The branch, v3-3-test has been updated via 09b76c57098ed4d11855000ae31cd346cb9a765d (commit) from 242ae00e56ac553f9ac736b4c2a18b4610bdb6e9 (commit)
http://gitweb.samba.org/?p=samba.git;a=shortlog;h=v3-3-test - Log ----------------------------------------------------------------- commit 09b76c57098ed4d11855000ae31cd346cb9a765d Author: Jeremy Allison <j...@samba.org> Date: Tue Apr 28 11:07:51 2009 -0700 Fix bug #6291 - force user stop working. A previous fix broke the invariant that *uid is always initialized on return from create_token_from_username(). Restore it. Jeremy. ----------------------------------------------------------------------- Summary of changes: source/auth/auth_util.c | 38 +++++++++++++++++++++++++++++++++++++- 1 files changed, 37 insertions(+), 1 deletions(-) Changeset truncated at 500 lines: diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c index 2a535bf..2bd857c 100644 --- a/source/auth/auth_util.c +++ b/source/auth/auth_util.c @@ -884,6 +884,33 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, *found_username = talloc_strdup(mem_ctx, pdb_get_username(sam_acct)); + /* + * If the SID from lookup_name() was the guest sid, passdb knows + * about the mapping of guest sid to lp_guestaccount() + * username and will return the unix_pw info for a guest + * user. Use it if it's there, else lookup the *uid details + * using getpwnam_alloc(). See bug #6291 for details. JRA. + */ + + /* We must always assign the *uid. */ + if (sam_acct->unix_pw == NULL) { + struct passwd *pwd = getpwnam_alloc(sam_acct, *found_username ); + if (!pwd) { + DEBUG(10, ("getpwnam_alloc failed for %s\n", + *found_username)); + result = NT_STATUS_NO_SUCH_USER; + goto done; + } + result = samu_set_unix(sam_acct, pwd ); + if (!NT_STATUS_IS_OK(result)) { + DEBUG(10, ("samu_set_unix failed for %s\n", + *found_username)); + result = NT_STATUS_NO_SUCH_USER; + goto done; + } + } + *uid = sam_acct->unix_pw->pw_uid; + } else if (sid_check_is_in_unix_users(&user_sid)) { /* This is a unix user not in passdb. We need to ask nss @@ -900,8 +927,9 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, unix_user: if (!sid_to_uid(&user_sid, uid)) { - DEBUG(1, ("sid_to_uid for %s (%s) failed\n", + DEBUG(1, ("unix_user case, sid_to_uid for %s (%s) failed\n", username, sid_string_dbg(&user_sid))); + result = NT_STATUS_NO_SUCH_USER; goto done; } @@ -954,6 +982,14 @@ NTSTATUS create_token_from_username(TALLOC_CTX *mem_ctx, const char *username, uint32 dummy; + /* We must always assign the *uid. */ + if (!sid_to_uid(&user_sid, uid)) { + DEBUG(1, ("winbindd case, sid_to_uid for %s (%s) failed\n", + username, sid_string_dbg(&user_sid))); + result = NT_STATUS_NO_SUCH_USER; + goto done; + } + num_group_sids = 1; group_sids = TALLOC_ARRAY(tmp_ctx, DOM_SID, num_group_sids); if (group_sids == NULL) { -- Samba Shared Repository