From 80052bcf13cbac8ac54aacc5dc004a5b5fd4b01e Mon Sep 17 00:00:00 2001
From: Jeremy Allison <jra@samba.org>
Date: Thu, 7 Sep 2006 17:29:23 +0000
Subject: r18225: If we're going to overwrite krb5.conf, at least be polite
 enough to make a backup. Jeremy. (This used to be commit
 c82aac594fd7262029f9c47c2998c9e6b0ffc739)

---
 source3/libads/kerberos.c | 62 ++++++++++++++++++++++++++++++++---------------
 1 file changed, 42 insertions(+), 20 deletions(-)

(limited to 'source3')

diff --git a/source3/libads/kerberos.c b/source3/libads/kerberos.c
index 40c3019a31..a0685b8a1c 100644
--- a/source3/libads/kerberos.c
+++ b/source3/libads/kerberos.c
@@ -616,31 +616,53 @@ BOOL create_local_private_krb5_conf_for_domain(const char *realm, const char *do
 
 #if defined(OVERWRITE_SYSTEM_KRB5_CONF)
 
+#define SYSTEM_KRB5_CONF_PATH "/etc/krb5.conf"
 	/* Insanity, sheer insanity..... */
 
-	if (symlink(fname, "/etc/krb5.conf") == -1) {
-		if (errno != EEXIST) {
-			DEBUG(0,("create_local_private_krb5_conf_for_domain: symlink "
-				"of %s to /etc/krb5.conf failed. Errno %s\n",
-				fname, strerror(errno) ));
-			TALLOC_FREE(dname);
-			return True; /* Not a fatal error. */
-		}
 
-		/* Yes, this is a race conditon... too bad. */
-		if (unlink("/etc/krb5.conf") == -1) {
-			DEBUG(0,("create_local_private_krb5_conf_for_domain: unlink "
-				"of /etc/krb5.conf failed. Errno %s\n",
-				strerror(errno) ));
+	{
+		pstring linkpath;
+		int lret;
+
+		lret = readlink(SYSTEM_KRB5_CONF_PATH, linkpath, sizeof(linkpath)-1);
+		linkpath[sizeof(pstring)-1] = '\0';
+
+		if (lret == 0 || strcmp(linkpath, fname) == 0) {
+			/* Symlink already exists. */
 			TALLOC_FREE(dname);
-			return True; /* Not a fatal error. */
+			return True;
 		}
-		if (symlink(fname, "/etc/krb5.conf") == -1) {
-			DEBUG(0,("create_local_private_krb5_conf_for_domain: "
-				"forced symlink of %s to /etc/krb5.conf failed. Errno %s\n",
-				fname, strerror(errno) ));
-			TALLOC_FREE(dname);
-			return True; /* Not a fatal error. */
+
+		/* Try and replace with a symlink. */
+		if (symlink(fname, SYSTEM_KRB5_CONF_PATH) == -1) {
+			if (errno != EEXIST) {
+				DEBUG(0,("create_local_private_krb5_conf_for_domain: symlink "
+					"of %s to %s failed. Errno %s\n",
+					fname, SYSTEM_KRB5_CONF_PATH, strerror(errno) ));
+				TALLOC_FREE(dname);
+				return True; /* Not a fatal error. */
+			}
+
+			pstrcpy(linkpath, SYSTEM_KRB5_CONF_PATH);
+			pstrcat(linkpath, ".saved");
+
+			/* Yes, this is a race conditon... too bad. */
+			if (rename(SYSTEM_KRB5_CONF_PATH, linkpath) == -1) {
+				DEBUG(0,("create_local_private_krb5_conf_for_domain: rename "
+					"of %s to %s failed. Errno %s\n",
+					SYSTEM_KRB5_CONF_PATH, linkpath,
+					strerror(errno) ));
+				TALLOC_FREE(dname);
+				return True; /* Not a fatal error. */
+			}
+
+			if (symlink(fname, "/etc/krb5.conf") == -1) {
+				DEBUG(0,("create_local_private_krb5_conf_for_domain: "
+					"forced symlink of %s to /etc/krb5.conf failed. Errno %s\n",
+					fname, strerror(errno) ));
+				TALLOC_FREE(dname);
+				return True; /* Not a fatal error. */
+			}
 		}
 	}
 #endif
-- 
cgit