diff options
Diffstat (limited to 'source3/nsswitch/winbindd_user.c')
-rw-r--r-- | source3/nsswitch/winbindd_user.c | 118 |
1 files changed, 77 insertions, 41 deletions
diff --git a/source3/nsswitch/winbindd_user.c b/source3/nsswitch/winbindd_user.c index 576ceaea23..f849bff42d 100644 --- a/source3/nsswitch/winbindd_user.c +++ b/source3/nsswitch/winbindd_user.c @@ -30,15 +30,50 @@ extern userdom_struct current_user_info; +static BOOL fillup_pw_field(const char *lp_template, + const char *username, + const char *domname, + uid_t uid, + gid_t gid, + const char *in, + fstring out) +{ + char *templ; + + if (out == NULL) + return False; + + if (in && !strequal(in,"") && lp_security() == SEC_ADS && lp_winbind_sfu_support()) { + safe_strcpy(out, in, sizeof(fstring) - 1); + return True; + } + + /* Home directory and shell - use template config parameters. The + defaults are /tmp for the home directory and /bin/false for + shell. */ + + /* The substitution of %U and %D in the 'template homedir' is done + by alloc_sub_specified() below. */ + + templ = alloc_sub_specified(lp_template, username, domname, uid, gid); + + if (!templ) + return False; + + safe_strcpy(out, templ, sizeof(fstring) - 1); + SAFE_FREE(templ); + + return True; + +} /* Fill a pwent structure with information we have obtained */ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name, DOM_SID *user_sid, DOM_SID *group_sid, - char *full_name, struct winbindd_pw *pw) + char *full_name, char *homedir, char *shell, + struct winbindd_pw *pw) { fstring output_username; - char *homedir; - char *shell; fstring sid_string; if (!pw || !dom_name || !user_name) @@ -79,25 +114,14 @@ static BOOL winbindd_fill_pwent(char *dom_name, char *user_name, fstrcpy(current_user_info.domain, dom_name); - homedir = alloc_sub_specified(lp_template_homedir(), user_name, dom_name, pw->pw_uid, pw->pw_gid); - - if (!homedir) + if (!fillup_pw_field(lp_template_homedir(), user_name, dom_name, + pw->pw_uid, pw->pw_gid, homedir, pw->pw_dir)) return False; - - safe_strcpy(pw->pw_dir, homedir, sizeof(pw->pw_dir) - 1); - - SAFE_FREE(homedir); - - shell = alloc_sub_specified(lp_template_shell(), user_name, dom_name, pw->pw_uid, pw->pw_gid); - if (!shell) + if (!fillup_pw_field(lp_template_shell(), user_name, dom_name, + pw->pw_uid, pw->pw_gid, shell, pw->pw_shell)) return False; - safe_strcpy(pw->pw_shell, shell, - sizeof(pw->pw_shell) - 1); - - SAFE_FREE(shell); - /* Password - set to "x" as we can't generate anything useful here. Authentication can be done using the pam_winbind module. */ @@ -136,6 +160,8 @@ enum winbindd_result winbindd_dual_userinfo(struct winbindd_domain *domain, fstrcpy(state->response.data.user_info.acct_name, user_info.acct_name); fstrcpy(state->response.data.user_info.full_name, user_info.full_name); + fstrcpy(state->response.data.user_info.homedir, user_info.homedir); + fstrcpy(state->response.data.user_info.shell, user_info.shell); if (!sid_peek_check_rid(&domain->sid, &user_info.group_sid, &state->response.data.user_info.group_rid)) { DEBUG(1, ("Could not extract group rid out of %s\n", @@ -151,6 +177,8 @@ struct getpwsid_state { struct winbindd_domain *domain; char *username; char *fullname; + char *homedir; + char *shell; DOM_SID user_sid; uid_t uid; DOM_SID group_sid; @@ -159,7 +187,10 @@ struct getpwsid_state { static void getpwsid_queryuser_recv(void *private_data, BOOL success, const char *acct_name, - const char *full_name, uint32 group_rid); + const char *full_name, + const char *homedir, + const char *shell, + uint32 group_rid); static void getpwsid_sid2uid_recv(void *private_data, BOOL success, uid_t