The Samba-Bugzilla – Attachment 188 Details for
Bug 281
Log messages: smbldap_open: cannot access LDAP when not root..
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
patch for smbldap_open: cannot access LDAP when not root.. error
patch-aa (text/plain), 2.14 KB, created by
Alex Deiter
on 2003-10-08 01:27:25 UTC
(
hide
)
Description:
patch for smbldap_open: cannot access LDAP when not root.. error
Filename:
MIME Type:
Creator:
Alex Deiter
Created:
2003-10-08 01:27:25 UTC
Size:
2.14 KB
patch
obsolete
>--- rpc_server/srv_samr_nt.c.orig Fri Sep 26 01:26:16 2003 >+++ rpc_server/srv_samr_nt.c Wed Oct 8 11:40:44 2003 >@@ -894,7 +894,9 @@ > /* well-known aliases */ > if (sid_equal(sid, &global_sid_Builtin) && !lp_hide_local_users()) { > >+ become_root(); > pdb_enum_group_mapping(SID_NAME_WKN_GRP, &map, (int *)&num_entries, ENUM_ONLY_MAPPED); >+ unbecome_root(); > > if (num_entries != 0) { > *d_grp=(DOMAIN_GRP *)talloc_zero(ctx, num_entries*sizeof(DOMAIN_GRP)); >@@ -914,6 +916,7 @@ > struct sys_grent *grp; > gid_t winbind_gid_low, winbind_gid_high; > BOOL winbind_groups_exist = lp_idmap_gid(&winbind_gid_low, &winbind_gid_high); >+ BOOL ret; > > /* local aliases */ > /* we return the UNIX groups here. This seems to be the right */ >@@ -930,7 +933,10 @@ > for (; (num_entries < max_entries) && (grp != NULL); grp = grp->next) { > uint32 trid; > >- if(!pdb_getgrgid(&smap, grp->gr_gid)) >+ become_root(); >+ ret = pdb_getgrgid(&smap, grp->gr_gid); >+ unbecome_root(); >+ if( !ret ) > continue; > > if (smap.sid_name_use!=SID_NAME_ALIAS) { >@@ -4075,6 +4081,7 @@ > int num_uids=0; > GROUP_INFO_CTR *ctr; > uint32 acc_granted; >+ BOOL ret; > > if (!get_lsa_policy_samr_sid(p, &q_u->pol, &group_sid, &acc_granted)) > return NT_STATUS_INVALID_HANDLE; >@@ -4083,7 +4090,10 @@ > return r_u->status; > } > >- if (!get_domain_group_from_sid(group_sid, &map)) >+ become_root(); >+ ret = get_domain_group_from_sid(group_sid, &map); >+ unbecome_root(); >+ if (!ret) > return NT_STATUS_INVALID_HANDLE; > > ctr=(GROUP_INFO_CTR *)talloc_zero(p->mem_ctx, sizeof(GROUP_INFO_CTR)); >@@ -4235,6 +4245,7 @@ > size_t sd_size; > NTSTATUS status; > fstring sid_string; >+ BOOL ret; > > if (!get_lsa_policy_samr_sid(p, &q_u->domain_pol, &sid, &acc_granted)) > return NT_STATUS_INVALID_HANDLE; >@@ -4269,7 +4280,10 @@ > DEBUG(10, ("_samr_open_group:Opening SID: %s\n", sid_string)); > > /* check if that group really exists */ >- if (!get_domain_group_from_sid(info->sid, &map)) >+ become_root(); >+ ret = get_domain_group_from_sid(info->sid, &map); >+ unbecome_root(); >+ if (!ret) > return NT_STATUS_NO_SUCH_GROUP; > > /* get a (unique) handle. open a policy on it. */
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=188">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 281
:
188