1
0
mirror of https://github.com/samba-team/samba.git synced 2025-07-22 16:59:09 +03:00
Commit Graph

111 Commits

Author SHA1 Message Date
bc64bb0d20 r2016: Add message to ease access-control-debugging.
Guenther
2007-10-10 10:52:28 -05:00
7c673bd910 r1375: When setting writable=yes in smb.conf and only allow read access in the
security descriptor, allow read access. The code failed in this case.

Jeremy, could you please cross-check this? The way I understood your code it
could only work if smb.conf and secdesc said the same. This made the use of
srvmgr a bit difficult.... What was your intention on how to use the
share_info.tdb?

The current code might check the secdesc twice, but I don't see any decent way
around it that does not completely clutter the code.

Volker
2007-10-10 10:52:08 -05:00
9fe2240d6b r762: Fix for #1319 when security > share.
Jeremy.
2007-10-10 10:51:36 -05:00
f0f7a48327 Fixup the 'multiple-vuids' bugs.
Jeremy.
-
ab25af0e18 nsswitch/winbindd_util.c:
add static

smbd/uid.c:
	remove unused function

Andrew Bartlett
-
5693730594 Samba hasn't used this function for ages - it's now handled deep in the
auth subsystem.

Andrew Bartlett
-
780055f442 Fix bug 327 (again and I think for the last time). Make sure that
pam_smbpass.so will load ok.  Had to move some functions around to work
around dependency problems (hence the new passdb/lookup_sid.c)

Also make sure that libsmbclient.a is built and installed when
we support shared libraries.
-
7d009ebf66 Spelling. -
8edf193722 fix sid_to_[uid|gid] (spotted by Volker).
Still testing this, but I'm checking it in
so Volker can test it as well.  Should be right.
-
1111bc7b0c Large set of changes to add UNIX account/group management
to winbindd.  See README.idmap-and-winbind-changes for details.
-
9d0692a54f Get rid of DISP_USER_INFO/DISP_GROUP_INFO as they serve no useful
purpose. Replace with an array of SAM_ACCOUNT/DOMAIN_GRP entries.
ZERO struct's in smbd/uid.c stops core dumps when sid_to_XX
functions fail. Getting ready to add caching.
Jeremy.
-
f3c2e73a8c Ensure we correctly test for errors in uid/gid_to sid.
Jeremy.
-
e9fb6e4508 Fixed a couple of const issues with the new code.
Jeremy.
-
8266dffab4 and so it begins....
* remove idmap_XX_to_XX calls from smbd.  Move back to the
  the winbind_XXX and local_XXX calls used in 2.2

* all uid/gid allocation must involve winbindd now

* move flags field around in winbindd_request struct

* add WBFLAG_QUERY_ONLY option to winbindd_sid_to_[ug]id()
  to prevent automatic allocation for unknown SIDs

* add 'winbind trusted domains only' parameter to force a domain member
  server to use matching users names from /etc/passwd for its domain
  (needed for domain member of a Samba domain)

* rename 'idmap only' to 'enable rid algorithm' for better clarity
  (defaults to "yes")

code has been tested on

  * domain member of native mode 2k domain
  * ads domain member of native mode 2k domain
  * domain member of NT4 domain
  * domain member of Samba domain
  * Samba PDC running winbindd with trusts

Logons tested using 2k clients and smbclient as domain users
and trusted users. Tested both 'winbind trusted domains only = [yes|no]'

This will be a long week of changes.  The next item on the list is
winbindd_passdb.c & machine trust accounts not in /etc/passwd (done
via winbindd_passdb)
-
0e58085978 And finally IDMAP in 3_0
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.

Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.

The code has been tested and seem to work right, more testing is needed for
corner cases.

Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)

Simo.
-
12579a6294 pdb_ldap may require ROOT privilages to access the group mapping. (yes, it's ugly :-)
Andrew Bartlett
-
74b5436c75 Merge of server-side authentication changes to 3.0:
- user_ok() and user_in_group() now take a list of groups, instead of
   looking for the user in the members of all groups.

 - The 'server_info' returned from the authentication is now kept around
  - in future we won't copy the sesion key, username etc, we will just
    referece them directly.

 - rhosts upgraded to use the SAM if possible, otherwise fake up based on
   getpwnam().

 - auth_util code to deal with groups upgraded to deal with non-winbind domain
   members again.

