summaryrefslogtreecommitdiff
path: root/source3/sam
diff options
context:
space:
mode:
authorSimo Sorce <idra@samba.org>2003-05-01 14:08:00 +0000
committerSimo Sorce <idra@samba.org>2003-05-01 14:08:00 +0000
commit7264b9df8fd2cfae2db4aca82ac737f47fdd5936 (patch)
tree3f7b2386f5993324f195921b97c952a7e976c9c4 /source3/sam
parent75cace04fdcb672cc6c3c3ec8403206f2b222c50 (diff)
downloadsamba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.tar.gz
samba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.tar.bz2
samba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.zip
proper wellknown sids initialization at startup
(This used to be commit 568feee8977ee1be210344c8ab1896512894cba2)
Diffstat (limited to 'source3/sam')
-rw-r--r--source3/sam/idmap_util.c46
1 files changed, 46 insertions, 0 deletions
diff --git a/source3/sam/idmap_util.c b/source3/sam/idmap_util.c
index 5d089d3baf..92cbb103db 100644
--- a/source3/sam/idmap_util.c
+++ b/source3/sam/idmap_util.c
@@ -298,3 +298,49 @@ NTSTATUS sid_to_gid(const DOM_SID *sid, gid_t *gid)
return ret;
}
+
+/* Initialize idmap withWellknown SIDs like Guest, that are necessary
+ * to make samba run properly */
+BOOL idmap_init_wellknown_sids(void)
+{
+ const char *guest_account = lp_guestaccount();
+ struct passwd *pass;
+ DOM_SID sid;
+ unid_t id;
+ int flags;
+
+ if (!(guest_account && *guest_account)) {
+ DEBUG(1, ("NULL guest account!?!?\n"));
+ return False;
+ }
+
+ pass = getpwnam_alloc(guest_account);
+ if (!pass) {
+ return False;
+ }
+
+ flags = ID_USERID;
+ id.uid = pass->pw_uid;
+ sid_copy(&sid, get_global_sam_sid());
+ sid_append_rid(&sid, DOMAIN_USER_RID_GUEST);
+ if (NT_STATUS_IS_ERR(idmap_set_mapping(&sid, id, flags))) {
+ passwd_free(&pass);
+ return False;
+ }
+
+ /* check if DOMAIN_GROUP_RID_GUESTS SID is set, if not store the
+ * guest account gid as mapping */
+ flags = ID_GROUPID | ID_NOMAP;
+ sid_copy(&sid, get_global_sam_sid());
+ sid_append_rid(&sid, DOMAIN_GROUP_RID_GUESTS);
+ if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &flags, &sid))) {
+ flags = ID_GROUPID;
+ id.gid = pass->pw_gid;
+ if (NT_STATUS_IS_ERR(idmap_set_mapping(&sid, id, flags))) {
+ passwd_free(&pass);
+ return False;
+ }
+ }
+
+ return True;
+}