diff options
Diffstat (limited to 'source3/smbd')
| -rw-r--r-- | source3/smbd/reply.c | 42 | ||||
| -rw-r--r-- | source3/smbd/uid.c | 2 |
2 files changed, 38 insertions, 6 deletions
diff --git a/source3/smbd/reply.c b/source3/smbd/reply.c index 59a94964fb..7738f2594f 100644 --- a/source3/smbd/reply.c +++ b/source3/smbd/reply.c @@ -498,7 +498,7 @@ static int session_trust_account(connection_struct *conn, char *inbuf, char *out Create a UNIX user on demand. ****************************************************************************/ -int smb_create_user(char *unix_user) +int smb_create_user(char *unix_user, char *homedir) { pstring add_script; int ret; @@ -506,6 +506,8 @@ int smb_create_user(char *unix_user) pstrcpy(add_script, lp_adduser_script()); if (! *add_script) return -1; pstring_sub(add_script, "%u", unix_user); + if (homedir) + pstring_sub(add_script, "%H", homedir); ret = smbrun(add_script,NULL,False); DEBUG(3,("smb_create_user: Running the command `%s' gave %d\n",add_script,ret)); return ret; @@ -569,6 +571,8 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user smb_apasswd, smb_apasslen, smb_ntpasswd, smb_ntpasslen); if(ret) { + struct passwd *pwd; + /* * User validated ok against Domain controller. * If the admin wants us to try and create a UNIX @@ -577,8 +581,21 @@ static BOOL check_server_security(char *orig_user, char *domain, char *unix_user * level security as we never know if it was a failure * due to a bad password, or the user really doesn't exist. */ - if(lp_adduser_script() && !smb_getpwnam(unix_user,True)) { - smb_create_user(unix_user); + if(lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { + smb_create_user(unix_user, NULL); + } + + if(lp_adduser_script() && pwd) { + SMB_STRUCT_STAT st; + + /* + * Also call smb_create_user if the users home directory + * doesn't exist. Used with winbindd to allow the script to + * create the home directory for a user mapped with winbindd. + */ + + if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) + smb_create_user(unix_user, pwd->pw_dir); } } @@ -595,6 +612,7 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user { BOOL ret = False; BOOL user_exists = True; + struct passwd *pwd; if(lp_security() != SEC_DOMAIN) return False; @@ -613,9 +631,23 @@ static BOOL check_domain_security(char *orig_user, char *domain, char *unix_user * If the admin wants us to try and create a UNIX * user on the fly, do so. */ - if(user_exists && lp_adduser_script() && !smb_getpwnam(unix_user,True)) { - smb_create_user(unix_user); + if(user_exists && lp_adduser_script() && !(pwd = smb_getpwnam(unix_user,True))) { + smb_create_user(unix_user, NULL); } + + if(lp_adduser_script() && pwd) { + SMB_STRUCT_STAT st; + + /* + * Also call smb_create_user if the users home directory + * doesn't exist. Used with winbindd to allow the script to + * create the home directory for a user mapped with winbindd. + */ + + if (pwd->pw_shell && (sys_stat(pwd->pw_dir, &st) == -1) && (errno == ENOENT)) + smb_create_user(unix_user, pwd->pw_dir); + } + } else { /* * User failed to validate ok against Domain controller. diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 25cadb51b0..1d2b8f4e9f 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -488,7 +488,7 @@ BOOL sid_to_gid(DOM_SID *psid, gid_t *pgid, enum SID_NAME_USE *sidtype) */ if ((name_type != SID_NAME_DOM_GRP) && (name_type != SID_NAME_ALIAS) && (name_type != SID_NAME_WKN_GRP)) { - DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a know group (%u)\n", + DEBUG(10,("sid_to_gid: winbind lookup succeeded but SID is not a known group (%u)\n", (unsigned int)name_type )); return local_sid_to_gid(pgid, psid, sidtype); |