uid); static void getpwsid_sid2gid_recv(void *private_data, BOOL success, gid_t gid); @@ -194,7 +225,10 @@ static void winbindd_getpwsid(struct winbindd_cli_state *state, static void getpwsid_queryuser_recv(void *private_data, BOOL success, const char *acct_name, - const char *full_name, uint32 group_rid) + const char *full_name, + const char *homedir, + const char *shell, + uint32 group_rid) { struct getpwsid_state *s = talloc_get_type_abort(private_data, struct getpwsid_state); @@ -208,6 +242,8 @@ static void getpwsid_queryuser_recv(void *private_data, BOOL success, s->username = talloc_strdup(s->state->mem_ctx, acct_name); s->fullname = talloc_strdup(s->state->mem_ctx, full_name); + s->homedir = talloc_strdup(s->state->mem_ctx, homedir); + s->shell = talloc_strdup(s->state->mem_ctx, shell); sid_copy(&s->group_sid, &s->domain->sid); sid_append_rid(&s->group_sid, group_rid); @@ -238,8 +274,6 @@ static void getpwsid_sid2gid_recv(void *private_data, BOOL success, gid_t gid) talloc_get_type_abort(private_data, struct getpwsid_state); struct winbindd_pw *pw; fstring output_username; - char *homedir; - char *shell; if (!success) { DEBUG(5, ("Could not query user's %s\\%s\n gid", @@ -256,32 +290,19 @@ static void getpwsid_sid2gid_recv(void *private_data, BOOL success, gid_t gid) safe_strcpy(pw->pw_name, output_username, sizeof(pw->pw_name) - 1); safe_strcpy(pw->pw_gecos, s->fullname, sizeof(pw->pw_gecos) - 1); - /* Home directory and shell - use template config parameters. The - defaults are /tmp for the home directory and /bin/false for - shell. */ - - /* The substitution of %U and %D in the 'template homedir' is done - by alloc_sub_specified() below. */ - fstrcpy(current_user_info.domain, s->domain->name); - homedir = alloc_sub_specified(lp_template_homedir(), s->username, - s->domain->name, pw->pw_uid, pw->pw_gid); - if (homedir == NULL) { + if (!fillup_pw_field(lp_template_homedir(), s->username, s->domain->name, + pw->pw_uid, pw->pw_gid, s->homedir, pw->pw_dir)) { DEBUG(5, ("Could not compose homedir\n")); goto failed; } - safe_strcpy(pw->pw_dir, homedir, sizeof(pw->pw_dir) - 1); - SAFE_FREE(homedir); - - shell = alloc_sub_specified(lp_template_shell(), s->username, - s->domain->name, pw->pw_uid, pw->pw_gid); - if (shell == NULL) { + + if (!fillup_pw_field(lp_template_shell(), s->username, s->domain->name, + pw->pw_uid, pw->pw_gid, s->shell, pw->pw_shell)) { DEBUG(5, ("Could not compose shell\n")); goto failed; } - safe_strcpy(pw->pw_shell, shell, sizeof(pw->pw_shell) - 1); - SAFE_FREE(shell); /* Password - set to "x" as we can't generate anything useful here. Authentication can be done using the pam_winbind module. */ @@ -555,7 +576,20 @@ static BOOL get_sam_user_entries(struct getent_state *ent, TALLOC_CTX *mem_ctx) fstrcpy(name_list[ent->num_sam_entries + i].gecos, info[i].full_name); } - + if (!info[i].homedir) { + fstrcpy(name_list[ent->num_sam_entries + i].homedir, ""); + } else { + fstrcpy(name_list[ent->num_sam_entries + i].homedir, + info[i].homedir); + } + if (!info[i].shell) { + fstrcpy(name_list[ent->num_sam_entries + i].shell, ""); + } else { + fstrcpy(name_list[ent->num_sam_entries + i].shell, + info[i].shell); + } + + /* User and group ids */ sid_copy(&name_list[ent->num_sam_entries+i].user_sid, &info[i].user_sid); @@ -658,6 +692,8 @@ void winbindd_getpwent(struct winbindd_cli_state *state) &name_list[ent->sam_entry_index].user_sid, &name_list[ent->sam_entry_index].group_sid, name_list[ent->sam_entry_index].gecos, + name_list[ent->sam_entry_index].homedir, + name_list[ent->sam_entry_index].shell, &user_list[user_list_ndx]); ent->sam_entry_index++; |