diff options
| author | Jeremy Allison <jra@samba.org> | 2000-11-14 21:56:32 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 2000-11-14 21:56:32 +0000 |
| commit | 4bce271e4fe239a8b4aac2bb65a52165d68d8ea5 (patch) | |
| tree | 6a5c218ce4c96dc6375833e290a84be9f5970b50 /source3/smbd/uid.c | |
| parent | 47dc568a3b44b89ca6a4238bb8f0030dae4ba9b1 (diff) | |
| download | samba-4bce271e4fe239a8b4aac2bb65a52165d68d8ea5.tar.gz samba-4bce271e4fe239a8b4aac2bb65a52165d68d8ea5.tar.bz2 samba-4bce271e4fe239a8b4aac2bb65a52165d68d8ea5.zip | |
Merge from appliance head of JR's changes for driver versioning.
Jeremy.
(This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
Diffstat (limited to 'source3/smbd/uid.c')
| -rw-r--r-- | source3/smbd/uid.c | 50 |
1 files changed, 37 insertions, 13 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index d82edcbfae..008765cde1 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -243,8 +243,8 @@ BOOL unbecome_authenticated_pipe_user(pipes_struct *p) return pop_sec_ctx(); } - /* Temporarily become a root user. Must match with unbecome_root(). */ + void become_root(void) { push_sec_ctx(); @@ -267,25 +267,49 @@ BOOL lookup_name(char *name, DOM_SID *psid, enum SID_NAME_USE *name_type) { extern pstring global_myname; fstring sid; + char *sep = lp_winbind_separator(); if (!winbind_lookup_name(name, psid, name_type)) { BOOL ret; - DEBUG(10,("lookup_name: winbind lookup for %s failed - trying local\n", name )); + DEBUG(10, ("lookup_name: winbind lookup for %s failed - trying local\n", name)); + + /* If we are looking up a domain user, make sure it is + for the local machine only */ + + if (strchr(name, sep[0]) || strchr(name, '\\')) { + fstring domain, username; + + split_domain_name(name, domain, username); + + if (strcasecmp(global_myname, domain) != 0) { + DEBUG(5, ("domain %s is not local\n", domain)); + return False; + } + + ret = local_lookup_name(domain, username, psid, + name_type); + } else { + + ret = local_lookup_name(global_myname, name, psid, + name_type); + } + + if (ret) { + DEBUG(10, + ("lookup_name: (local) %s -> SID %s (type %u)\n", + name, sid_to_string(sid,psid), + (unsigned int)*name_type )); + } else { + DEBUG(10,("lookup name: (local) %s failed.\n", name)); + } - ret = local_lookup_name(global_myname, name, psid, name_type); - if (ret) - DEBUG(10,("lookup_name : (local) %s -> SID %s (type %u)\n", - name, sid_to_string(sid,psid), - (unsigned int)*name_type )); - else - DEBUG(10,("lookup name : (local) %s failed.\n", - name )); return ret; } - DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n", - name, sid_to_string(sid,psid), (unsigned int)*name_type )); + DEBUG(10,("lookup_name (winbindd): %s -> SID %s (type %u)\n", + name, sid_to_string(sid, psid), + (unsigned int)*name_type)); return True; } @@ -300,7 +324,7 @@ BOOL lookup_sid(DOM_SID *sid, fstring dom_name, fstring name, enum SID_NAME_USE return False; /* Check if this is our own sid. This should perhaps be done by - winbind? For the moment handle it here. */ + winbind? For the moment handle it here. */ if (sid->num_auths == 5) { DOM_SID tmp_sid; |