called for. Michael commit 373a00ae0d667d257fa93ab14c773e841f2c4f1a Author: Michael Adam <[EMAIL PROTECTED]> Date: Fri Jan 25 01:21:56 2008 +0100 Add debug message: show which domain_child is being forked. Michael commit 723e877c241dd5a0c8addb89507c9eda75b88ea4 Author: Michael Adam <[EMAIL PROTECTED]> Date: Thu Jan 24 23:44:05 2008 +0100 Add a debug message to lookup_rids() printing the domain SID. This is to ease debugging. I sporadically get panics that are apparently due to NULL domain sid passed to lookup_rids somewhere. Michael commit ba5373ed7f74d560a9de8620039b596b8938d1dc Author: Michael Adam <[EMAIL PROTECTED]> Date: Thu Jan 24 22:15:33 2008 +0100 Add a debug message winbindd_can_contact_domain() explaining the reason for failure. Michael commit 8bb21b8b3802e7b093a3c4fb41b8550033388878 Author: Michael Adam <[EMAIL PROTECTED]> Date: Thu Jan 24 22:47:49 2008 +0100 Fix assignment to request->data.init_conn.is_primary in init_child_connection(). The present assignment "request->data.init_conn.is_primary = domain->internal ? False : True" simply feels wrong. This seems to be the thing right to do: "request->data.init_conn.is_primary = domain->primary ? true : false". The question is: Does this have any purpose at all? data.init_conn.is_primary seems to be used nowhere in the whole code at all. Is it (still) needed? Michael ----------------------------------------------------------------------- Summary of changes: source/passdb/lookup_sid.c | 15 +++++++++++++++ source/winbindd/winbindd_dual.c | 7 +++++++ source/winbindd/winbindd_util.c | 4 +++- 3 files changed, 25 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index 55dd654..9f66eb9 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -464,6 +464,9 @@ static bool lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid, { int i; + DEBUG(10, ("lookup_rids called for domain sid '%s'\n", + sid_string_dbg(domain_sid))); + if (num_rids) { *names = TALLOC_ARRAY(mem_ctx, const char *, num_rids); *types = TALLOC_ARRAY(mem_ctx, enum lsa_SidType, num_rids); @@ -596,6 +599,16 @@ static bool lookup_as_domain(const DOM_SID *sid, TALLOC_CTX *mem_ctx, return true; } + if (sid_check_is_unix_users(sid)) { + *name = talloc_strdup(mem_ctx, unix_users_domain_name()); + return true; + } + + if (sid_check_is_unix_groups(sid)) { + *name = talloc_strdup(mem_ctx, unix_groups_domain_name()); + return true; + } + if (sid->num_auths != 4) { /* This can't be a domain */ return false; @@ -922,6 +935,8 @@ bool lookup_sid(TALLOC_CTX *mem_ctx, const DOM_SID *sid, TALLOC_CTX *tmp_ctx; bool ret = false; + DEBUG(10, ("lookup_sid called for SID '%s'\n", sid_string_dbg(sid))); + if (!(tmp_ctx = talloc_new(mem_ctx))) { DEBUG(0, ("talloc_new failed\n")); return false; diff --git a/source/winbindd/winbindd_dual.c b/source/winbindd/winbindd_dual.c index a9786d1..15ca564 100644 --- a/source/winbindd/winbindd_dual.c +++ b/source/winbindd/winbindd_dual.c @@ -959,6 +959,13 @@ static bool fork_domain_child(struct winbindd_child *child) struct winbindd_cli_state state; struct winbindd_domain *domain; + if (child->domain) { + DEBUG(10, ("fork_domain_child called for domain '%s'\n", + child->domain->name)); + } else { + DEBUG(10, ("fork_domain_child called without domain.\n")); + } + if (socketpair(AF_UNIX, SOCK_STREAM, 0, fdpair) != 0) { DEBUG(0, ("Could not open child pipe: %s\n", strerror(errno))); diff --git a/source/winbindd/winbindd_util.c b/source/winbindd/winbindd_util.c index 0381053..3d9ede3 100644 --- a/source/winbindd/winbindd_util.c +++ b/source/winbindd/winbindd_util.c @@ -571,7 +571,7 @@ enum winbindd_result init_child_connection(struct winbindd_domain *domain, /* The primary domain has to find the DC name itself */ request->cmd = WINBINDD_INIT_CONNECTION; fstrcpy(request->domain_name, domain->name); - request->data.init_conn.is_primary = domain->internal ? False : True; + request->data.init_conn.is_primary = domain->primary ? true : false; fstrcpy(request->data.init_conn.dcname, ""); async_request(mem_ctx, &domain->child, request, response, init_child_recv, state); @@ -1404,6 +1404,8 @@ bool winbindd_can_contact_domain( struct winbindd_domain *domain ) if ( domain->active_directory && ((domain->domain_flags&DS_DOMAIN_DIRECT_INBOUND) != DS_DOMAIN_DIRECT_INBOUND) ) { + DEBUG(10, ("Domain is an AD domain and we have no inbound " + "trust.\n")); return False; } -- Samba Shared Repository