summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorMichael Adam <obnox@samba.org>2007-10-10 08:27:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:31:17 -0500
commit57482469b32645250e92a7ffd003aeeb4a42235e (patch)
treef35829264a57754d1ee93508c63b51972fbcc482
parent07cbec10b1f7c43535c2dcedb627e0faefdf4b9a (diff)
downloadsamba-57482469b32645250e92a7ffd003aeeb4a42235e.tar.gz
samba-57482469b32645250e92a7ffd003aeeb4a42235e.tar.bz2
samba-57482469b32645250e92a7ffd003aeeb4a42235e.zip
r25598: Add missing become_root/unbecome_root around calls of add_aliases.
This triggered a "cannot access LDAP when not root"-bug with "passdb backend = ldap" and "winbind nested groups = yes". This *might* be a step towards fixing bug #4308, since the failure was observerd when triggered by acl code. Michael (This used to be commit ba8c48244e140403b728d9a2ca297b40e8888964)
-rw-r--r--source3/auth/token_util.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 2c11fa5b17..7514d867ad 100644
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -388,6 +388,8 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
if (lp_winbind_nested_groups()) {
+ become_root();
+
/* Now add the aliases. First the one from our local SAM */
status = add_aliases(get_global_sam_sid(), result);
@@ -405,6 +407,8 @@ struct nt_user_token *create_local_nt_token(TALLOC_CTX *mem_ctx,
TALLOC_FREE(result);
return NULL;
}
+
+ unbecome_root();
}