diff options
-rw-r--r-- | source3/nsswitch/winbindd.c | 33 | ||||
-rw-r--r-- | source3/nsswitch/winbindd_util.c | 8 |
2 files changed, 26 insertions, 15 deletions
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c index 0df9408a60..059d2f40d3 100644 --- a/source3/nsswitch/winbindd.c +++ b/source3/nsswitch/winbindd.c @@ -3,7 +3,7 @@ Winbind daemon for ntdom nss module - Copyright (C) by Tim Potter 2000, 2001 + Copyright (C) by Tim Potter 2000-2002 Copyright (C) Andrew Tridgell 2002 This program is free software; you can redistribute it and/or modify @@ -507,6 +507,10 @@ static void process_loop(void) message_dispatch(); + /* rescan the trusted domains list. This must be done + regularly to cope with transitive trusts */ + rescan_trusted_domains(); + /* Free up temporary memory */ lp_talloc_free(); @@ -666,19 +670,23 @@ static void process_loop(void) /* these are split out from the main winbindd for use by the background daemon */ -int winbind_setup_common(void) +BOOL winbind_setup_common(void) { - load_interfaces(); + load_interfaces(); if (!secrets_init()) { DEBUG(0,("Could not initialize domain trust account secrets. Giving up\n")); - return 1; - + return False; } namecache_enable(); /* Enable netbios namecache */ + /* Check winbindd parameters are valid */ + + if (!winbindd_param_init()) + return False; + /* Get list of domains we look up requests for. This includes the domain which we are a member of as well as any trusted domains. */ @@ -689,11 +697,8 @@ int winbind_setup_common(void) /* Winbind daemon initialisation */ - if (!winbindd_param_init()) - return 1; - if (!winbindd_idmap_init()) - return 1; + return False; /* Unblock all signals we are interested in as they may have been blocked by the parent process. */ @@ -716,7 +721,7 @@ int winbind_setup_common(void) CatchSignal(SIGUSR2, sigusr2_handler); /* Debugging sigs */ CatchSignal(SIGHUP, sighup_handler); - return 0; + return True; } @@ -853,12 +858,12 @@ static void usage(void) setpgid( (pid_t)0, (pid_t)0); #endif - if (opt_dual_daemon) { - do_dual_daemon(); + if (!winbind_setup_common()) { + return 1; } - if (winbind_setup_common() != 0) { - return 1; + if (opt_dual_daemon) { + do_dual_daemon(); } /* Initialise messaging system */ diff --git a/source3/nsswitch/winbindd_util.c b/source3/nsswitch/winbindd_util.c index e3f00149f7..a14ed96c67 100644 --- a/source3/nsswitch/winbindd_util.c +++ b/source3/nsswitch/winbindd_util.c @@ -378,10 +378,16 @@ void free_getent_state(struct getent_state *state) } } -/* Initialise trusted domain info */ +/* Parse winbindd related parameters */ BOOL winbindd_param_init(void) { + if (lp_security() != SEC_DOMAIN && lp_security() != SEC_ADS) { + DEBUG(0, ("must be in security = domain or security = ads mode to run winbindd\n")); + return False; + } + + /* Parse winbind uid and winbind_gid parameters */ if (!lp_winbind_uid(&server_state.uid_low, &server_state.uid_high)) { |