diff options
author | Jeremy Allison <jra@samba.org> | 2002-09-18 00:30:00 +0000 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2002-09-18 00:30:00 +0000 |
commit | 8b4bafc76fab88d78b7234c43c34338b61d42656 (patch) | |
tree | b2e505771f8f2d0b37f7e0f4926f57f5fe1faf21 /source3/smbd | |
parent | 8b46126a076075aeed31dae1c80eca1ed9f5a251 (diff) | |
download | samba-8b4bafc76fab88d78b7234c43c34338b61d42656.tar.gz samba-8b4bafc76fab88d78b7234c43c34338b61d42656.tar.bz2 samba-8b4bafc76fab88d78b7234c43c34338b61d42656.zip |
We had a race condition when changing a machine acount password as we
were no longer locking the secrets entry. I saw this on a live system.
Jeremy.
(This used to be commit 660dafcbb2d1029831212a32d995891626a0344c)
Diffstat (limited to 'source3/smbd')
-rw-r--r-- | source3/smbd/process.c | 9 |
1 files changed, 9 insertions, 0 deletions
diff --git a/source3/smbd/process.c b/source3/smbd/process.c index c796797fad..0f7cfd0e9c 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1154,9 +1154,16 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t * First, open the machine password file with an exclusive lock. */ + if (secrets_lock_trust_account_password(global_myworkgroup, True) == False) { + DEBUG(0,("process: unable to lock the machine account password for \ +machine %s in domain %s.\n", global_myname, global_myworkgroup )); + return True; + } + if(!secrets_fetch_trust_account_password(global_myworkgroup, trust_passwd_hash, &lct)) { DEBUG(0,("process: unable to read the machine account password for \ machine %s in domain %s.\n", global_myname, global_myworkgroup )); + secrets_lock_trust_account_password(global_myworkgroup, False); return True; } @@ -1166,6 +1173,7 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup )); if(t < lct + lp_machine_password_timeout()) { global_machine_password_needs_changing = False; + secrets_lock_trust_account_password(global_myworkgroup, False); return True; } @@ -1173,6 +1181,7 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup )); change_trust_account_password( global_myworkgroup, remote_machine_list); global_machine_password_needs_changing = False; + secrets_lock_trust_account_password(global_myworkgroup, False); } /* |