This is the mail archive of the cygwin-cvs@cygwin.com mailing list for the Cygwin project.


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]
Other format: [Raw text]

[newlib-cygwin] Don't perform RFC2307 account mapping without account DB


https://sourceware.org/git/gitweb.cgi?p=newlib-cygwin.git;h=5de7f2e6c31c59942d9e1b410c9436a21d2a0e7b

commit 5de7f2e6c31c59942d9e1b410c9436a21d2a0e7b
Author: Corinna Vinschen <corinna@vinschen.de>
Date:   Fri Aug 14 21:41:37 2015 +0200

    Don't perform RFC2307 account mapping without account DB
    
            * fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Only try
            to map user and group info per RFC2307 if account info is fetched
            from Windows account DB.
            (convert_samba_sd): Ditto.
    
    Signed-off-by: Corinna Vinschen <corinna@vinschen.de>

Diff:
---
 winsup/cygwin/ChangeLog             |  7 +++++++
 winsup/cygwin/fhandler_disk_file.cc |  4 ++--
 winsup/cygwin/release/2.2.1         |  4 ++++
 winsup/cygwin/security.cc           | 14 ++++++++------
 4 files changed, 21 insertions(+), 8 deletions(-)

diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog
index 4cde08b..3c17f14 100644
--- a/winsup/cygwin/ChangeLog
+++ b/winsup/cygwin/ChangeLog
@@ -1,5 +1,12 @@
 2015-08-14  Corinna Vinschen  <corinna@vinschen.de>
 
+	* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Only try
+	to map user and group info per RFC2307 if account info is fetched
+	from Windows account DB.
+	(convert_samba_sd): Ditto.
+
+2015-08-14  Corinna Vinschen  <corinna@vinschen.de>
+
 	* security,cc (get_attribute_from_acl): Merge all group perms into
 	user perms if user is member of group.
 
diff --git a/winsup/cygwin/fhandler_disk_file.cc b/winsup/cygwin/fhandler_disk_file.cc
index f5edb03..08ce81f 100644
--- a/winsup/cygwin/fhandler_disk_file.cc
+++ b/winsup/cygwin/fhandler_disk_file.cc
@@ -349,7 +349,7 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf)
      add it to the mapping cache. */
   buf->st_uid = cygheap->ugid_cache.get_uid (nfs_attr->uid);
   buf->st_gid = cygheap->ugid_cache.get_gid (nfs_attr->gid);
-  if (buf->st_uid == ILLEGAL_UID)
+  if (buf->st_uid == ILLEGAL_UID && cygheap->pg.nss_pwd_db ())
     {
       uid_t map_uid = ILLEGAL_UID;
 
@@ -361,7 +361,7 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf)
       cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid);
       buf->st_uid = map_uid;
     }
-  if (buf->st_gid == ILLEGAL_GID)
+  if (buf->st_gid == ILLEGAL_GID && cygheap->pg.nss_grp_db ())
     {
       gid_t map_gid = ILLEGAL_GID;
 
diff --git a/winsup/cygwin/release/2.2.1 b/winsup/cygwin/release/2.2.1
index d8453d3..b31f182 100644
--- a/winsup/cygwin/release/2.2.1
+++ b/winsup/cygwin/release/2.2.1
@@ -15,3 +15,7 @@ Bug Fixes
 
 - Fix output of /proc/cpuinfo in terms of cpu topology and cache size for
   modern CPUs and modern Windows OSes supporting more than 64 logical CPUs.
+
+- Don't try to perform RFC2307 owner/group mapping on Samba/NFS if account
+  info is only fetched from local passwd/group files.
+  Addresses: https://cygwin.com/ml/cygwin/2015-07/msg00270.html
diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc
index 4625060..939dc35 100644
--- a/winsup/cygwin/security.cc
+++ b/winsup/cygwin/security.cc
@@ -1122,19 +1122,19 @@ convert_samba_sd (security_descriptor &sd_ret)
     return;
   group = sid;
 
-  if (sid_id_auth (owner) == 22)
+  if (sid_id_auth (owner) == 22 && cygheap->pg.nss_pwd_db ())
     {
       struct passwd *pwd;
       uid_t uid = owner.get_uid (&cldap);
       if (uid < UNIX_POSIX_OFFSET && (pwd = internal_getpwuid (uid)))
-      	owner.getfrompw (pwd);
+	owner.getfrompw (pwd);
     }
-  if (sid_id_auth (group) == 22)
+  if (sid_id_auth (group) == 22 && cygheap->pg.nss_grp_db ())
     {
       struct group *grp;
       gid_t gid = group.get_gid (&cldap);
       if (gid < UNIX_POSIX_OFFSET && (grp = internal_getgrgid (gid)))
-      	group.getfromgr (grp);
+	group.getfromgr (grp);
     }
 
   if (!NT_SUCCESS (RtlGetDaclSecurityDescriptor (sd_ret, &dummy,
@@ -1150,14 +1150,16 @@ convert_samba_sd (security_descriptor &sd_ret)
 	cygsid ace_sid ((PSID) &ace->SidStart);
 	if (sid_id_auth (ace_sid) == 22)
 	  {
-	    if (sid_sub_auth (ace_sid, 0) == 1) /* user */
+	    if (sid_sub_auth (ace_sid, 0) == 1 /* user */
+		&& cygheap->pg.nss_pwd_db ())
 	      {
 		struct passwd *pwd;
 		uid_t uid = ace_sid.get_uid (&cldap);
 		if (uid < UNIX_POSIX_OFFSET && (pwd = internal_getpwuid (uid)))
 		  ace_sid.getfrompw (pwd);
 	      }
-	    else /* group */
+	    else if (sid_sub_auth (ace_sid, 0) == 1 /* group */
+		     && cygheap->pg.nss_grp_db ())
 	      {
 		struct group *grp;
 		gid_t gid = ace_sid.get_gid (&cldap);


Index Nav: [Date Index] [Subject Index] [Author Index] [Thread Index]
Message Nav: [Date Prev] [Date Next] [Thread Prev] [Thread Next]