summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2001-01-11 18:38:55 +0000
committerJeremy Allison <jra@samba.org>2001-01-11 18:38:55 +0000
commitadb91565b5ec81ebb9e0d57b7d91fbd9da410aa3 (patch)
tree51c830ed14b44eca59f10e804bdd719f6ec320b1 /source3/smbd
parent3ab2ea54068d7441fb8d9aed9596657758ac5000 (diff)
downloadsamba-adb91565b5ec81ebb9e0d57b7d91fbd9da410aa3.tar.gz
samba-adb91565b5ec81ebb9e0d57b7d91fbd9da410aa3.tar.bz2
samba-adb91565b5ec81ebb9e0d57b7d91fbd9da410aa3.zip
rpc_server/srv_samr.c:
smbd/reply.c: Added fix needed for appliances. When using winbindd - a new user may exist (from winbind) but have no home directory. Extend add user script so it is called with a %H substitution when a user exists but their home directory does not. Thanks to Alex Win at VA Linux for finding this one and testing the fix. libsmb/clidgram.c: Fixed missing return statements. smbd/uid.c: Fixed typo in debug. Jeremy. (This used to be commit 7ba0a2192b89954604dd793c537b4a17c2d1ac07)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/reply.c42
-rw-r--r--source3/smbd/uid.c2
2 files changed, 38 insertions, 6 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c
index 59a94964fb..7738f2594f 100644
--- a/source3/smbd/reply.c
+++ b/source3/smbd/reply.c
@@ -498,7 +498,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out
Create a UNIX user on demand.
****************************************************************************/
-int smb_create_user(char *unix_user)
+int smb_create_user(char *unix_user, char *homedir)
{
pstring add_script;
int ret;
@@ -506,6 +506,8 @@ int smb_create_user(char *unix_user)
pstrcpy(add_script, lp_adduser_script());
if (! *add_script) return -1;
pstring_sub(add_script, "%u", unix_user);
+ if (homedir)
+ pstring_sub(add_script, "%H", homedir);
ret = smbrun(add_script,NULL,False);
DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret));
return ret;
@@ -569,6 +571,8 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user
smb_apasswd, smb_apasslen,
smb_ntpasswd, smb_ntpasslen);
if(ret) {
+ struct passwd *pwd;
+
/*
* User validated ok against Domain controller.
* If the admin wants us to try and create a UNIX
@@ -577,8 +581,21 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user
* level security as we never know if it was a failure
* due to a bad password, or the user really doesn't exist.
*/
- if(lp_adduser_script() && !smb_getpwnam(unix_user,True)) {
- smb_create_user(unix_user);
+ if(lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) {
+ smb_create_user(unix_user, NULL);
+ }
+
+ if(lp_adduser_script() && pwd) {
+ SMB_STRUCT_STAT st;
+
+ /*
+ * Also call smb_create_user if the users home directory
+ * doesn't exist. Used with winbindd to allow the script to
+ * create the home directory for a user mapped with winbindd.
+ */
+
+ if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT))
+ smb_create_user(unix_user, pwd->pw_dir);
}
}
@@ -595,6 +612,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user
{
BOOL ret = False;
BOOL user_exists = True;
+ struct passwd *pwd;
if(lp_security() != SEC_DOMAIN)
return False;
@@ -613,9 +631,23 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user
* If the admin wants us to try and create a UNIX
* user on the fly, do so.
*/
- if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,True)) {
- smb_create_user(unix_user);
+ if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) {
+ smb_create_user(unix_user, NULL);
}
+
+ if(lp_adduser_script() && pwd) {
+ SMB_STRUCT_STAT st;
+
+ /*
+ * Also call smb_create_user if the users home directory
+ * doesn't exist. Used with winbindd to allow the script to
+ * create the home directory for a user mapped with winbindd.
+ */
+
+ if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT))
+ smb_create_user(unix_user, pwd->pw_dir);
+ }
+
} else {
/*
* User failed to validate ok against Domain controller.
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 25cadb51b0..1d2b8f4e9f 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -488,7 +488,7 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype)
*/
if ((name_type != SID_NAME_DOM_GRP) && (name_type != SID_NAME_ALIAS) && (name_type != SID_NAME_WKN_GRP)) {
- DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a know group (%u)\n",
+ DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a known group (%u)\n",
(unsigned int)name_type ));
return local_sid_to_gid(pgid, psid, sidtype);