summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorVolker Lendecke <vlendec@samba.org>2007-03-19 21:04:56 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:18:42 -0500
commit3fdef9433a9e08064b32e34a16ce62a60ce144fb (patch)
treec035739e6b8a7c4b57d937fe25961b9e469b4b60 /source3/auth
parent7c09cfd0806d24e89f4dc9714a9efe09758e6f12 (diff)
downloadsamba-3fdef9433a9e08064b32e34a16ce62a60ce144fb.tar.gz
samba-3fdef9433a9e08064b32e34a16ce62a60ce144fb.tar.bz2
samba-3fdef9433a9e08064b32e34a16ce62a60ce144fb.zip
r21878: Fix a bug with smbd serving a windows terminal server: If winbind decides smbd
to be idle it might happen that smbd needs to do a winbind operation (for example sid2name) as non-root. This then fails to get the privileged pipe. When later on on the same connection another authentication request comes in, we try to do the CRAP auth via the non-privileged pipe. This adds a winbindd_priv_request_response() request that kills the existing winbind pipe connection if it's not privileged. Volker (This used to be commit e5741e27c4c22702c9f8b07877641fecc7eef39c)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_winbind.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/source3/auth/auth_winbind.c b/source3/auth/auth_winbind.c
index fa56757950..f06f83f406 100644
--- a/source3/auth/auth_winbind.c
+++ b/source3/auth/auth_winbind.c
@@ -108,7 +108,8 @@ static NTSTATUS check_winbind_security(const struct auth_context *auth_context,
/* we are contacting the privileged pipe */
become_root();
- result = winbindd_request_response(WINBINDD_PAM_AUTH_CRAP, &request, &response);
+ result = winbindd_priv_request_response(WINBINDD_PAM_AUTH_CRAP,
+ &request, &response);
unbecome_root();
if ( result == NSS_STATUS_UNAVAIL ) {