diff options
| -rw-r--r-- | WHATSNEW.txt | 2 | ||||
| -rw-r--r-- | source/passdb/lookup_sid.c | 10 |
2 files changed, 12 insertions, 0 deletions
diff --git a/WHATSNEW.txt b/WHATSNEW.txt index 2c7338e76cd..2983f025053 100644 --- a/WHATSNEW.txt +++ b/WHATSNEW.txt @@ -99,6 +99,8 @@ o Gerald (Jerry) Carter <jerry@samba.org> * More changes to ensure that the primary group SID for a local user is based on the primary Unix group and not the primaryGroupSID passdb attribute. + * Disable storing SIDs in the S-1-22-1 and S-1-22-2 domain + to the SID<->uid/gid cache. o Guenther Deschner <gd@samba.org> diff --git a/source/passdb/lookup_sid.c b/source/passdb/lookup_sid.c index 6eeea00416f..dca7f47d8b5 100644 --- a/source/passdb/lookup_sid.c +++ b/source/passdb/lookup_sid.c @@ -951,6 +951,11 @@ void store_uid_sid_cache(const DOM_SID *psid, uid_t uid) { struct uid_sid_cache *pc; + /* do not store SIDs in the "Unix Group" domain */ + + if ( sid_check_is_in_unix_users( psid ) ) + return; + if (n_uid_sid_cache >= MAX_UID_SID_CACHE_SIZE && n_uid_sid_cache > TURNOVER_UID_SID_CACHE_SIZE) { /* Delete the last TURNOVER_UID_SID_CACHE_SIZE entries. */ struct uid_sid_cache *pc_next; @@ -1022,6 +1027,11 @@ static BOOL fetch_gid_from_cache(gid_t *pgid, const DOM_SID *psid) void store_gid_sid_cache(const DOM_SID *psid, gid_t gid) { struct gid_sid_cache *pc; + + /* do not store SIDs in the "Unix Group" domain */ + + if ( sid_check_is_in_unix_groups( psid ) ) + return; if (n_gid_sid_cache >= MAX_GID_SID_CACHE_SIZE && n_gid_sid_cache > TURNOVER_GID_SID_CACHE_SIZE) { /* Delete the last TURNOVER_GID_SID_CACHE_SIZE entries. */ |