Andrew Bartlett
-
efc9269780 Fix inspired by Stefan (metze) Metzmacher - cache the sidtype also.
Jeremy.
-
f2674d1ac9 Added code based on Michael Steffens <michael.steffens@hp.com> uid/gid
caching code. Reduces load on winbindd. Probably should be moved to
use gencache at some future date.
Jeremy.
-
f755711df8 Removed global_myworkgroup, global_myname, global_myscope. Added liberal
dashes of const. This is a rather large check-in, some things may break.
It does compile though :-).
Jeremy.
-
b8951a6551 Merges from HEAD:
- off-by-one fix - fixes warnings about insufficent space in buffer.
- fix a memleak in uid.c - we forgot to free() the allocated struct.
-
40eafb9dde First cut of new ACL mapping code from Andreas Gruenbacher <agruen@suse.de>.
This is not 100% the same as what SuSE shipped in their Samba, there is
a crash bug fix, a race condition fix, and a few logic changes I'd like to
discuss with Andreas. Added Andreas to (C) notices for posix_acls.c
Jeremy.
-
65e7b5273b sync'ing up for 3.0alpha20 release -
42615b945e Sync 3.0 branch with head -
03ac082dcb updated the 3.0 branch from the head branch - ready for alpha18 -
97eb3a121d merged the mangling test and passdb bugfixes into SAMBA_3_0 -
1a8f3ba3ab if we know that the SID is local then don't try via winbindd -
df9e345366 fixed mapping of SIDs for local users -
7bb0dda8ee Fixed compiler warning about unused variables. -
fe2db31485 this allows us to support foreign SIDs in winbindd and smbd
this means "xcopy /o" has a chance of working with ACLs that contain
ACEs that use SIDs that the Samba server has no knowledge of.

It's a bit hackish, Tim, can you look at my uid.c changes?
-
6a58c9bd06 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
-
25cadce67b - Provide sid->name lookup support for non-unix accounts.
- Rework the name -> sid lookup function to always try local lookup first (for
local domain names) before trying winbind.  This seems to eliminate my winbind
feedback loop problems.  (I don't use winbind for nsswitch, where there are
almost certainly further issues).

Andrew Bartlett
-
3e71521957 Rework lookup_name() to take seperate username/domain args, and to remove
varioius crazy 'if winbind didn't find it' cases.  This makes winbind default
domain support easier to intergrate with smbd.
-
e870f0e727 This patch makes the 'winbind use default domain' code interact better with
smbd, and also makes it much cleaner inside winbindd.

It is mostly my code, with a few changes and testing performed by Alexander
Bokovoy <a.bokovoy@sam-solutions.net>.  ab has tested it in security=domain and
security=ads, but more testing is always appricatiated.

The idea is that we no longer cart around a 'domain\user' string, we keep them
seperate until the last moment - when we push that string into a pwent on onto
the socket.

This removes the need to be constantly parsing that string - the domain prefix
is almost always already provided, (only a couple of functions actually changed
arguments in all this).

Some consequential changes to the RPC client code, to stop it concatonating the
two strings (it now passes them both back as params).

I havn't changed the cache code, however the usernames will no longer have a
double domain prefix in the key string.  The actual structures are unchanged
 - but the meaning of 'username' in the 'rid' will have changed.  (The cache is
invalidated at startup, so on-disk formats are not an issue here).

Andrew Bartlett
-
1d86c7f942 A nice *big* change to the fundemental way we do things.
Samba (ab)uses the returns from getpwnam() a lot - in particular it keeps
them around for a long time - often past the next call...

This adds a getpwnam_alloc and a getpwuid_alloc to the collection.

These function as expected, returning a malloced structure that can be
free()ed with passwd_free(&passwd).

This patch also cuts down on the number of calls to getpwnam - mostly by
taking advantage of the fact that the passdb interface is already
case-insensiteve.

With this patch most of the recursive cases have been removed (that I know
of) and the problems are reduced further by not using the sys_ interface
in the new code.  This means that pointers to the cache won't be affected.
(This is a tempoary HACK, I intend to kill the password cache entirly).

The only change I'm a little worried about is the change to
rpc_server/srv_samr_nt.c for private groups.  In this case we are getting
groups from the new group mapping DB.  Do we still need to check for private
groups?  I've toned down the check to a case sensitve match with the new code,
but we might be able to kill it entirly.

I've also added a make_modifyable_passwd() function, that copies a passwd
struct into the form that the old sys_getpw* code provided.  As far as I can
tell this is only actually used in the pass_check.c crazies, where I moved
the final 'special case' for shadow passwords (out of _Get_Pwnam()).

