summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/username.c27
-rw-r--r--source3/lib/util_getent.c8
-rw-r--r--source3/nsswitch/wb_client.c82
-rw-r--r--source3/smbd/sec_ctx.c2
-rw-r--r--source3/smbd/service.c8
5 files changed, 38 insertions, 89 deletions
diff --git a/source3/lib/username.c b/source3/lib/username.c
index f256b1d6f8..ca191ce94e 100644
--- a/source3/lib/username.c
+++ b/source3/lib/username.c
@@ -36,6 +36,33 @@ BOOL name_is_local(const char *name)
return !(strchr_m(name, *lp_winbind_separator()));
}
+/*****************************************************************
+ Splits passed user or group name to domain and user/group name parts
+ Returns True if name was splitted and False otherwise.
+*****************************************************************/
+
+BOOL split_domain_and_name(const char *name, char *domain, char* username)
+{
+ char *p = strchr(name,*lp_winbind_separator());
+
+
+ /* Parse a string of the form DOMAIN/user into a domain and a user */
+ DEBUG(10,("split_domain_and_name: checking whether name |%s| local or not\n", name));
+
+ if (p) {
+ fstrcpy(username, p+1);
+ fstrcpy(domain, name);
+ domain[PTR_DIFF(p, name)] = 0;
+ } else if (lp_winbind_use_default_domain()) {
+ fstrcpy(username, name);
+ fstrcpy(domain, lp_workgroup());
+ } else
+ return False;
+
+ DEBUG(10,("split_domain_and_name: all is fine, domain is |%s| and name is |%s|\n", domain, username));
+ return True;
+}
+
/****************************************************************************
Get a users home directory.
****************************************************************************/
diff --git a/source3/lib/util_getent.c b/source3/lib/util_getent.c
index 02be8e7c25..5fb24d9869 100644
--- a/source3/lib/util_getent.c
+++ b/source3/lib/util_getent.c
@@ -273,6 +273,12 @@ struct sys_userlist *get_users_in_group(const char *gname)
{
struct sys_userlist *list_head = NULL;
struct group *gptr;
+ fstring domain;
+ fstring groupname;
+ DOM_SID sid;
+ enum SID_NAME_USE name_type;
+
+ (void) split_domain_and_name(gname, domain, groupname);
/*
* If we're doing this via winbindd, don't do the
@@ -280,7 +286,7 @@ struct sys_userlist *get_users_in_group(const char *gname)
* pointless (and slow).
*/
- if (strchr(gname,*lp_winbind_separator()) || lp_winbind_use_default_domain()) {
+ if (winbind_lookup_name(domain, groupname, &sid, &name_type) && name_type == SID_NAME_DOM_GRP) {
if ((gptr = (struct group *)getgrnam(gname)) == NULL)
return NULL;
return add_members_to_userlist(list_head, gptr);
diff --git a/source3/nsswitch/wb_client.c b/source3/nsswitch/wb_client.c
index df2a1c1f6e..87c16f959a 100644
--- a/source3/nsswitch/wb_client.c
+++ b/source3/nsswitch/wb_client.c
@@ -229,7 +229,7 @@ BOOL winbind_gid_to_sid(DOM_SID *sid, gid_t gid)
}
/* Fetch the list of groups a user is a member of from winbindd. This is
- used by winbind_initgroups and winbind_getgroups. */
+ used by winbind_getgroups. */
static int wb_getgroups(const char *user, gid_t **groups)
{
@@ -257,86 +257,6 @@ static int wb_getgroups(const char *user, gid_t **groups)
return -1;
}
-/* Call winbindd to initialise group membership. This is necessary for
- some systems (i.e RH5.2) that do not have an initgroups function as part
- of the nss extension. In RH5.2 this is implemented using getgrent()
- which can be amazingly inefficient as well as having problems with
- username case. */
-
-int winbind_initgroups(char *user, gid_t gid)
-{
- gid_t *tgr, *groups = NULL;
- int result;
-
- /* Call normal initgroups if we are a local user */
-
- if (!(strchr(user, *lp_winbind_separator()) || lp_winbind_use_default_domain())) {
- return initgroups(user, gid);
- }
-
- result = wb_getgroups(user, &groups);
-
- DEBUG(10,("winbind_getgroups: %s: result = %s\n", user,
- result == -1 ? "FAIL" : "SUCCESS"));
-
- if (result != -1) {
- int ngroups = result, i;
- BOOL is_member = False;
-
- /* Check to see if the passed gid is already in the list */
-
- for (i = 0; i < ngroups; i++) {
- if (groups[i] == gid) {
- is_member = True;
- }
- }
-
- /* Add group to list if necessary */
-
- if (!is_member) {
- tgr = (gid_t *)Realloc(groups, sizeof(gid_t) * ngroups + 1);
-
- if (!tgr) {
- errno = ENOMEM;
- result = -1;
- goto done;
- }
- else groups = tgr;
-
- groups[ngroups] = gid;
- ngroups++;
- }
-
- /* Set the groups */
-
- if (sys_setgroups(ngroups, groups) == -1) {
- errno = EPERM;
- result = -1;
- goto done;
- }
-
- } else {
- /* The call failed but if 'winbind use default domain' is 'true', we
- should call normal initgroups. */
-
- if (lp_winbind_use_default_domain()) {
- return initgroups(user, gid);
- } else {
- /* The call failed. Set errno to something so we don't get
- a bogus value from the last failed system call. */
-
- errno = EIO;
- }
- }
-
- /* Free response data if necessary */
-
- done:
- SAFE_FREE(groups);
-
- return result;
-}
-
/* Return a list of groups the user is a member of. This function is
useful for large systems where inverting the group database would be too
time consuming. If size is zero, list is not modified and the total
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index b774947d60..5802c97f3d 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -185,7 +185,7 @@ BOOL initialise_groups(char *user, uid_t uid, gid_t gid)
/* Call initgroups() to get user groups */
- if (winbind_initgroups(user,gid) == -1) {
+ if (initgroups(user,gid) == -1) {
DEBUG(0,("Unable to initgroups. Error was %s\n", strerror(errno) ));
if (getuid() == 0) {
if (gid < 0 || gid > 32767 || uid < 0 || uid > 32767) {
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index ac2e2ee548..a9b9a9d4d9 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -84,7 +84,7 @@ int add_home_service(const char *service, const char *homedir)
int iHomeService;
int iService;
fstring new_service;
- char *usr_p = NULL;
+ fstring domain;
if (!service || !homedir)
return -1;
@@ -99,11 +99,7 @@ int add_home_service(const char *service, const char *homedir)
* include any macros.
*/
- fstrcpy(new_service, service);
-
- if ((usr_p = strchr_m(service,*lp_winbind_separator())) != NULL)
- fstrcpy(new_service, usr_p+1);
-
+ split_domain_and_name(service, domain, new_service);
lp_add_home(new_service, iHomeService, homedir);
iService = lp_servicenumber(new_service);