From be1dfff02d562e42a7847bd02fed8538630d3f41 Mon Sep 17 00:00:00 2001 From: Dan Sledz Date: Mon, 2 Mar 2009 16:50:19 -0800 Subject: It appears that the first time we see a uid/gid that winbind can't map, we end up returning the null sid instead of falling back to the legacy code. Next time through the code we'll hit the negative cache and do the right thing, but we still fail the first time. If we fail the winbind id to sid mapping, call the legacy version. This catches the case where we don't have a negative cache entry for the mapping. This is better than returning the NULL sid to the caller. --- source3/passdb/lookup_sid.c | 36 ++++++++++++++++++++++-------------- 1 file changed, 22 insertions(+), 14 deletions(-) (limited to 'source3/passdb/lookup_sid.c') diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 53845117e2..10ff36d51b 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1308,13 +1308,17 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_uid_to_sid(psid, uid)) { - if (!winbind_ping()) { - legacy_uid_to_sid(psid, uid); - return; - } - - DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n", - uid)); + /* + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_uid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + legacy_uid_to_sid(psid, uid); return; } } @@ -1354,13 +1358,17 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_gid_to_sid(psid, gid)) { - if (!winbind_ping()) { - legacy_gid_to_sid(psid, gid); - return; - } - - DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n", - gid)); + /* + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_gid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + legacy_gid_to_sid(psid, gid); return; } } -- cgit From ef89c4bc0db2e9ba48f4dac1fd381e4cc6c8ca7d Mon Sep 17 00:00:00 2001 From: Tim Prouty Date: Tue, 3 Mar 2009 16:47:48 -0800 Subject: s3 passdb: Add back some useful debug statements Originally removed in be1dfff02d562e42a7847bd02fed8538630d3f41 --- source3/passdb/lookup_sid.c | 42 ++++++++++++++++++++++++------------------ 1 file changed, 24 insertions(+), 18 deletions(-) (limited to 'source3/passdb/lookup_sid.c') diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c index 10ff36d51b..9c20042a62 100644 --- a/source3/passdb/lookup_sid.c +++ b/source3/passdb/lookup_sid.c @@ -1309,15 +1309,18 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) /* Not in cache. Ask winbindd. */ if (!winbind_uid_to_sid(psid, uid)) { /* - * We shouldn't return the NULL SID - * here if winbind was running and - * couldn't map, as winbind will have - * added a negative entry that will - * cause us to go though the - * legacy_uid_to_sid() - * function anyway in the case above - * the next time we ask. - */ + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_uid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + DEBUG(5, ("uid_to_sid: winbind failed to find a sid " + "for uid %u\n", uid)); + legacy_uid_to_sid(psid, uid); return; } @@ -1359,15 +1362,18 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) /* Not in cache. Ask winbindd. */ if (!winbind_gid_to_sid(psid, gid)) { /* - * We shouldn't return the NULL SID - * here if winbind was running and - * couldn't map, as winbind will have - * added a negative entry that will - * cause us to go though the - * legacy_gid_to_sid() - * function anyway in the case above - * the next time we ask. - */ + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_gid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + DEBUG(5, ("gid_to_sid: winbind failed to find a sid " + "for gid %u\n", gid)); + legacy_gid_to_sid(psid, gid); return; } -- cgit