diff options
| author | Volker Lendecke <vlendec@samba.org> | 2002-09-23 16:21:01 +0000 |
|---|---|---|
| committer | Volker Lendecke <vlendec@samba.org> | 2002-09-23 16:21:01 +0000 |
| commit | 06ce201a29bb90a428a59a3d85752ccf2dca1bdd (patch) | |
| tree | d9d5b595b3e2dfa5ce5dd04685c39c5e22763474 /source3 | |
| parent | 83ca90a67dd3db225706d32ffe58b114e1faf7d3 (diff) | |
| download | samba-06ce201a29bb90a428a59a3d85752ccf2dca1bdd.tar.gz samba-06ce201a29bb90a428a59a3d85752ccf2dca1bdd.tar.bz2 samba-06ce201a29bb90a428a59a3d85752ccf2dca1bdd.zip | |
Ok, getting a bit more ambitious. Stop me, if this is wrong. ;-)
When creating a group you have to take care of the fact that the
underlying unix might not like the group name. This change gets around
that problem by giving the add group script the chance to invent a
group name. It then must only return the newly created numerical gid.
Volker
(This used to be commit b959419ed38e66a12b63cad3e5fbfa849f952acc)
Diffstat (limited to 'source3')
| -rw-r--r-- | source3/groupdb/mapping.c | 30 | ||||
| -rw-r--r-- | source3/rpc_server/srv_samr_nt.c | 12 | ||||
| -rw-r--r-- | source3/utils/net_rpc_samsync.c | 5 |
3 files changed, 39 insertions, 8 deletions
diff --git a/source3/groupdb/mapping.c b/source3/groupdb/mapping.c index 2c9c7f47ea..5641431246 100644 --- a/source3/groupdb/mapping.c +++ b/source3/groupdb/mapping.c @@ -1156,16 +1156,42 @@ BOOL get_uid_list_of_group(gid_t gid, uid_t **uid, int *num_uids) Create a UNIX group on demand. ****************************************************************************/ -int smb_create_group(char *unix_group) +int smb_create_group(char *unix_group, gid_t *new_gid) { pstring add_script; int ret; + int fd = 0; pstrcpy(add_script, lp_addgroup_script()); if (! *add_script) return -1; pstring_sub(add_script, "%g", unix_group); - ret = smbrun(add_script,NULL); + ret = smbrun(add_script, (new_gid!=NULL) ? &fd : NULL); DEBUG(3,("smb_create_group: Running the command `%s' gave %d\n",add_script,ret)); + if (ret != 0) + return ret; + + if (fd != 0) { + fstring output; + + *new_gid = 0; + if (read(fd, output, sizeof(output)) > 0) { + *new_gid = (gid_t)strtoul(output, NULL, 10); + } + close(fd); + + if (*new_gid == 0) { + /* The output was garbage. We assume nobody + will create group 0 via smbd. Now we try to + get the group via getgrnam. */ + + struct group *grp = getgrnam(unix_group); + if (grp != NULL) + *new_gid = grp->gr_gid; + else + return 1; + } + } + return ret; } diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c index fd1111d5dc..ea631838da 100644 --- a/source3/rpc_server/srv_samr_nt.c +++ b/source3/rpc_server/srv_samr_nt.c @@ -3857,6 +3857,7 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S struct samr_info *info; PRIVILEGE_SET priv_set; uint32 acc_granted; + gid_t gid; init_privilege(&priv_set); @@ -3880,10 +3881,11 @@ NTSTATUS _samr_create_dom_group(pipes_struct *p, SAMR_Q_CREATE_DOM_GROUP *q_u, S return NT_STATUS_GROUP_EXISTS; /* we can create the UNIX group */ - smb_create_group(name); + if (smb_create_group(name, &gid) != 0) + return NT_STATUS_ACCESS_DENIED; /* check if the group has been successfully created */ - if ((grp=getgrnam(name)) == NULL) + if ((grp=getgrgid(gid)) == NULL) return NT_STATUS_ACCESS_DENIED; r_u->rid=pdb_gid_to_group_rid(grp->gr_gid); @@ -3920,6 +3922,7 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S struct samr_info *info; PRIVILEGE_SET priv_set; uint32 acc_granted; + gid_t gid; init_privilege(&priv_set); @@ -3943,10 +3946,11 @@ NTSTATUS _samr_create_dom_alias(pipes_struct *p, SAMR_Q_CREATE_DOM_ALIAS *q_u, S return NT_STATUS_GROUP_EXISTS; /* we can create the UNIX group */ - smb_create_group(name); + if (smb_create_group(name, &gid) != 0) + return NT_STATUS_ACCESS_DENIED; /* check if the group has been successfully created */ - if ((grp=getgrnam(name)) == NULL) + if ((grp=getgrgid(gid)) == NULL) return NT_STATUS_ACCESS_DENIED; r_u->rid=pdb_gid_to_group_rid(grp->gr_gid); diff --git a/source3/utils/net_rpc_samsync.c b/source3/utils/net_rpc_samsync.c index 9d54a771fc..95a813dcfd 100644 --- a/source3/utils/net_rpc_samsync.c +++ b/source3/utils/net_rpc_samsync.c @@ -323,14 +323,15 @@ fetch_group_info(uint32 rid, SAM_GROUP_INFO *delta) fstring sid_string; GROUP_MAP map; int flag = TDB_INSERT; + gid_t gid; unistr2_to_ascii(name, &delta->uni_grp_name, sizeof(name)-1); unistr2_to_ascii(comment, &delta->uni_grp_desc, sizeof(comment)-1); if ((grp = getgrnam(name)) == NULL) - smb_create_group(name); + smb_create_group(name, &gid); - if ((grp = getgrnam(name)) == NULL) + if ((grp = getgrgid(gid)) == NULL) return NT_STATUS_ACCESS_DENIED; /* add the group to the mapping table */ |