summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2002-02-27 23:51:25 +0000
committerAndrew Tridgell <tridge@samba.org>2002-02-27 23:51:25 +0000
commit276ff4df82313abcf09db2d373a4229a5b8db506 (patch)
treebe32beed60d22b86ee7c21e88848e88d6c8e08b9 /source3/smbd
parent9d975fa6bcf6e425cce890328be4f67534b29ba1 (diff)
downloadsamba-276ff4df82313abcf09db2d373a4229a5b8db506.tar.gz
samba-276ff4df82313abcf09db2d373a4229a5b8db506.tar.bz2
samba-276ff4df82313abcf09db2d373a4229a5b8db506.zip
this allows us to support foreign SIDs in winbindd and smbd
this means "xcopy /o" has a chance of working with ACLs that contain ACEs that use SIDs that the Samba server has no knowledge of. It's a bit hackish, Tim, can you look at my uid.c changes? (This used to be commit fe2db3148587937aa7b674c1c99036d42a3776b3)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/uid.c15
1 files changed, 13 insertions, 2 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 3a939e4fce..f2b3bdbe6c 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -596,6 +596,11 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
*sidtype = SID_NAME_UNKNOWN;
+
+/* (tridge) I commented out the slab of code below in order to support foreign SIDs
+ Do we really need to validate the type of SID we have in this case?
+*/
+#if 0
/*
* First we must look up the name and decide if this is a user sid.
*/
@@ -616,7 +621,7 @@ BOOL sid_to_uid(DOM_SID *psid, uid_t *puid, enum SID_NAME_USE *sidtype)
(unsigned int)name_type ));
return False;
}
-
+#endif
*sidtype = SID_NAME_USER;
/*
@@ -658,7 +663,13 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype)
DEBUG(10,("sid_to_gid: winbind lookup for sid %s failed - trying local.\n",
sid_to_string(sid_str, psid) ));
- return local_sid_to_gid(pgid, psid, sidtype);
+ if (!local_sid_to_gid(pgid, psid, sidtype)) {
+ /* this was probably a foreign sid - assume its a group rid
+ and continue */
+ name_type = SID_NAME_DOM_GRP;
+ } else {
+ return True;
+ }
}
/*