The matching case for getpwent() is dealt with already, in lib/util_getent.c

Also included in here is a small change to register the [homes] share at vuid
creation rather than just in one varient of the session setup.  (This picks
up the SPNEGO cases).  The home directory is now stored on the vuid, and I
am hoping this might provide a saner way to do %H substitions.

TODO:  Kill off remaining Get_Pwnam_Modify calls (they are not needed), change
the remaining sys_getpwnam() callers to use getpwnam_alloc() and move
Get_Pwnam to return an allocated struct.

Andrew Bartlett
-
6c87e96149 added a boolean to the group mapping functions to specify if we need or
not the privileges. Usually we don't need them, so the memory is free
early.

lib/util_sid.c: added some helper functions to check an SID.

passdb/passdb.c: renamed local_lookup_rid() to local_lookup_sid() and pass
an RID all the way. If the group doesn't exist on the domain SID,
don't return a faked one as it can collide with a builtin one. Some rpc
structures have been badly designed, they return only rids and force the
client to do subsequent lsa_lookup_sid() on the domain sid and the builtin
sid !

rpc_server/srv_util.c: wrote a new version of get_domain_user_groups().
Only the samr code uses it atm. It uses the group mapping code instead of
a bloody hard coded crap. The netlogon code will use it too, but I have to
do some test first.

	J.F.
-
708c0a8d16 Moved name_is_local to the correct place. Ooops.
Jeremy.
-
8d41dfd149 Tidyup of lib/username. Add name_is_local fn to determine if name is
winbindd. Getting ready for efficiency fix in group lookups.
Jeremy.
-
c7dd0364f2 space -> tab.
Jeremy.
-
4ab9ca31a0 Another merge from appliance-head: in [ug]id_to_sid don't call the
winbind function if the id is obviously going to be local.  Cleanup
of winbind [ug]id parameter handling.
-
8e708332ed This change updates lp_guestaccount() to be a *global* paramater, rather than
per-share.  I beleive that almost all the things that this could have done on
a per-share basis can be done with other tools, like 'force user'.

Almost all the user's of this paramater used it as a global anyway...

While this is one step at a time, I hope it will allow me to considerably
simplfy the make_connection() code, particularly for the user-level security
case.

This already removes an absolute truckload of extra attempted password lookups
on the guest account.

Andrew Bartlett
-
a99d9cec7e Fixed incorrect debug message. )-: -
ee5e7ca547 Added NT_USER_TOKEN into server_info to fix extra groups problem.
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
-
e7634f81c5 This commit is number 3 of 4.
In particular this commit focuses on:

Changing the Get_Pwnam code so that it can work in a const-enforced
environment.

While these changes have been mildly tested, and are pretty small, any
assistance in this is appreciated.

----

These changes allow for 'const' in the Samba tree.

There are a number of good reasons to do this:

	- I want to allow the SAM_ACCOUNT structure to move from wasteful
	pstrings and fstrings to  allocated strings.  We can't do that if
	people are modifying these outputs, as they may well make
	assumptions about getting pstrings and fstrings

	- I want --with-pam_smbpass to compile with a slightly sane
	volume of warnings, currently its  pretty bad, even in 2.2
	where is compiles at all.

	- Tridge assures me that he no longer opposes 'const religion'
	based on the ability to  #define const the problem away.

	- Changed Get_Pwnam(x,y) into two variants (so that the const
	parameter can work correctly): - Get_Pwnam(const x) and
	Get_Pwnam_Modify(x).

	- Reworked smbd/chgpasswd.c to work with these mods, passing
	around a 'struct passwd' rather  than the modified username
-
c2e06ed221 client : Fixed error return.
uid.c: Added missing void.
Jeremy.
-
8d23a7441b Merge the become_XXX -> change_to_XXX fixes from 2.2.2 to HEAD.
Ensure make_conection() can only be called as root.
Jeremy.
-
2d5b0f7ad8 fixed compiler warning. -
29730027d8 Fixes from John Trostel (modified somewhat by me) to ensure that all lookup_XX
functions correctly deal with the SID_NAME_TYPE. One fix for connection user
lookup in LSA.
Jeremy.
-
2d0922b0ea Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header. -
50d8e5b22f Fix invalid uid being used after logoff. Thanks to Nigel Williams
for this bug report.
Jeremy.
-