mirror of
https://github.com/samba-team/samba.git
synced 2025-08-03 04:22:09 +03:00
Tidyup of lib/username. Add name_is_local fn to determine if name is
winbindd. Getting ready for efficiency fix in group lookups. Jeremy.
This commit is contained in:
Jeremy Allison
@ -35,11 +35,11 @@ char *get_user_home_dir(const char *user)
|
||||
|
||||
pass = Get_Pwnam(user);
|
||||
|
||||
if (!pass) return(NULL);
|
||||
if (!pass)
|
||||
return(NULL);
|
||||
return(pass->pw_dir);
|
||||
}
|
||||
|
||||
|
||||
/*******************************************************************
|
||||
Map a username from a dos name to a unix name by looking in the username
|
||||
map. Note that this modifies the name in place.
|
||||
@ -102,6 +102,7 @@ BOOL map_username(char *user)
|
||||
|
||||
while (isspace(*unixname))
|
||||
unixname++;
|
||||
|
||||
if ('!' == *unixname) {
|
||||
return_if_mapped = True;
|
||||
unixname++;
|
||||
@ -167,9 +168,8 @@ static struct passwd *_Get_Pwnam(const char *s)
|
||||
#ifdef HAVE_GETPWANAM
|
||||
struct passwd_adjunct *pwret;
|
||||
pwret = getpwanam(s);
|
||||
if (pwret && pwret->pwa_passwd) {
|
||||
if (pwret && pwret->pwa_passwd)
|
||||
pstrcpy(ret->pw_passwd,pwret->pwa_passwd);
|
||||
}
|
||||
#endif
|
||||
}
|
||||
|
||||
@ -177,13 +177,14 @@ static struct passwd *_Get_Pwnam(const char *s)
|
||||
}
|
||||
|
||||
|
||||
/*
|
||||
/****************************************************************************
|
||||
* A wrapper for getpwnam(). The following variations are tried:
|
||||
* - as transmitted
|
||||
* - in all lower case if this differs from transmitted
|
||||
* - in all upper case if this differs from transmitted
|
||||
* - using lp_usernamelevel() for permutations.
|
||||
*/
|
||||
****************************************************************************/
|
||||
|
||||
struct passwd *Get_Pwnam_internals(const char *user, char *user2)
|
||||
{
|
||||
struct passwd *ret = NULL;
|
||||
@ -281,16 +282,16 @@ static BOOL user_in_netgroup_list(const char *user, const char *ngname)
|
||||
|
||||
if(mydomain == NULL) {
|
||||
DEBUG(5,("Unable to get default yp domain\n"));
|
||||
} else {
|
||||
return False;
|
||||
}
|
||||
|
||||
DEBUG(5,("looking for user %s of domain %s in netgroup %s\n",
|
||||
user, mydomain, ngname));
|
||||
DEBUG(5,("innetgr is %s\n",
|
||||
innetgr(ngname, NULL, user, mydomain)
|
||||
DEBUG(5,("innetgr is %s\n", innetgr(ngname, NULL, user, mydomain)
|
||||
? "TRUE" : "FALSE"));
|
||||
|
||||
if (innetgr(ngname, NULL, user, mydomain))
|
||||
return (True);
|
||||
}
|
||||
#endif /* HAVE_NETGROUP */
|
||||
return False;
|
||||
}
|
||||
@ -489,7 +490,7 @@ BOOL user_in_list(const char *user,char **list)
|
||||
if(user_in_netgroup_list(user, *list +1))
|
||||
return True;
|
||||
}
|
||||
} else if (strchr(*list,*lp_winbind_separator()) != NULL) {
|
||||
} else if (!name_is_local(*list)) {
|
||||
/*
|
||||
* If user name did not match and token is not
|
||||
* a unix group and the token has a winbind separator in the
|
||||
@ -573,11 +574,11 @@ static struct passwd * uname_string_combinations(char *s,struct passwd * (*fn)(c
|
||||
return(NULL);
|
||||
}
|
||||
|
||||
|
||||
/****************************************************************************
|
||||
these wrappers allow appliance mode to work. In appliance mode the username
|
||||
takes the form DOMAIN/user
|
||||
These wrappers allow appliance mode to work. In appliance mode the username
|
||||
takes the form DOMAIN/user.
|
||||
****************************************************************************/
|
||||
|
||||
struct passwd *smb_getpwnam(char *user, BOOL allow_change)
|
||||
{
|
||||
struct passwd *pw;
|
||||
@ -585,26 +586,27 @@ struct passwd *smb_getpwnam(char *user, BOOL allow_change)
|
||||
char *sep;
|
||||
extern pstring global_myname;
|
||||
|
||||
if (allow_change) {
|
||||
if (allow_change)
|
||||
pw = Get_Pwnam_Modify(user);
|
||||
} else {
|
||||
else
|
||||
pw = Get_Pwnam(user);
|
||||
}
|
||||
if (pw) return pw;
|
||||
|
||||
/* if it is a domain qualified name and it isn't in our password
|
||||
database but the domain portion matches our local machine name then
|
||||
lookup just the username portion locally */
|
||||
if (pw)
|
||||
return pw;
|
||||
|
||||
/*
|
||||
* If it is a domain qualified name and it isn't in our password
|
||||
* database but the domain portion matches our local machine name then
|
||||
* lookup just the username portion locally.
|
||||
*/
|
||||
|
||||
sep = lp_winbind_separator();
|
||||
if (!sep || !*sep) sep = "\\";
|
||||
p = strchr_m(user,*sep);
|
||||
if (p &&
|
||||
strncasecmp(global_myname, user, strlen(global_myname))==0) {
|
||||
if (allow_change) {
|
||||
if (p && strncasecmp(global_myname, user, strlen(global_myname))==0) {
|
||||
if (allow_change)
|
||||
pw = Get_Pwnam_Modify(p+1);
|
||||
} else {
|
||||
else
|
||||
pw = Get_Pwnam(p+1);
|
||||
}
|
||||
}
|
||||
return NULL;
|
||||
}
|
||||
|
||||
@ -436,6 +436,16 @@ void add_supplementary_nt_login_groups(int *n_groups, gid_t **pp_groups, NT_USER
|
||||
*pptok = new_tok;
|
||||
}
|
||||
|
||||
/*****************************************************************
|
||||
Check if a user or group name is local (this is a *local* name for
|
||||
*local* people, there's nothing for you here...).
|
||||
*****************************************************************/
|
||||
|
||||
BOOL name_is_local(const char *name)
|
||||
{
|
||||
return !strchr_m(name, *lp_winbind_separator());
|
||||
}
|
||||
|
||||
/*****************************************************************
|
||||
*THE CANONICAL* convert name to SID function.
|
||||
Tries winbind first - then uses local lookup.
|
||||
|
||||
Reference in New Issue
Block a user