mirror of
https://github.com/samba-team/samba.git
synced 2024-12-24 21:34:56 +03:00
r20243: Make lookup_name resolve both the mapped and the real unix group name
(This used to be commit 7167e7b26a
)
This commit is contained in:
parent
bb3cf31184
commit
91626a4497
@ -550,7 +550,7 @@ BOOL algorithmic_pdb_rid_is_user(uint32 rid)
|
|||||||
Convert a name into a SID. Used in the lookup name rpc.
|
Convert a name into a SID. Used in the lookup name rpc.
|
||||||
********************************************************************/
|
********************************************************************/
|
||||||
|
|
||||||
BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
|
BOOL lookup_global_sam_name(const char *name, int flags, uint32_t *rid,
|
||||||
enum lsa_SidType *type)
|
enum lsa_SidType *type)
|
||||||
{
|
{
|
||||||
GROUP_MAP map;
|
GROUP_MAP map;
|
||||||
@ -561,7 +561,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
|
|||||||
name "None" on Windows. You will get an error that
|
name "None" on Windows. You will get an error that
|
||||||
the group already exists. */
|
the group already exists. */
|
||||||
|
|
||||||
if ( strequal( user, "None" ) ) {
|
if ( strequal( name, "None" ) ) {
|
||||||
*rid = DOMAIN_GROUP_RID_USERS;
|
*rid = DOMAIN_GROUP_RID_USERS;
|
||||||
*type = SID_NAME_DOM_GRP;
|
*type = SID_NAME_DOM_GRP;
|
||||||
|
|
||||||
@ -581,7 +581,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
|
|||||||
}
|
}
|
||||||
|
|
||||||
become_root();
|
become_root();
|
||||||
ret = pdb_getsampwnam(sam_account, user);
|
ret = pdb_getsampwnam(sam_account, name);
|
||||||
unbecome_root();
|
unbecome_root();
|
||||||
|
|
||||||
if (ret) {
|
if (ret) {
|
||||||
@ -593,7 +593,7 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
|
|||||||
if (ret) {
|
if (ret) {
|
||||||
if (!sid_check_is_in_our_domain(&user_sid)) {
|
if (!sid_check_is_in_our_domain(&user_sid)) {
|
||||||
DEBUG(0, ("User %s with invalid SID %s in passdb\n",
|
DEBUG(0, ("User %s with invalid SID %s in passdb\n",
|
||||||
user, sid_string_static(&user_sid)));
|
name, sid_string_static(&user_sid)));
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
|
||||||
@ -608,17 +608,33 @@ BOOL lookup_global_sam_name(const char *user, int flags, uint32_t *rid,
|
|||||||
*/
|
*/
|
||||||
|
|
||||||
become_root();
|
become_root();
|
||||||
ret = pdb_getgrnam(&map, user);
|
ret = pdb_getgrnam(&map, name);
|
||||||
unbecome_root();
|
unbecome_root();
|
||||||
|
|
||||||
if (!ret) {
|
if (!ret) {
|
||||||
return False;
|
/* try to see if we can lookup a mapped
|
||||||
|
* group with the unix group name */
|
||||||
|
|
||||||
|
struct group *grp;
|
||||||
|
|
||||||
|
grp = getgrnam(name);
|
||||||
|
if (!grp) {
|
||||||
|
return False;
|
||||||
|
}
|
||||||
|
|
||||||
|
become_root();
|
||||||
|
ret = pdb_getgrgid(&map, grp->gr_gid);
|
||||||
|
unbecome_root();
|
||||||
|
|
||||||
|
if (!ret) {
|
||||||
|
return False;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
/* BUILTIN groups are looked up elsewhere */
|
/* BUILTIN groups are looked up elsewhere */
|
||||||
if (!sid_check_is_in_our_domain(&map.sid)) {
|
if (!sid_check_is_in_our_domain(&map.sid)) {
|
||||||
DEBUG(10, ("Found group %s (%s) not in our domain -- "
|
DEBUG(10, ("Found group %s (%s) not in our domain -- "
|
||||||
"ignoring.", user,
|
"ignoring.", name,
|
||||||
sid_string_static(&map.sid)));
|
sid_string_static(&map.sid)));
|
||||||
return False;
|
return False;
|
||||||
}
|
}
|
||||||
|
Loading…
Reference in New Issue
Block a user