The Samba-Bugzilla – Attachment 4215 Details for
Bug 6415
"idmap backend = tdb" does not filter out of range id mappings
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
fix for v3-3-test
0001-s3-idmap_tdb-filter-out-of-range-mappings-in-defaul.patch (text/plain), 3.27 KB, created by
Michael Adam
on 2009-05-27 18:33:50 UTC
(
hide
)
Description:
fix for v3-3-test
Filename:
MIME Type:
Creator:
Michael Adam
Created:
2009-05-27 18:33:50 UTC
Size:
3.27 KB
patch
obsolete
>From c8b5bc2bc8f6713d32f018e6b380366cc164c604 Mon Sep 17 00:00:00 2001 >From: Michael Adam <obnox@samba.org> >Date: Wed, 27 May 2009 19:12:28 +0200 >Subject: [PATCH] s3:idmap_tdb: filter out of range mappings in default idmap config > >This fixes bug #6415 > >Michael >(cherry picked from commit 3d3f39838261ddc401053dadcc5bd8e6317a3a8e) >--- > source/winbindd/idmap_tdb.c | 73 +++++++++++++++++++++++++++++++++--------- > 1 files changed, 57 insertions(+), 16 deletions(-) > >diff --git a/source/winbindd/idmap_tdb.c b/source/winbindd/idmap_tdb.c >index 1dfda1f..0a0ee04 100644 >--- a/source/winbindd/idmap_tdb.c >+++ b/source/winbindd/idmap_tdb.c >@@ -569,8 +569,6 @@ static NTSTATUS idmap_tdb_db_init(struct idmap_domain *dom, const char *params) > { > NTSTATUS ret; > struct idmap_tdb_context *ctx; >- char *config_option = NULL; >- const char *range; > > ctx = talloc(dom, struct idmap_tdb_context); > if ( ! ctx) { >@@ -578,29 +576,72 @@ static NTSTATUS idmap_tdb_db_init(struct idmap_domain *dom, const char *params) > return NT_STATUS_NO_MEMORY; > } > >- config_option = talloc_asprintf(ctx, "idmap config %s", dom->name); >- if ( ! config_option) { >- DEBUG(0, ("Out of memory!\n")); >- ret = NT_STATUS_NO_MEMORY; >- goto failed; >- } >+ if (strequal(dom->name, "*")) { >+ uid_t low_uid = 0; >+ uid_t high_uid = 0; >+ gid_t low_gid = 0; >+ gid_t high_gid = 0; > >- ret = idmap_tdb_open_db(ctx, &ctx->tdb); >- if ( ! NT_STATUS_IS_OK(ret)) { >- goto failed; >+ ctx->filter_low_id = 0; >+ ctx->filter_high_id = 0; >+ >+ if (lp_idmap_uid(&low_uid, &high_uid)) { >+ ctx->filter_low_id = low_uid; >+ ctx->filter_high_id = high_uid; >+ } else { >+ DEBUG(3, ("Warning: 'idmap uid' not set!\n")); >+ } >+ >+ if (lp_idmap_gid(&low_gid, &high_gid)) { >+ if ((low_gid != low_uid) || (high_gid != high_uid)) { >+ DEBUG(1, ("Warning: 'idmap uid' and 'idmap gid'" >+ " ranges do not agree -- building " >+ "intersection\n")); >+ ctx->filter_low_id = MAX(ctx->filter_low_id, >+ low_gid); >+ ctx->filter_high_id = MIN(ctx->filter_high_id, >+ high_gid); >+ } >+ } else { >+ DEBUG(3, ("Warning: 'idmap gid' not set!\n")); >+ } >+ } else { >+ char *config_option = NULL; >+ const char *range; >+ >+ config_option = talloc_asprintf(ctx, "idmap config %s", dom->name); >+ if ( ! config_option) { >+ DEBUG(0, ("Out of memory!\n")); >+ ret = NT_STATUS_NO_MEMORY; >+ goto failed; >+ } >+ >+ range = lp_parm_const_string(-1, config_option, "range", NULL); >+ if (( ! range) || >+ (sscanf(range, "%u - %u", &ctx->filter_low_id, &ctx->filter_high_id) != 2)) >+ { >+ ctx->filter_low_id = 0; >+ ctx->filter_high_id = 0; >+ } >+ >+ talloc_free(config_option); > } > >- range = lp_parm_const_string(-1, config_option, "range", NULL); >- if (( ! range) || >- (sscanf(range, "%u - %u", &ctx->filter_low_id, &ctx->filter_high_id) != 2) || >- (ctx->filter_low_id > ctx->filter_high_id)) { >+ if (ctx->filter_low_id > ctx->filter_high_id) { > ctx->filter_low_id = 0; > ctx->filter_high_id = 0; > } > >+ DEBUG(10, ("idmap_tdb_db_init: filter range %u-%u loaded for domain " >+ "'%s'\n", ctx->filter_low_id, ctx->filter_high_id, dom->name)); >+ >+ ret = idmap_tdb_open_db(ctx, &ctx->tdb); >+ if ( ! NT_STATUS_IS_OK(ret)) { >+ goto failed; >+ } >+ > dom->private_data = ctx; > >- talloc_free(config_option); > return NT_STATUS_OK; > > failed: >-- >1.6.0.4 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Actions:
View
Attachments on
bug 6415
: 4215