sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-02-22 05:57:43 +03:00
Code

s3:passdb/pdb_util make pdb_create_builtin consider whether backend deals with BUILTIN

Browse Source 
when creating a BUILTIN group, make the strategy dependent on passdb backend behavior
1. if passdb is responsible for BUILTIN (normal case), call pdb_create_builtin_alias with gid=0 argument
so it asks winbindd for a gid to be used
2. if passdb is not responsible, ask for a mapping for the group first and let pdb_create_builtin_alias
create the mapping based on the gid that was determined in the mapping request

Pair-Programmed-With: Michael Adam <obnox@samba.org>

Signed-off-by: Christian Ambach <ambi@samba.org>
Signed-off-by: Michael Adam <obnox@samba.org>

Autobuild-User(master): Michael Adam <obnox@samba.org>
Autobuild-Date(master): Fri Jun 21 12:49:10 CEST 2013 on sn-devel-104
This commit is contained in:
Christian Ambach 2013-06-18 17:06:52 +02:00 committed by Michael Adam
parent 2d2d13ee61
commit ad86e2a599
1 changed files with 33 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
source3/passdb/pdb_util.c
View File

@ -26,6 +26,7 @@
#include "../libcli/security/security.h"
#include "passdb.h"
#include "lib/winbind_util.h"
#include "../librpc/gen_ndr/idmap.h"
/**
* Add sid as a member of builtin_sid.
@ -72,16 +73,44 @@ NTSTATUS pdb_create_builtin(uint32_t rid)
NTSTATUS status = NT_STATUS_OK;
struct dom_sid sid;
gid_t gid;
bool mapresult;
if (!sid_compose(&sid, &global_sid_Builtin, rid)) {
return NT_STATUS_NO_SUCH_ALIAS;
}
if (!sid_to_gid(&sid, &gid)) {
if (!lp_winbind_nested_groups() || !winbind_ping()) {
return NT_STATUS_PROTOCOL_UNREACHABLE;
if (!pdb_is_responsible_for_builtin()) {
/*
* if this backend is not responsible for BUILTIN
*
* Use the gid from the mapping request for entry.
* If the mapping fails, bail out
*/
mapresult = sid_to_gid(&sid, &gid);
if (!mapresult) {
status = NT_STATUS_NO_SUCH_GROUP;
} else {
status = pdb_create_builtin_alias(rid, gid);
}
} else {
/*
* this backend is responsible for BUILTIN
*
* a failed mapping result means that the entry
* does not exist yet, so create it
*
* we use pdb_sid_to_id intentionally here to
* directly query the passdb backend (sid_to_gid
* would finally do the same)
*/
struct unixid id;
mapresult = pdb_sid_to_id(&sid, &id);
if (!mapresult) {
if (!lp_winbind_nested_groups() || !winbind_ping()) {
return NT_STATUS_PROTOCOL_UNREACHABLE;
}
status = pdb_create_builtin_alias(rid, 0);
}
status = pdb_create_builtin_alias(rid, 0);
}
return status;
}