diff options
author | Simo Sorce <idra@samba.org> | 2003-05-01 14:08:00 +0000 |
---|---|---|
committer | Simo Sorce <idra@samba.org> | 2003-05-01 14:08:00 +0000 |
commit | 7264b9df8fd2cfae2db4aca82ac737f47fdd5936 (patch) | |
tree | 3f7b2386f5993324f195921b97c952a7e976c9c4 /source3/sam | |
parent | 75cace04fdcb672cc6c3c3ec8403206f2b222c50 (diff) | |
download | samba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.tar.gz samba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.tar.bz2 samba-7264b9df8fd2cfae2db4aca82ac737f47fdd5936.zip |
proper wellknown sids initialization at startup
(This used to be commit 568feee8977ee1be210344c8ab1896512894cba2)
Diffstat (limited to 'source3/sam')
-rw-r--r-- | source3/sam/idmap_util.c | 46 |
1 files changed, 46 insertions, 0 deletions
diff --git a/source3/sam/idmap_util.c b/source3/sam/idmap_util.c index 5d089d3baf..92cbb103db 100644 --- a/source3/sam/idmap_util.c +++ b/source3/sam/idmap_util.c @@ -298,3 +298,49 @@ NTSTATUS sid_to_gid(const DOM_SID *sid, gid_t *gid) return ret; } + +/* Initialize idmap withWellknown SIDs like Guest, that are necessary + * to make samba run properly */ +BOOL idmap_init_wellknown_sids(void) +{ + const char *guest_account = lp_guestaccount(); + struct passwd *pass; + DOM_SID sid; + unid_t id; + int flags; + + if (!(guest_account && *guest_account)) { + DEBUG(1, ("NULL guest account!?!?\n")); + return False; + } + + pass = getpwnam_alloc(guest_account); + if (!pass) { + return False; + } + + flags = ID_USERID; + id.uid = pass->pw_uid; + sid_copy(&sid, get_global_sam_sid()); + sid_append_rid(&sid, DOMAIN_USER_RID_GUEST); + if (NT_STATUS_IS_ERR(idmap_set_mapping(&sid, id, flags))) { + passwd_free(&pass); + return False; + } + + /* check if DOMAIN_GROUP_RID_GUESTS SID is set, if not store the + * guest account gid as mapping */ + flags = ID_GROUPID | ID_NOMAP; + sid_copy(&sid, get_global_sam_sid()); + sid_append_rid(&sid, DOMAIN_GROUP_RID_GUESTS); + if (NT_STATUS_IS_ERR(idmap_get_id_from_sid(&id, &flags, &sid))) { + flags = ID_GROUPID; + id.gid = pass->pw_gid; + if (NT_STATUS_IS_ERR(idmap_set_mapping(&sid, id, flags))) { + passwd_free(&pass); + return False; + } + } + + return True; +} |