Bug 624 - Running smbpasswd -a guest causes guest to get a UID of 0 in the smbpasswd DB irrespective of guests real UID
Running smbpasswd -a guest causes guest to get a UID of 0 in the smbpasswd DB...
Status: CLOSED FIXED
Product: Samba 3.0
Classification: Unclassified
Component: User/Group Accounts
3.0.0
Other other
: P3 minor
: 3.0.1
Assigned To: Gerald (Jerry) Carter
:
Depends on:
Blocks:
  Show dependency treegraph
 
Reported: 2003-10-14 17:39 UTC by Marc Kaplan
Modified: 2005-08-24 10:19 UTC (History)
1 user (show)

See Also:


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Marc Kaplan 2003-10-14 17:39:39 UTC
Here is a smbpasswd -D10 -a guest (guest's UID is 4):
-----start------
Netbios name list:-
my_netbios_names[0]="MKAPLAN-CLIP2"
Trying to load: smbpasswd
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
getsampwnam (smbpasswd): search by name: guest
startsmbfilepwent_internal: opening file /etc/private/smbpasswd
getsmbfilepwent: returning passwd entry for user admin, uid 1
getsmbfilepwent: returning passwd entry for user a1, uid 18000
getsmbfilepwent: returning passwd entry for user dum_owner, uid 81
getsmbfilepwent: returning passwd entry for user tdbsam, uid 18001
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
pdb_set_username: setting username guest, was
element 11 -> now SET
pdb_set_full_name: setting full name guest, was
element 12 -> now SET
pdb_set_domain: setting domain MKAPLAN-CLIP2, was
pdb_set_user_sid: setting user sid S-1-5-21-505807000-3058679453-2213821969-501
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-505807000-3058679453-2213821969-501 from rid 
501
pdb_set_group_sid: setting group sid 
S-1-5-21-505807000-3058679453-2213821969-514
pdb_set_group_sid_from_rid:
        setting group sid S-1-5-21-505807000-3058679453-2213821969-514 from rid 
514
account_policy_get: maximum password age:-1
account_policy_get: minimum password age:0
startsmbfilepwent_internal: opening file /etc/private/smbpasswd
getsmbfilepwent: returning passwd entry for user admin, uid 1
getsmbfilepwent: returning passwd entry for user a1, uid 18000
getsmbfilepwent: returning passwd entry for user dum_owner, uid 81
getsmbfilepwent: returning passwd entry for user tdbsam, uid 18001
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
-----end------

And here is a smbpasswd -D 10 -a a1 (UID is 18001):

-----start------
Netbios name list:-
my_netbios_names[0]="MKAPLAN-CLIP2"
Trying to load: smbpasswd
Attempting to register passdb backend ldapsam
Successfully added passdb backend 'ldapsam'
Attempting to register passdb backend ldapsam_compat
Successfully added passdb backend 'ldapsam_compat'
Attempting to register passdb backend smbpasswd
Successfully added passdb backend 'smbpasswd'
Attempting to register passdb backend tdbsam
Successfully added passdb backend 'tdbsam'
Attempting to register passdb backend guest
Successfully added passdb backend 'guest'
Attempting to find an passdb backend to match smbpasswd (smbpasswd)
Found pdb backend smbpasswd
pdb backend smbpasswd has a valid init
Attempting to find an passdb backend to match guest (guest)
Found pdb backend guest
pdb backend guest has a valid init
getsampwnam (smbpasswd): search by name: a1
startsmbfilepwent_internal: opening file /etc/private/smbpasswd
getsmbfilepwent: returning passwd entry for user admin, uid 1
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
Finding user a1
Trying _Get_Pwnam(), username as lowercase is a1
Get_Pwnam_internals did find user [a1]!
pdb_set_username: setting username a1, was
element 11 -> now SET
pdb_set_full_name: setting full name , was
element 12 -> now SET
pdb_set_unix_homedir: setting home dir /local_user_, was NULL
element 21 -> now SET
pdb_set_domain: setting domain MKAPLAN-CLIP2, was
pdb_set_user_sid: setting user sid 
S-1-5-21-505807000-3058679453-2213821969-37000
element 17 -> now SET
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-505807000-3058679453-2213821969-37000 from rid 
37000
pdb_set_group_sid: setting group sid 
S-1-5-21-505807000-3058679453-2213821969-1201
element 18 -> now SET
pdb_set_group_sid_from_rid:
        setting group sid S-1-5-21-505807000-3058679453-2213821969-1201 from rid 
1201
Home server: mkaplan-clip2
pdb_set_profile_path: setting profile path \\mkaplan-clip2\a1\profile, was
Home server: mkaplan-clip2
pdb_set_homedir: setting home dir \\mkaplan-clip2\a1, was
pdb_set_dir_drive: setting dir drive , was NULL
pdb_set_logon_script: setting logon script , was
pdb_init_sam_new: no RID specified.  Generating one via old algorithm
pdb_set_user_sid: setting user sid 
S-1-5-21-505807000-3058679453-2213821969-37000
element 17 -> now SET
pdb_set_user_sid_from_rid:
        setting user sid S-1-5-21-505807000-3058679453-2213821969-37000 from rid 
37000
account_policy_get: maximum password age:-1
account_policy_get: minimum password age:0
startsmbfilepwent_internal: opening file /etc/private/smbpasswd
getsmbfilepwent: returning passwd entry for user admin, uid 1
getsmbfilepwent: end of file reached.
endsmbfilepwent_internal: closed password file.
-----end------

So there is some error here which is not propagating up.
Comment 1 Gerald (Jerry) Carter 2003-11-05 21:44:01 UTC
Fixed by making sure the pdb_guest module set's the SID 
instead of using PDB_DEFAULT. 
Comment 2 Gerald (Jerry) Carter 2005-08-24 10:19:57 UTC
sorry for the same, cleaning up the database to prevent unecessary reopens of bugs.