summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2004-03-04 16:00:16 +0000
committerGerald Carter <jerry@samba.org>2004-03-04 16:00:16 +0000
commit4c00877894953d0d58663a9f9012eb2beeff6268 (patch)
tree8f89a9798e894ebc9929bcfaeca80d6f4667cf61
parent0b975dd7c64e94c7bcad9d7628005b16e9006424 (diff)
downloadsamba-4c00877894953d0d58663a9f9012eb2beeff6268.tar.gz
samba-4c00877894953d0d58663a9f9012eb2beeff6268.tar.bz2
samba-4c00877894953d0d58663a9f9012eb2beeff6268.zip
BUG 848: don't create winbind local users/groups that already exist in the tdb
(This used to be commit 00c998c5030560d096d7f3c0f9d89ce18e2d006b)
-rw-r--r--source3/nsswitch/winbindd_acct.c19
1 files changed, 16 insertions, 3 deletions
diff --git a/source3/nsswitch/winbindd_acct.c b/source3/nsswitch/winbindd_acct.c
index 28434496ce..2f94a2efd0 100644
--- a/source3/nsswitch/winbindd_acct.c
+++ b/source3/nsswitch/winbindd_acct.c
@@ -1007,7 +1007,7 @@ enum winbindd_result winbindd_create_user(struct winbindd_cli_state *state)
{
char *user, *group;
unid_t id;
- WINBINDD_PW pw;
+ WINBINDD_PW pw, *pw_check;
WINBINDD_GR *wb_grp;
struct group *unix_grp;
gid_t primary_gid;
@@ -1028,6 +1028,13 @@ enum winbindd_result winbindd_create_user(struct winbindd_cli_state *state)
DEBUG(3, ("[%5lu]: create_user: user=>(%s), group=>(%s)\n",
(unsigned long)state->pid, user, group));
+
+ if ( (pw_check=wb_getpwnam(user)) != NULL ) {
+ DEBUG(0,("winbindd_create_user: Refusing to create user that already exists (%s)\n",
+ user));
+ return WINBINDD_ERROR;
+ }
+
if ( !*group )
group = lp_template_primary_group();
@@ -1103,7 +1110,7 @@ enum winbindd_result winbindd_create_group(struct winbindd_cli_state *state)
{
char *group;
unid_t id;
- WINBINDD_GR grp;
+ WINBINDD_GR grp, *grp_check;
uint32 flags = state->request.flags;
uint32 rid;
@@ -1118,7 +1125,13 @@ enum winbindd_result winbindd_create_group(struct winbindd_cli_state *state)
DEBUG(3, ("[%5lu]: create_group: (%s)\n", (unsigned long)state->pid, group));
- /* get a new uid */
+ if ( (grp_check=wb_getgrnam(group)) != NULL ) {
+ DEBUG(0,("winbindd_create_group: Refusing to create group that already exists (%s)\n",
+ group));
+ return WINBINDD_ERROR;
+ }
+
+ /* get a new gid */
if ( !NT_STATUS_IS_OK(idmap_allocate_id( &id, ID_GROUPID)) ) {
DEBUG(0,("winbindd_create_group: idmap_allocate_id() failed!\n"));