sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-12-03 04:23:50 +03:00
Code Activity

* only install swat html files once

Browse Source 
* revert the change that prevent the guest
  account from being added to a passdb backend
  since it broke the build farm.
* apply patch from Alex Deiter to fix the
  "smbldap_open: cannot access when not root
  error" messages when looking up group
  information (bug 281)
This commit is contained in:
Gerald Carter
-
parent e591854eda
commit 9b8bf6a950
3 changed files with 36 additions and 19 deletions
Download Patch File Download Diff File Expand all files Collapse all files

20
source/rpc_server/srv_samr_nt.c
View File

@@ -894,7 +894,9 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
/* well-known aliases */
if (sid_equal(sid, &global_sid_Builtin) && !lp_hide_local_users()) {
become_root();
pdb_enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED);
unbecome_root();
if (num_entries != 0) {
*d_grp=(DOMAIN_GRP *)talloc_zero(ctx, num_entries*sizeof(DOMAIN_GRP));
@@ -914,6 +916,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
struct sys_grent *grp;
gid_t winbind_gid_low, winbind_gid_high;
BOOL winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high);
BOOL ret;
/* local aliases */
/* we return the UNIX groups here. This seems to be the right */
@@ -930,7 +933,10 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
for (; (num_entries < max_entries) && (grp != NULL); grp = grp->next) {
uint32 trid;
if(!pdb_getgrgid(&smap, grp->gr_gid))
become_root();
ret = pdb_getgrgid(&smap, grp->gr_gid);
unbecome_root();
if( !ret )
continue;
if (smap.sid_name_use!=SID_NAME_ALIAS) {
@@ -4111,6 +4117,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
int num_uids=0;
GROUP_INFO_CTR *ctr;
uint32 acc_granted;
BOOL ret;
if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted))
return NT_STATUS_INVALID_HANDLE;
@@ -4119,7 +4126,10 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
return r_u->status;
}
if (!get_domain_group_from_sid(group_sid, &map))
become_root();
ret = get_domain_group_from_sid(group_sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_INVALID_HANDLE;
ctr=(GROUP_INFO_CTR *)talloc_zero(p->mem_ctx, sizeof(GROUP_INFO_CTR));
@@ -4271,6 +4281,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
size_t sd_size;
NTSTATUS status;
fstring sid_string;
BOOL ret;
if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted))
return NT_STATUS_INVALID_HANDLE;
@@ -4305,7 +4316,10 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string));
/* check if that group really exists */
if (!get_domain_group_from_sid(info->sid, &map))
become_root();
ret = get_domain_group_from_sid(info->sid, &map);
unbecome_root();
if (!ret)
return NT_STATUS_NO_SUCH_GROUP;
/* get a (unique) handle. open a policy on it. */