summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2009-02-02 00:36:59 +0100
committerMichael Adam <obnox@samba.org>2009-02-02 00:53:05 +0100
commita0d05192006c4bade760bd945ab91b5268ca47a6 (patch)
tree9479e0a9f61826af50fcf1f0aff64570a9b0a276
parent8c57f34b99b9bd587e1c2be0905a8c41eebbd568 (diff)
downloadsamba-a0d05192006c4bade760bd945ab91b5268ca47a6.tar.gz
samba-a0d05192006c4bade760bd945ab91b5268ca47a6.tar.bz2
samba-a0d05192006c4bade760bd945ab91b5268ca47a6.zip
s3:winbind_user: fix "getent passwd" to allocate new uids.
"getent passwd" used to fill the idmap cache with negative cache entries for unmapped user sids. Don't pass domain name unconditionally to idmap_sid_to_[ug]id(). idmap_sid_to_[ug]id() only creates new mappings (allocating idmap backends tdb, tdb2, ldap...) when the domain name passed in is "". Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id() functions here, in the main winbindd. The correct fix would be to send a sid_to_[ug]id request to winbindd itself, but this needs more work to prepare the async mechanisms, and we nee a quick fix for getent passwd now. Michael
-rw-r--r--source3/winbindd/winbindd_user.c9
1 files changed, 7 insertions, 2 deletions
diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c
index 2e326430fc..b01e1847f2 100644
--- a/source3/winbindd/winbindd_user.c
+++ b/source3/winbindd/winbindd_user.c
@@ -76,6 +76,7 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
char *mapped_name = NULL;
struct winbindd_domain *domain = NULL;
NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL;
+ char *dom_name_idmap = "";
if (!pw || !dom_name || !user_name)
return False;
@@ -87,9 +88,13 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
nt_status = NT_STATUS_NO_SUCH_DOMAIN;
}
+ if (domain->have_idmap_config) {
+ dom_name_idmap = dom_name;
+ }
+
/* Resolve the uid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name, user_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name_idmap, user_sid,
&pw->pw_uid))) {
DEBUG(1, ("error getting user id for sid %s\n",
sid_string_dbg(user_sid)));
@@ -98,7 +103,7 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name
/* Resolve the gid number */
- if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name, group_sid,
+ if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name_idmap, group_sid,
&pw->pw_gid))) {
DEBUG(1, ("error getting group id for sid %s\n",
sid_string_dbg(group_sid)));