diff options
author | Simo Sorce <idra@samba.org> | 2003-05-12 18:12:31 +0000 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2003-05-12 18:12:31 +0000 |
commit | c823b191ab476fc2583d6d6aaa1e2edb09cbb88e (patch) | |
tree | de7a7bc704024faf8e9b5dc750eed0cec6684ebb /source3/auth/auth_rhosts.c | |
parent | 9308eaf77d53b2d86c071ef07a8e32d9d83b6d12 (diff) | |
download | samba-c823b191ab476fc2583d6d6aaa1e2edb09cbb88e.tar.gz samba-c823b191ab476fc2583d6d6aaa1e2edb09cbb88e.tar.bz2 samba-c823b191ab476fc2583d6d6aaa1e2edb09cbb88e.zip |
And finally IDMAP in 3_0
We really need idmap_ldap to have a good solution with ldapsam, porting
it from the prvious code is beeing made, the code is really simple to do
so I am confident it is not a problem to commit this code in.
Not committing it would have been worst.
I really would have been able to finish also the group code, maybe we can
put it into a followin release after 3.0.0 even if it may be an upgrade
problem.
The code has been tested and seem to work right, more testing is needed for
corner cases.
Currently winbind pdc (working only for users and not for groups) is
disabled as I was not able to make a complete group code replacement that
works somewhat in a week (I have a complete patch, but there are bugs)
Simo.
(This used to be commit 0e58085978f984436815114a2ec347cf7899a89d)
Diffstat (limited to 'source3/auth/auth_rhosts.c')
-rw-r--r-- | source3/auth/auth_rhosts.c | 19 |
1 files changed, 11 insertions, 8 deletions
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c index 0875c48280..3411083116 100644 --- a/source3/auth/auth_rhosts.c +++ b/source3/auth/auth_rhosts.c @@ -135,17 +135,20 @@ check for a possible hosts equiv or rhosts entry for the user static BOOL check_hosts_equiv(SAM_ACCOUNT *account) { - char *fname = NULL; + uid_t uid; + char *fname = NULL; - fname = lp_hosts_equiv(); + fname = lp_hosts_equiv(); + if (NT_STATUS_IS_ERR(sid_to_uid(pdb_get_user_sid(account), &uid))) + return False; - /* note: don't allow hosts.equiv on root */ - if (IS_SAM_UNIX_USER(account) && fname && *fname && (pdb_get_uid(account) != 0)) { - if (check_user_equiv(pdb_get_username(account),client_name(),fname)) - return(True); - } + /* note: don't allow hosts.equiv on root */ + if (fname && *fname && uid != 0) { + if (check_user_equiv(pdb_get_username(account),client_name(),fname)) + return True; + } - return(False); + return False; } |