summaryrefslogtreecommitdiff
path: root/source3/auth
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2003-04-29 22:06:16 +0000
committerSimo Sorce <idra@samba.org>2003-04-29 22:06:16 +0000
commita1eaa7d5e0f428359c0f661aeb2c313fa428ee0b (patch)
tree1d006dc489a2373fc3e55f78cc6ce34a4880b9aa /source3/auth
parent0db7c13f9210c0eac82050a2b9e37bd81bfffe10 (diff)
downloadsamba-a1eaa7d5e0f428359c0f661aeb2c313fa428ee0b.tar.gz
samba-a1eaa7d5e0f428359c0f661aeb2c313fa428ee0b.tar.bz2
samba-a1eaa7d5e0f428359c0f661aeb2c313fa428ee0b.zip
This is a nice rewrite:
SAM_ACCOUNT does not have anymore uid and gid fields all the code that used them has been fixed to use the proper idmap calls fix to idmap_tdb for first time idmap.tdb initialization. auth_serversupplied_info structure has now an uid and gid field few other fixes to make the system behave correctly with idmap tested only with tdbsam, but smbpasswd and nisplus should be ok have not tested ldap ! (This used to be commit 6a6f6032467e55aa9b76390e035623976477ba42)
Diffstat (limited to 'source3/auth')
-rw-r--r--source3/auth/auth_rhosts.c19
-rw-r--r--source3/auth/auth_util.c17
2 files changed, 18 insertions, 18 deletions
diff --git a/source3/auth/auth_rhosts.c b/source3/auth/auth_rhosts.c
index 0875c48280..0861d9747b 100644
--- a/source3/auth/auth_rhosts.c
+++ b/source3/auth/auth_rhosts.c
@@ -135,17 +135,20 @@ check for a possible hosts equiv or rhosts entry for the user
static BOOL check_hosts_equiv(SAM_ACCOUNT *account)
{
- char *fname = NULL;
+ uid_t uid;
+ char *fname = NULL;
- fname = lp_hosts_equiv();
+ fname = lp_hosts_equiv();
+ if (!sid_to_uid(pdb_get_user_sid(account), &uid))
+ return False;
- /* note: don't allow hosts.equiv on root */
- if (IS_SAM_UNIX_USER(account) && fname && *fname && (pdb_get_uid(account) != 0)) {
- if (check_user_equiv(pdb_get_username(account),client_name(),fname))
- return(True);
- }
+ /* note: don't allow hosts.equiv on root */
+ if (fname && *fname && uid != 0) {
+ if (check_user_equiv(pdb_get_username(account),client_name(),fname))
+ return True;
+ }
- return(False);
+ return False;
}
diff --git a/source3/auth/auth_util.c b/source3/auth/auth_util.c
index ddb833a0e5..56a1e9bb96 100644
--- a/source3/auth/auth_util.c
+++ b/source3/auth/auth_util.c
@@ -661,23 +661,18 @@ static NTSTATUS get_user_groups_from_local_sam(SAM_ACCOUNT *sampass,
gid_t gid;
int n_unix_groups;
int i;
- struct passwd *usr;
*n_groups = 0;
*groups = NULL;
- if (!IS_SAM_UNIX_USER(sampass)) {
- DEBUG(1, ("user %s does not have a unix identity!\n", pdb_get_username(sampass)));
- return NT_STATUS_NO_SUCH_USER;
+ if (!sid_to_uid(pdb_get_user_sid(sampass), &uid) || !sid_to_gid(pdb_get_group_sid(sampass), &gid)) {
+ DEBUG(0, ("get_user_groups_from_local_sam: error fetching uid or gid for user!\n"));
+ return NT_STATUS_UNSUCCESSFUL;
}
-
- uid = pdb_get_uid(sampass);
- gid = pdb_get_gid(sampass);
n_unix_groups = groups_max();
if ((*unix_groups = malloc( sizeof(gid_t) * n_unix_groups ) ) == NULL) {
DEBUG(0, ("get_user_groups_from_local_sam: Out of memory allocating unix group list\n"));
- passwd_free(&usr);
return NT_STATUS_NO_MEMORY;
}
@@ -686,7 +681,6 @@ static NTSTATUS get_user_groups_from_local_sam(SAM_ACCOUNT *sampass,
groups_tmp = Realloc(*unix_groups, sizeof(gid_t) * n_unix_groups);
if (!groups_tmp) {
SAFE_FREE(*unix_groups);
- passwd_free(&usr);
return NT_STATUS_NO_MEMORY;
}
*unix_groups = groups_tmp;
@@ -694,7 +688,6 @@ static NTSTATUS get_user_groups_from_local_sam(SAM_ACCOUNT *sampass,
if (sys_getgrouplist(pdb_get_username(sampass), gid, *unix_groups, &n_unix_groups) == -1) {
DEBUG(0, ("get_user_groups_from_local_sam: failed to get the unix group list\n"));
SAFE_FREE(*unix_groups);
- passwd_free(&usr);
return NT_STATUS_NO_SUCH_USER; /* what should this return value be? */
}
}
@@ -739,6 +732,10 @@ static NTSTATUS make_server_info(auth_serversupplied_info **server_info, SAM_ACC
(*server_info)->sam_fill_level = SAM_FILL_ALL;
(*server_info)->sam_account = sampass;
+ if (!sid_to_uid(pdb_get_user_sid(sampass), &((*server_info)->uid)))
+ return NT_STATUS_UNSUCCESSFUL;
+ if (!sid_to_gid(pdb_get_group_sid(sampass), &((*server_info)->gid)))
+ return NT_STATUS_UNSUCCESSFUL;
return NT_STATUS_OK;
}