diff options
| author | Stefan Metzmacher <metze@samba.org> | 2010-02-04 17:16:59 +0100 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2010-02-15 14:46:54 +0100 |
| commit | c19ee2bfa89ec13845f8c1d057749ecc4923f6ec (patch) | |
| tree | 960cf9132a375e5be8957128e548de9b769c6347 | |
| parent | bece99d4ea7c6812b73967d024f1ed13fdc7de1b (diff) | |
| download | samba-c19ee2bfa89ec13845f8c1d057749ecc4923f6ec.tar.gz samba-c19ee2bfa89ec13845f8c1d057749ecc4923f6ec.tar.xz samba-c19ee2bfa89ec13845f8c1d057749ecc4923f6ec.zip | |
s3:passdb: speed up pdb_get_group_sid()
Use the cached version gid_to_sid() instead
of pdb_gid_to_sid().
And also avoid the expensive lookup_sid() call
for wellkown domain groups.
metze
(cherry picked from commit e10d0869567436902c8b8cfb50f8c64148d554cb)
(cherry picked from commit b0c8ff971934ef8aa21abece8693807e0a2ca722)
Signed-off-by: Stefan Metzmacher <metze@samba.org>
(cherry picked from commit 5d97d5703dcf62f2c610316b2ba47483652368b3)
| -rw-r--r-- | source3/passdb/pdb_get_set.c | 33 |
1 files changed, 28 insertions, 5 deletions
diff --git a/source3/passdb/pdb_get_set.c b/source3/passdb/pdb_get_set.c index c79caf2d36b..39a85fa91ba 100644 --- a/source3/passdb/pdb_get_set.c +++ b/source3/passdb/pdb_get_set.c @@ -191,7 +191,7 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass) /* generate the group SID from the user's primary Unix group */ - if ( !(gsid = TALLOC_P( sampass, DOM_SID )) ) { + if ( !(gsid = TALLOC_ZERO_P( sampass, DOM_SID )) ) { return NULL; } @@ -211,15 +211,38 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass) return NULL; } - if ( pdb_gid_to_sid(pwd->pw_gid, gsid) ) { + gid_to_sid(gsid, pwd->pw_gid); + if (!is_null_sid(gsid)) { enum lsa_SidType type = SID_NAME_UNKNOWN; - TALLOC_CTX *mem_ctx = talloc_init("pdb_get_group_sid"); + TALLOC_CTX *mem_ctx; bool lookup_ret; + const DOM_SID *usid = pdb_get_user_sid(sampass); + DOM_SID dgsid; + uint32_t rid; + + sid_copy(&dgsid, gsid); + sid_split_rid(&dgsid, &rid); + if (sid_equal(&dgsid, get_global_sam_sid())) { + /* + * As shortcut for the expensive lookup_sid call + * compare the domain sid part + */ + switch (rid) { + case DOMAIN_RID_ADMINS: + case DOMAIN_RID_USERS: + sampass->group_sid = gsid; + return sampass->group_sid; + } + } + mem_ctx = talloc_init("pdb_get_group_sid"); if (!mem_ctx) { return NULL; } + DEBUG(10,("do lookup_sid(%s) for group of user %s\n", + sid_string_dbg(gsid), sid_string_dbg(usid))); + /* Now check that it's actually a domain group and not something else */ lookup_ret = lookup_sid(mem_ctx, gsid, NULL, NULL, &type); @@ -231,8 +254,8 @@ const DOM_SID *pdb_get_group_sid(struct samu *sampass) return sampass->group_sid; } - DEBUG(3, ("Primary group for user %s is a %s and not a domain group\n", - pwd->pw_name, sid_type_lookup(type))); + DEBUG(3, ("Primary group %s for user %s is a %s and not a domain group\n", + sid_string_dbg(gsid), pwd->pw_name, sid_type_lookup(type))); } /* Just set it to the 'Domain Users' RID of 512 which will |