Try harder to avoid LDAP access for RFC2307 mapping
* fhandler_disk_file.cc (fhandler_base::fstat_by_nfs_ea): Rearrange
to fall back to myself uid/gid in case we don't utilize Windows
account DBs, just as prior to 1.7.34.
* sec_helper.cc (cygpsid::get_id): Disable Samba user/group mapping per
RFC2307 if we're not utilizing Windows account DBs.
* security.cc (convert_samba_sd): Revert previous patch.
Signed-off-by: Corinna Vinschen <corinna@vinschen.de>
This commit is contained in:
Corinna Vinschen
@@ -343,36 +343,47 @@ fhandler_base::fstat_by_nfs_ea (struct stat *buf)
|
||||
buf->st_mode = (nfs_attr->mode & 0xfff)
|
||||
| nfs_type_mapping[nfs_attr->type & 7];
|
||||
buf->st_nlink = nfs_attr->nlink;
|
||||
/* Try to map UNIX uid/gid to Cygwin uid/gid. If there's no mapping in
|
||||
the cache, try to fetch it from the configured RFC 2307 domain (see
|
||||
last comment in cygheap_domain_info::init() for more information) and
|
||||
add it to the mapping cache. */
|
||||
buf->st_uid = cygheap->ugid_cache.get_uid (nfs_attr->uid);
|
||||
buf->st_gid = cygheap->ugid_cache.get_gid (nfs_attr->gid);
|
||||
if (buf->st_uid == ILLEGAL_UID && cygheap->pg.nss_pwd_db ())
|
||||
if (cygheap->pg.nss_pwd_db ())
|
||||
{
|
||||
uid_t map_uid = ILLEGAL_UID;
|
||||
/* Try to map UNIX uid/gid to Cygwin uid/gid. If there's no mapping in
|
||||
the cache, try to fetch it from the configured RFC 2307 domain (see
|
||||
last comment in cygheap_domain_info::init() for more information) and
|
||||
add it to the mapping cache. */
|
||||
buf->st_uid = cygheap->ugid_cache.get_uid (nfs_attr->uid);
|
||||
if (buf->st_uid == ILLEGAL_UID)
|
||||
{
|
||||
uid_t map_uid = ILLEGAL_UID;
|
||||
|
||||
domain = cygheap->dom.get_rfc2307_domain ();
|
||||
if ((ldap_open = (cldap.open (domain) == NO_ERROR)))
|
||||
map_uid = cldap.remap_uid (nfs_attr->uid);
|
||||
if (map_uid == ILLEGAL_UID)
|
||||
map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid);
|
||||
cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid);
|
||||
buf->st_uid = map_uid;
|
||||
domain = cygheap->dom.get_rfc2307_domain ();
|
||||
if ((ldap_open = (cldap.open (domain) == NO_ERROR)))
|
||||
map_uid = cldap.remap_uid (nfs_attr->uid);
|
||||
if (map_uid == ILLEGAL_UID)
|
||||
map_uid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->uid);
|
||||
cygheap->ugid_cache.add_uid (nfs_attr->uid, map_uid);
|
||||
buf->st_uid = map_uid;
|
||||
}
|
||||
}
|
||||
if (buf->st_gid == ILLEGAL_GID && cygheap->pg.nss_grp_db ())
|
||||
else /* fake files being owned by current user. */
|
||||
buf->st_uid = myself->uid;
|
||||
if (cygheap->pg.nss_grp_db ())
|
||||
{
|
||||
gid_t map_gid = ILLEGAL_GID;
|
||||
/* See above */
|
||||
buf->st_gid = cygheap->ugid_cache.get_gid (nfs_attr->gid);
|
||||
if (buf->st_gid == ILLEGAL_GID)
|
||||
{
|
||||
gid_t map_gid = ILLEGAL_GID;
|
||||
|
||||
domain = cygheap->dom.get_rfc2307_domain ();
|
||||
if ((ldap_open || cldap.open (domain) == NO_ERROR))
|
||||
map_gid = cldap.remap_gid (nfs_attr->gid);
|
||||
if (map_gid == ILLEGAL_GID)
|
||||
map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid);
|
||||
cygheap->ugid_cache.add_gid (nfs_attr->gid, map_gid);
|
||||
buf->st_gid = map_gid;
|
||||
domain = cygheap->dom.get_rfc2307_domain ();
|
||||
if ((ldap_open || cldap.open (domain) == NO_ERROR))
|
||||
map_gid = cldap.remap_gid (nfs_attr->gid);
|
||||
if (map_gid == ILLEGAL_GID)
|
||||
map_gid = MAP_UNIX_TO_CYGWIN_ID (nfs_attr->gid);
|
||||
cygheap->ugid_cache.add_gid (nfs_attr->gid, map_gid);
|
||||
buf->st_gid = map_gid;
|
||||
}
|
||||
}
|
||||
else /* fake files being owned by current group. */
|
||||
buf->st_gid = myself->gid;
|
||||
buf->st_rdev = makedev (nfs_attr->rdev.specdata1,
|
||||
nfs_attr->rdev.specdata2);
|
||||
buf->st_size = nfs_attr->size;
|
||||
|
||||
Reference in New Issue
Block a user