From d9a2ff559e1ad953141b1118a9e370496f1f61fa Mon Sep 17 00:00:00 2001 From: Christof Schmitt Date: Wed, 26 Jun 2019 13:24:16 -0700 Subject: [PATCH] nfs4_acls: Use sids_to_unixids to lookup uid or gid This is the newer API to lookup id mappings and will make it easier to add to the IDMAP_TYPE_BOTH case. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14032 Signed-off-by: Christof Schmitt Reviewed-by: Ralph Boehme --- source3/modules/nfs4_acls.c | 20 ++++++++++++++------ 1 file changed, 14 insertions(+), 6 deletions(-) diff --git a/source3/modules/nfs4_acls.c b/source3/modules/nfs4_acls.c index 5543b3a7f58..4069c9310ed 100644 --- a/source3/modules/nfs4_acls.c +++ b/source3/modules/nfs4_acls.c @@ -21,6 +21,7 @@ #include "smbd/smbd.h" #include "nfs4_acls.h" #include "librpc/gen_ndr/ndr_security.h" +#include "librpc/gen_ndr/idmap.h" #include "../libcli/security/dom_sid.h" #include "../libcli/security/security.h" #include "dbwrap/dbwrap.h" @@ -719,14 +720,21 @@ static bool smbacl4_fill_ace4( return false; } } else { - uid_t uid; - gid_t gid; + struct unixid unixid; + bool ok; - if (sid_to_gid(&ace_nt->trustee, &gid)) { + ok = sids_to_unixids(&ace_nt->trustee, 1, &unixid); + if (!ok) { + DBG_WARNING("Could not convert %s to uid or gid.\n", + dom_sid_str_buf(&ace_nt->trustee, &buf)); + return false; + } + + if (unixid.type == ID_TYPE_GID || unixid.type == ID_TYPE_BOTH) { ace_v4->aceFlags |= SMB_ACE4_IDENTIFIER_GROUP; - ace_v4->who.gid = gid; - } else if (sid_to_uid(&ace_nt->trustee, &uid)) { - ace_v4->who.uid = uid; + ace_v4->who.gid = unixid.id; + } else if (unixid.type == ID_TYPE_UID) { + ace_v4->who.uid = unixid.id; } else if (dom_sid_compare_domain(&ace_nt->trustee, &global_sid_Unix_NFS) == 0) { return false; -- 2.11.4.GIT