Bug 11402 - winbind caches wrong entries for uid->sid and gid->sid idmap lookups
Summary: winbind caches wrong entries for uid->sid and gid->sid idmap lookups
Status: RESOLVED INVALID
Alias: None
Product: Samba 4.1 and newer
Classification: Unclassified
Component: Winbind (show other bugs)
Version: unspecified
Hardware: All All
: P5 normal (vote)
Target Milestone: ---
Assignee: Samba QA Contact
QA Contact: Samba QA Contact
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2015-07-15 20:39 UTC by Buck Huppmann
Modified: 2015-07-15 20:59 UTC (History)
0 users

See Also:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Buck Huppmann 2015-07-15 20:39:08 UTC 
Hi

I may be reading this wrong, so please go easy on me if I am

In this initial commit, it seems like winbindd is caching the lookups in the wrong direction:

https://git.samba.org/?p=samba.git;a=commitdiff;h=340ab6a256802a22c11b7f707748397249075b65#patch12

E.g., in the first hunk, idmap_uid_to_sid() looks up a uid->sid mapping but then it calls idmap_cache_set_sid2uid() to cache the result for a sid->uid lookup instead.  (In the next hunk, there is a copy-and-paste error that results in setting sid2uid also. It was later corrected to be gid2sid

https://git.samba.org/?p=samba.git;a=commitdiff;h=650c96725e5648397a15c806ca28c5733b749968

but that should be sid2gid, i think, likewise)

Am I wrong?
Comment 1 Buck Huppmann 2015-07-15 20:58:19 UTC 
Sorry.  Apologies

I notice samba4 has a unified sid2unixid/unixid2sid caching scheme
that caches the mappings in both directions and doesn't call these
functions any more

samba-3.6.23's tree still has the indicated errors, but i gather
that's unmaintained nowadays
Comment 2 Buck Huppmann 2015-07-15 20:59:10 UTC 
invalidating