diff --git a/winsup/cygwin/ChangeLog b/winsup/cygwin/ChangeLog index b026b0e43..6696d5023 100644 --- a/winsup/cygwin/ChangeLog +++ b/winsup/cygwin/ChangeLog @@ -1,3 +1,12 @@ +2015-08-17 Corinna Vinschen + + * fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Rearrange + to fall back to myself uid/gid in case we don't utilize Windows + account DBs, just as prior to 1.7.34. + * sec_helper.cc (cygpsid::get_id): Disable Samba user/group mapping per + RFC2307 if we're not utilizing Windows account DBs. + * security.cc (convert_samba_sd): Revert previous patch. + 2015-08-17 Corinna Vinschen * fhandler_proc.cc (format_proc_cpuinfo): Handle AMDs providing diff --git a/winsup/cygwin/fhandler_disk_file.cc b/winsup/cygwin/fhandler_disk_file.cc index 08ce81fad..455c478fb 100644 --- a/winsup/cygwin/fhandler_disk_file.cc +++ b/winsup/cygwin/fhandler_disk_file.cc @@ -343,36 +343,47 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf) buf->st_mode = (nfs_attr->mode & 0xfff) | nfs_type_mapping[nfs_attr->type & 7]; buf->st_nlink = nfs_attr->nlink; - /* Try to map UNIX uid/gid to Cygwin uid/gid. If there's no mapping in - the cache, try to fetch it from the configured RFC 2307 domain (see - last comment in cygheap_domain_info::init() for more information) and - add it to the mapping cache. */ - buf->st_uid = cygheap->ugid_cache.get_uid (nfs_attr->uid); - buf->st_gid = cygheap->ugid_cache.get_gid (nfs_attr->gid); - if (buf->st_uid == ILLEGAL_UID && cygheap->pg.nss_pwd_db ()) + if (cygheap->pg.nss_pwd_db ()) { - uid_t map_uid = ILLEGAL_UID; + /* Try to map UNIX uid/gid to Cygwin uid/gid. If there's no mapping in + the cache, try to fetch it from the configured RFC 2307 domain (see + last comment in cygheap_domain_info::init() for more information) and + add it to the mapping cache. */ + buf->st_uid = cygheap->ugid_cache.get_uid (nfs_attr->uid); + if (buf->st_uid == ILLEGAL_UID) + { + uid_t map_uid = ILLEGAL_UID; - domain = cygheap->dom.get_rfc2307_domain (); - if ((ldap_open = (cldap.open (domain) == NO_ERROR))) - map_uid = cldap.remap_uid (nfs_attr->uid); - if (map_uid == ILLEGAL_UID) - map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid); - cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid); - buf->st_uid = map_uid; + domain = cygheap->dom.get_rfc2307_domain (); + if ((ldap_open = (cldap.open (domain) == NO_ERROR))) + map_uid = cldap.remap_uid (nfs_attr->uid); + if (map_uid == ILLEGAL_UID) + map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid); + cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid); + buf->st_uid = map_uid; + } } - if (buf->st_gid == ILLEGAL_GID && cygheap->pg.nss_grp_db ()) + else /* fake files being owned by current user. */ + buf->st_uid = myself->uid; + if (cygheap->pg.nss_grp_db ()) { - gid_t map_gid = ILLEGAL_GID; + /* See above */ + buf->st_gid = cygheap->ugid_cache.get_gid (nfs_attr->gid); + if (buf->st_gid == ILLEGAL_GID) + { + gid_t map_gid = ILLEGAL_GID; - domain = cygheap->dom.get_rfc2307_domain (); - if ((ldap_open || cldap.open (domain) == NO_ERROR)) - map_gid = cldap.remap_gid (nfs_attr->gid); - if (map_gid == ILLEGAL_GID) - map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid); - cygheap->ugid_cache.add_gid (nfs_attr->gid, map_gid); - buf->st_gid = map_gid; + domain = cygheap->dom.get_rfc2307_domain (); + if ((ldap_open || cldap.open (domain) == NO_ERROR)) + map_gid = cldap.remap_gid (nfs_attr->gid); + if (map_gid == ILLEGAL_GID) + map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid); + cygheap->ugid_cache.add_gid (nfs_attr->gid, map_gid); + buf->st_gid = map_gid; + } } + else /* fake files being owned by current group. */ + buf->st_gid = myself->gid; buf->st_rdev = makedev (nfs_attr->rdev.specdata1, nfs_attr->rdev.specdata2); buf->st_size = nfs_attr->size; diff --git a/winsup/cygwin/sec_helper.cc b/winsup/cygwin/sec_helper.cc index 679f3a858..0c3a51c7e 100644 --- a/winsup/cygwin/sec_helper.cc +++ b/winsup/cygwin/sec_helper.cc @@ -112,7 +112,7 @@ cygpsid::get_id (BOOL search_grp, int *type, cyg_ldap *pldap) struct group *gr; if (cygheap->user.groups.pgsid == psid) id = myself->gid; - else if (sid_id_auth (psid) == 22) + else if (sid_id_auth (psid) == 22 && cygheap->pg.nss_grp_db ()) { /* Samba UNIX group. Try to map to Cygwin gid. If there's no mapping in the cache, try to fetch it from the configured @@ -144,7 +144,7 @@ cygpsid::get_id (BOOL search_grp, int *type, cyg_ldap *pldap) struct passwd *pw; if (*this == cygheap->user.sid ()) id = myself->uid; - else if (sid_id_auth (psid) == 22) + else if (sid_id_auth (psid) == 22 && cygheap->pg.nss_pwd_db ()) { /* Samba UNIX user. See comment above. */ uid_t uid = sid_sub_auth_rid (psid); diff --git a/winsup/cygwin/security.cc b/winsup/cygwin/security.cc index 5e771e257..9a94c53d1 100644 --- a/winsup/cygwin/security.cc +++ b/winsup/cygwin/security.cc @@ -1122,14 +1122,14 @@ convert_samba_sd (security_descriptor &sd_ret) return; group = sid; - if (sid_id_auth (owner) == 22 && cygheap->pg.nss_pwd_db ()) + if (sid_id_auth (owner) == 22) { struct passwd *pwd; uid_t uid = owner.get_uid (&cldap); if (uid < UNIX_POSIX_OFFSET && (pwd = internal_getpwuid (uid))) owner.getfrompw (pwd); } - if (sid_id_auth (group) == 22 && cygheap->pg.nss_grp_db ()) + if (sid_id_auth (group) == 22) { struct group *grp; gid_t gid = group.get_gid (&cldap); @@ -1150,16 +1150,14 @@ convert_samba_sd (security_descriptor &sd_ret) cygsid ace_sid ((PSID) &ace->SidStart); if (sid_id_auth (ace_sid) == 22) { - if (sid_sub_auth (ace_sid, 0) == 1 /* user */ - && cygheap->pg.nss_pwd_db ()) + if (sid_sub_auth (ace_sid, 0) == 1) /* user */ { struct passwd *pwd; uid_t uid = ace_sid.get_uid (&cldap); if (uid < UNIX_POSIX_OFFSET && (pwd = internal_getpwuid (uid))) ace_sid.getfrompw (pwd); } - else if (sid_sub_auth (ace_sid, 0) == 2 /* group */ - && cygheap->pg.nss_grp_db ()) + else if (sid_sub_auth (ace_sid, 0) == 2) /* group */ { struct group *grp; gid_t gid = ace_sid.get_gid (&cldap);