summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/libads/kerberos.c62
1 files changed, 42 insertions, 20 deletions
diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 40c3019a31..a0685b8a1c 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -616,31 +616,53 @@ BOOL create_local_private_krb5_conf_for_domain(const char *realm, const char *do
#if defined(OVERWRITE_SYSTEM_KRB5_CONF)
+#define SYSTEM_KRB5_CONF_PATH "/etc/krb5.conf"
/* Insanity, sheer insanity..... */
- if (symlink(fname, "/etc/krb5.conf") == -1) {
- if (errno != EEXIST) {
- DEBUG(0,("create_local_private_krb5_conf_for_domain: symlink "
- "of %s to /etc/krb5.conf failed. Errno %s\n",
- fname, strerror(errno) ));
- TALLOC_FREE(dname);
- return True; /* Not a fatal error. */
- }
- /* Yes, this is a race conditon... too bad. */
- if (unlink("/etc/krb5.conf") == -1) {
- DEBUG(0,("create_local_private_krb5_conf_for_domain: unlink "
- "of /etc/krb5.conf failed. Errno %s\n",
- strerror(errno) ));
+ {
+ pstring linkpath;
+ int lret;
+
+ lret = readlink(SYSTEM_KRB5_CONF_PATH, linkpath, sizeof(linkpath)-1);
+ linkpath[sizeof(pstring)-1] = '\0';
+
+ if (lret == 0 || strcmp(linkpath, fname) == 0) {
+ /* Symlink already exists. */
TALLOC_FREE(dname);
- return True; /* Not a fatal error. */
+ return True;
}
- if (symlink(fname, "/etc/krb5.conf") == -1) {
- DEBUG(0,("create_local_private_krb5_conf_for_domain: "
- "forced symlink of %s to /etc/krb5.conf failed. Errno %s\n",
- fname, strerror(errno) ));
- TALLOC_FREE(dname);
- return True; /* Not a fatal error. */
+
+ /* Try and replace with a symlink. */
+ if (symlink(fname, SYSTEM_KRB5_CONF_PATH) == -1) {
+ if (errno != EEXIST) {
+ DEBUG(0,("create_local_private_krb5_conf_for_domain: symlink "
+ "of %s to %s failed. Errno %s\n",
+ fname, SYSTEM_KRB5_CONF_PATH, strerror(errno) ));
+ TALLOC_FREE(dname);
+ return True; /* Not a fatal error. */
+ }
+
+ pstrcpy(linkpath, SYSTEM_KRB5_CONF_PATH);
+ pstrcat(linkpath, ".saved");
+
+ /* Yes, this is a race conditon... too bad. */
+ if (rename(SYSTEM_KRB5_CONF_PATH, linkpath) == -1) {
+ DEBUG(0,("create_local_private_krb5_conf_for_domain: rename "
+ "of %s to %s failed. Errno %s\n",
+ SYSTEM_KRB5_CONF_PATH, linkpath,
+ strerror(errno) ));
+ TALLOC_FREE(dname);
+ return True; /* Not a fatal error. */
+ }
+
+ if (symlink(fname, "/etc/krb5.conf") == -1) {
+ DEBUG(0,("create_local_private_krb5_conf_for_domain: "
+ "forced symlink of %s to /etc/krb5.conf failed. Errno %s\n",
+ fname, strerror(errno) ));
+ TALLOC_FREE(dname);
+ return True; /* Not a fatal error. */
+ }
}
}
#endif