summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorGerald Carter <jerry@samba.org>2003-11-07 23:04:06 +0000
committerGerald Carter <jerry@samba.org>2003-11-07 23:04:06 +0000
commit6ebde91c44402f830b5887f11037b6fa625c16bc (patch)
treeb5ec81c5770270391e6b82a3687f5ee4e487f024
parent5cfe36d09d1de8c6a82152d4941c1563111f4364 (diff)
downloadsamba-6ebde91c44402f830b5887f11037b6fa625c16bc.tar.gz
samba-6ebde91c44402f830b5887f11037b6fa625c16bc.tar.xz
samba-6ebde91c44402f830b5887f11037b6fa625c16bc.zip
* only install swat html files once
* revert the change that prevent the guest account from being added to a passdb backend since it broke the build farm. * apply patch from Alex Deiter to fix the "smbldap_open: cannot access when not root error" messages when looking up group information (bug 281) (This used to be commit 9b8bf6a950186bd95abe952af4a7d35829b34ff8)
-rw-r--r--source3/passdb/pdb_guest.c5
-rw-r--r--source3/rpc_server/srv_samr_nt.c20
-rwxr-xr-xsource3/script/installswat.sh26
3 files changed, 34 insertions, 17 deletions
diff --git a/source3/passdb/pdb_guest.c b/source3/passdb/pdb_guest.c
index 3b9e17075ed..510cf6abc8b 100644
--- a/source3/passdb/pdb_guest.c
+++ b/source3/passdb/pdb_guest.c
@@ -110,7 +110,10 @@ static NTSTATUS guestsam_getsampwsid(struct pdb_methods *my_methods, SAM_ACCOUNT
static NTSTATUS guestsam_update_sam_account (struct pdb_methods *methods, SAM_ACCOUNT *newpwd)
{
-#if 0 /* JERRY */
+#if 1 /* JERRY */
+
+ /* apparently thr build farm relies upon this heavior :-( */
+
return methods->parent->pdb_add_sam_account(methods->parent, newpwd);
#else
/* I don't think we should allow any modification of
diff --git a/source3/rpc_server/srv_samr_nt.c b/source3/rpc_server/srv_samr_nt.c
index 446eff9045e..b3e6478c880 100644
--- a/source3/rpc_server/srv_samr_nt.c
+++ b/source3/rpc_server/srv_samr_nt.c
@@ -894,7 +894,9 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
/* well-known aliases */
if (sid_equal(sid, &global_sid_Builtin) && !lp_hide_local_users()) {
+ become_root();
pdb_enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED);
+ unbecome_root();
if (num_entries != 0) {
*d_grp=(DOMAIN_GRP *)talloc_zero(ctx, num_entries*sizeof(DOMAIN_GRP));
@@ -914,6 +916,7 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
struct sys_grent *grp;
gid_t winbind_gid_low, winbind_gid_high;
BOOL winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high);
+ BOOL ret;
/* local aliases */
/* we return the UNIX groups here. This seems to be the right */
@@ -930,7 +933,10 @@ static NTSTATUS get_group_alias_entries(TALLOC_CTX *ctx, DOMAIN_GRP **d_grp, DOM
for (; (num_entries < max_entries) && (grp != NULL); grp = grp->next) {
uint32 trid;
- if(!pdb_getgrgid(&smap, grp->gr_gid))
+ become_root();
+ ret = pdb_getgrgid(&smap, grp->gr_gid);
+ unbecome_root();
+ if( !ret )
continue;
if (smap.sid_name_use!=SID_NAME_ALIAS) {
@@ -4111,6 +4117,7 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
int num_uids=0;
GROUP_INFO_CTR *ctr;
uint32 acc_granted;
+ BOOL ret;
if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted))
return NT_STATUS_INVALID_HANDLE;
@@ -4119,7 +4126,10 @@ NTSTATUS _samr_query_groupinfo(pipes_struct *p, SAMR_Q_QUERY_GROUPINFO *q_u, SAM
return r_u->status;
}
- if (!get_domain_group_from_sid(group_sid, &map))
+ become_root();
+ ret = get_domain_group_from_sid(group_sid, &map);
+ unbecome_root();
+ if (!ret)
return NT_STATUS_INVALID_HANDLE;
ctr=(GROUP_INFO_CTR *)talloc_zero(p->mem_ctx, sizeof(GROUP_INFO_CTR));
@@ -4271,6 +4281,7 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
size_t sd_size;
NTSTATUS status;
fstring sid_string;
+ BOOL ret;
if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted))
return NT_STATUS_INVALID_HANDLE;
@@ -4305,7 +4316,10 @@ NTSTATUS _samr_open_group(pipes_struct *p, SAMR_Q_OPEN_GROUP *q_u, SAMR_R_OPEN_G
DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string));
/* check if that group really exists */
- if (!get_domain_group_from_sid(info->sid, &map))
+ become_root();
+ ret = get_domain_group_from_sid(info->sid, &map);
+ unbecome_root();
+ if (!ret)
return NT_STATUS_NO_SUCH_GROUP;
/* get a (unique) handle. open a policy on it. */
diff --git a/source3/script/installswat.sh b/source3/script/installswat.sh
index 7841a2a7b50..be0cdf3eef8 100755
--- a/source3/script/installswat.sh
+++ b/source3/script/installswat.sh
@@ -28,16 +28,16 @@ done
# Install images
for ln in $LANGS; do
-for f in $SRCDIR../swat/$ln/images/*.gif; do
+ for f in $SRCDIR../swat/$ln/images/*.gif; do
FNAME=$SWATDIR/$ln/images/`basename $f`
echo $FNAME
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
chmod 0644 $FNAME
-done
+ done
-# Install html help
+ # Install html help
-for f in $SRCDIR../swat/$ln/help/*.html; do
+ for f in $SRCDIR../swat/$ln/help/*.html; do
FNAME=$SWATDIR/$ln/help/`basename $f`
echo $FNAME
if [ "x$BOOKDIR" = "x" ]; then
@@ -49,28 +49,28 @@ for f in $SRCDIR../swat/$ln/help/*.html; do
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
rm -f $f
chmod 0644 $FNAME
-done
+ done
-# Install html documentation
+ # Install "server-side" includes
-for f in $SRCDIR../docs/htmldocs/*.html; do
- FNAME=$SWATDIR/help/`basename $f`
+ for f in $SRCDIR../swat/$ln/include/*.html; do
+ FNAME=$SWATDIR/$ln/include/`basename $f`
echo $FNAME
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
chmod 0644 $FNAME
+ done
+
done
-# Install "server-side" includes
+# Install html documentation
-for f in $SRCDIR../swat/$ln/include/*.html; do
- FNAME=$SWATDIR/$ln/include/`basename $f`
+for f in $SRCDIR../docs/htmldocs/*.html; do
+ FNAME=$SWATDIR/help/`basename $f`
echo $FNAME
cp $f $FNAME || echo Cannot install $FNAME. Does $USER have privileges?
chmod 0644 $FNAME
done
-done
-
# Install Using Samba book (but only if it is there)
if [ "x$BOOKDIR" != "x" -a -f $SRCDIR../docs/htmldocs/using_samba/toc.html ]; then