diff options
| author | Dan Sledz <dan.sledz@isilon.com> | 2009-03-02 16:42:37 -0800 |
|---|---|---|
| committer | Karolin Seeger <kseeger@samba.org> | 2009-03-06 08:28:29 +0100 |
| commit | ebdb11132c65192efd1854300e54b3ba844d8c3d (patch) | |
| tree | 8b01a982721b7b92251242e51b61ea82db09bc9e /source/passdb | |
| parent | 85b2eef569e6a253be79d0de697481fcc6a9acf2 (diff) | |
| download | samba-ebdb11132c65192efd1854300e54b3ba844d8c3d.tar.gz samba-ebdb11132c65192efd1854300e54b3ba844d8c3d.tar.xz samba-ebdb11132c65192efd1854300e54b3ba844d8c3d.zip | |
It appears that the first time we see a uid/gid that winbind can't map,
we end up returning the null sid instead of falling back to the legacy
code. Next time through the code we'll hit the negative cache and do
the right thing, but we still fail the first time.
If we fail the winbind id to sid mapping, call the legacy version. This
catches the case where we don't have a negative cache entry for the mapping.
This is better than returning the NULL sid to the caller.
(cherry picked from commit c4d05e8e1fc776dd9c528513346256cf35c9f226)
Diffstat (limited to 'source/passdb')
| -rw-r--r-- | source/passdb/lookup_sid.c | 36 |
1 files changed, 22 insertions, 14 deletions
diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index 3861c8e229c..ec4258753d3 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -1308,13 +1308,17 @@ void uid_to_sid(DOM_SID *psid, uid_t uid) if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_uid_to_sid(psid, uid)) { - if (!winbind_ping()) { - legacy_uid_to_sid(psid, uid); - return; - } - - DEBUG(5, ("uid_to_sid: winbind failed to find a sid for uid %u\n", - uid)); + /* + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_uid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + legacy_uid_to_sid(psid, uid); return; } } @@ -1354,13 +1358,17 @@ void gid_to_sid(DOM_SID *psid, gid_t gid) if (!ret || expired) { /* Not in cache. Ask winbindd. */ if (!winbind_gid_to_sid(psid, gid)) { - if (!winbind_ping()) { - legacy_gid_to_sid(psid, gid); - return; - } - - DEBUG(5, ("gid_to_sid: winbind failed to find a sid for gid %u\n", - gid)); + /* + * We shouldn't return the NULL SID + * here if winbind was running and + * couldn't map, as winbind will have + * added a negative entry that will + * cause us to go though the + * legacy_gid_to_sid() + * function anyway in the case above + * the next time we ask. + */ + legacy_gid_to_sid(psid, gid); return; } } |