From a0d05192006c4bade760bd945ab91b5268ca47a6 Mon Sep 17 00:00:00 2001 From: Michael Adam Date: Mon, 2 Feb 2009 00:36:59 +0100 Subject: s3:winbind_user: fix "getent passwd" to allocate new uids. "getent passwd" used to fill the idmap cache with negative cache entries for unmapped user sids. Don't pass domain name unconditionally to idmap_sid_to_[ug]id(). idmap_sid_to_[ug]id() only creates new mappings (allocating idmap backends tdb, tdb2, ldap...) when the domain name passed in is "". Note that it is _wrong_ to directly call the idmap_sid_to_[ug]id() functions here, in the main winbindd. The correct fix would be to send a sid_to_[ug]id request to winbindd itself, but this needs more work to prepare the async mechanisms, and we nee a quick fix for getent passwd now. Michael --- source3/winbindd/winbindd_user.c | 9 +++++++-- 1 file changed, 7 insertions(+), 2 deletions(-) diff --git a/source3/winbindd/winbindd_user.c b/source3/winbindd/winbindd_user.c index 2e326430fc..b01e1847f2 100644 --- a/source3/winbindd/winbindd_user.c +++ b/source3/winbindd/winbindd_user.c @@ -76,6 +76,7 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name char *mapped_name = NULL; struct winbindd_domain *domain = NULL; NTSTATUS nt_status = NT_STATUS_UNSUCCESSFUL; + char *dom_name_idmap = ""; if (!pw || !dom_name || !user_name) return False; @@ -87,9 +88,13 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name nt_status = NT_STATUS_NO_SUCH_DOMAIN; } + if (domain->have_idmap_config) { + dom_name_idmap = dom_name; + } + /* Resolve the uid number */ - if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name, user_sid, + if (!NT_STATUS_IS_OK(idmap_sid_to_uid(dom_name_idmap, user_sid, &pw->pw_uid))) { DEBUG(1, ("error getting user id for sid %s\n", sid_string_dbg(user_sid))); @@ -98,7 +103,7 @@ static bool winbindd_fill_pwent(TALLOC_CTX *ctx, char *dom_name, char *user_name /* Resolve the gid number */ - if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name, group_sid, + if (!NT_STATUS_IS_OK(idmap_sid_to_gid(dom_name_idmap, group_sid, &pw->pw_gid))) { DEBUG(1, ("error getting group id for sid %s\n", sid_string_dbg(group_sid))); -- cgit