On Thu, May 11, 2006 at 02:12:22PM -0400, Ryan Novosielski wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > Continuing on: > > Linking bin/winbindd > /usr/ccs/bin/ld: Unsatisfied symbols: > seteuid (first referenced in nsswitch/winbindd_pam.o) (code) > make: *** [bin/winbindd] Error 1 > > Problem here appears to be that 'seteuid' is not available on HP-UX, at > least not on HP-UX 11i earlier than v2 May 2005: > > http://devrsrc1.external.hp.com/STKT/impacts/i171.html?jumpid=reg_R1002_USEN > > Here are notes on what to use instead, however I'm pretty sure that that > was already known as it is no doubt needed elsewhere in the package: > > http://devrsrc1.external.hp.com/STKS/impacts/i133.html?jumpid=reg_R1002_USEN > > There are also conditionals in configure.in (that never seem to show up > in the configure output, interestingly enough). This was not broken in > 3.0.22, however, none of the winbindd* files attempted to use seteuid in > 3.0.22.
Ok, try this patch. Gunther please review as it affects winbindd code. I think it's ok... Jeremy.
Index: nsswitch/winbindd_cred_cache.c =================================================================== --- nsswitch/winbindd_cred_cache.c (revision 15527) +++ nsswitch/winbindd_cred_cache.c (working copy) @@ -105,7 +105,7 @@ if ((entry->renew_until < time(NULL)) && (entry->pass != NULL)) { - seteuid(entry->uid); + set_effective_uid(entry->uid); ret = kerberos_kinit_password_ext(entry->principal_name, entry->pass, @@ -116,7 +116,7 @@ False, /* no PAC required anymore */ True, WINBINDD_PAM_AUTH_KRB5_RENEW_TIME); - seteuid(0); + gain_root_privilege(); if (ret) { DEBUG(3,("could not re-kinit: %s\n", error_message(ret))); @@ -132,13 +132,13 @@ goto done; } - seteuid(entry->uid); + set_effective_uid(entry->uid); ret = smb_krb5_renew_ticket(entry->ccname, entry->principal_name, entry->service, &new_start); - seteuid(0); + gain_root_privilege(); if (ret) { DEBUG(3,("could not renew tickets: %s\n", error_message(ret))); Index: nsswitch/winbindd_pam.c =================================================================== --- nsswitch/winbindd_pam.c (revision 15527) +++ nsswitch/winbindd_pam.c (working copy) @@ -478,7 +478,7 @@ if (!internal_ccache) { - seteuid(uid); + set_effective_uid(uid); DEBUG(10,("winbindd_raw_kerberos_login: uid is %d\n", uid)); } @@ -533,7 +533,7 @@ } if (!internal_ccache) { - seteuid(0); + gain_root_privilege(); } /************************ NON-ROOT **********************/ @@ -631,7 +631,7 @@ SAFE_FREE(client_princ_out); if (!internal_ccache) { - seteuid(0); + gain_root_privilege(); } return result;
-- To unsubscribe from this list go to the following URL and read the instructions: https://lists.samba.org/mailman/listinfo/samba