summaryrefslogtreecommitdiff
path: root/source4/smbd
diff options
context:
space:
mode:
authorStefan Metzmacher <metze@samba.org>2013-07-10 14:48:18 +0200
committerStefan Metzmacher <metze@samba.org>2013-07-10 23:18:06 +0200
commit596b51c666e549fb518d92931d8837922154a2fe (patch)
treebfd22b1a428c46e99a4306ca3a3498e31d60430c /source4/smbd
parent1573638212a9733a44939a4d38a226f38dca36f1 (diff)
downloadsamba-596b51c666e549fb518d92931d8837922154a2fe.tar.gz
samba-596b51c666e549fb518d92931d8837922154a2fe.tar.bz2
samba-596b51c666e549fb518d92931d8837922154a2fe.zip
s4:server: avoid calling into nss_winbind from within 'samba'
The most important part is that the 'winbind_server' doesn't recurse into itself. This could happen if the krb5 libraries call getlogin(). As we may run in single process mode, we need to set _NO_WINBINDD=1 everywhere, the only exception is the forked 'smbd'. Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jul 10 23:18:06 CEST 2013 on sn-devel-104
Diffstat (limited to 'source4/smbd')
-rw-r--r--source4/smbd/server.c7
1 files changed, 7 insertions, 0 deletions
diff --git a/source4/smbd/server.c b/source4/smbd/server.c
index 0ad3e6ba41..37aac625b6 100644
--- a/source4/smbd/server.c
+++ b/source4/smbd/server.c
@@ -43,6 +43,7 @@
#include "cluster/cluster.h"
#include "dynconfig/dynconfig.h"
#include "lib/util/samba_modules.h"
+#include "nsswitch/winbind_client.h"
/*
recursively delete a directory tree
@@ -402,6 +403,12 @@ static int binary_smbd_main(const char *binary_name, int argc, const char *argv[
}
}
+ /* make sure we won't go through nss_winbind */
+ if (!winbind_off()) {
+ DEBUG(0,("Failed to disable recusive winbindd calls. Exiting.\n"));
+ exit(1);
+ }
+
gensec_init(); /* FIXME: */
ntptr_init(); /* FIXME: maybe run this in the initialization function