diff options
author | Bo Yang <boyang@novell.com> | 2009-01-14 14:26:40 +0800 |
---|---|---|
committer | Jeremy Allison <jra@samba.org> | 2009-01-14 10:42:02 -0800 |
commit | 54325f7ed5d67190e5d9f116f15eae41a96c7767 (patch) | |
tree | 9544806d366126502723f04560efbacf4fad4702 /source3/winbindd | |
parent | 8c983af56d6476cfc576beede034b2c1aed59b33 (diff) | |
download | samba-54325f7ed5d67190e5d9f116f15eae41a96c7767.tar.gz samba-54325f7ed5d67190e5d9f116f15eae41a96c7767.tar.bz2 samba-54325f7ed5d67190e5d9f116f15eae41a96c7767.zip |
Don't send message to any other child in child process.
Signed-off-by: Bo Yang <boyang@novell.com>
Diffstat (limited to 'source3/winbindd')
-rw-r--r-- | source3/winbindd/winbindd_dual.c | 30 |
1 files changed, 30 insertions, 0 deletions
diff --git a/source3/winbindd/winbindd_dual.c b/source3/winbindd/winbindd_dual.c index 9be8bafdd7..9d4425b2f3 100644 --- a/source3/winbindd/winbindd_dual.c +++ b/source3/winbindd/winbindd_dual.c @@ -1202,7 +1202,29 @@ bool winbindd_reinit_after_fork(const char *logfilename) } TALLOC_FREE(cl->lockout_policy_event); TALLOC_FREE(cl->machine_password_change_event); + + /* Children should never be able to send + * each other messages, all meesages must + * go through the parent. + */ + cl->pid = (pid_t)0; } + /* + * This is a little tricky, we don't want child + * to send MSG_WINBIND_ONLINE to idmap_child(). + * If we are in the child of trusted domain or + * in the process created by fork_child_dc_connect(). + * And the trusted domain cannot go online, + * fork_child_dc_connection() sends MSG_WINBIND_ONLINE + * periodically to idmap_child(). + * look, fork_child_dc_connect() ---> getdcs() ---> + * get_dc_name_via_netlogon() ---> cm_connect_netlogon() + * ---> init_dc_connection() ---> cm_open_connection ---> + * set_domain_online(), here send MSG_WINBIND_ONLINE to + * idmap_child(). + */ + cl = idmap_child(); + cl->pid = (pid_t)0; return true; } @@ -1296,6 +1318,14 @@ static bool fork_domain_child(struct winbindd_child *child) } } } + + /* + * We are in idmap child, make sure that we set the + * check_online_event to bring primary domain online. + */ + if (child == idmap_child()) { + set_domain_online_request(primary_domain); + } /* We might be in the idmap child...*/ if (child->domain && !(child->domain->internal) && |