Print this page
4078 groupadd execs getent unnecessarily
Reviewed by: Rich Lowe <richlowe@richlowe.net>
Reviewed by: Gary Mills <gary_mills@fastmail.fm>
Reviewed by: Milan Jurik <milan.jurik@xylab.cz>
Reviewed by: Gordon Ross <Gordon.W.Ross@gmail.com>

*** 20,29 **** --- 20,30 ---- */ /* * Copyright 2011 Nexenta Systems, Inc. All rights reserved. * Copyright (c) 2008, 2010, Oracle and/or its affiliates. All rights reserved. + * Copyright (c) 2013 RackTop Systems. */ #include <stdlib.h> #include <strings.h> #include <unistd.h>
*** 36,45 **** --- 37,47 ---- #include <smbsrv/libsmb.h> #include <smb_sqlite.h> #include <sys/types.h> #include <sys/stat.h> #include <sys/param.h> + #include <libcmdutils.h> /* * Local domain SID (aka machine SID) is not stored in the domain table * therefore the index is 0 */
*** 121,131 **** #define SMB_LGRP_PGRP_GRPTMP "/etc/gtmp" #define SMB_LGRP_PGRP_GRPBUFSIZ 5120 #define SMB_LGRP_PGRP_GROUP "/etc/group" #define SMB_LGRP_PGRP_MAXGLEN 9 /* max length of group name */ ! #define SMB_LGRP_PGRP_DEFRID 99 /* max reserved id */ #define SMB_LGRP_PGRP_NOTUNIQUE 0 #define SMB_LGRP_PGRP_RESERVED 1 #define SMB_LGRP_PGRP_UNIQUE 2 #define SMB_LGRP_PGRP_TOOBIG 3 --- 123,133 ---- #define SMB_LGRP_PGRP_GRPTMP "/etc/gtmp" #define SMB_LGRP_PGRP_GRPBUFSIZ 5120 #define SMB_LGRP_PGRP_GROUP "/etc/group" #define SMB_LGRP_PGRP_MAXGLEN 9 /* max length of group name */ ! #define SMB_LGRP_PGRP_DEFRID 1000 /* lowest cifs created gid */ #define SMB_LGRP_PGRP_NOTUNIQUE 0 #define SMB_LGRP_PGRP_RESERVED 1 #define SMB_LGRP_PGRP_UNIQUE 2 #define SMB_LGRP_PGRP_TOOBIG 3
*** 2543,2640 **** return (SMB_LGRP_PGRP_UNIQUE); } /* - * smb_lgrp_pgrp_valid_gid - * - * Check to see that the gid is not a reserved gid - * -- nobody (60001), noaccess (60002) or nogroup (65534) - */ - static int - smb_lgrp_pgrp_valid_gid(gid_t gid) - { - return (gid != 60001 && gid != 60002 && gid != 65534); - } - - /* - * smb_lgrp_pgrp_findnextgid(void) - * - * This method finds the next valid GID. - * It sorts the used GIDs in decreasing order to return MAXUSED + 1. - * It then adds one to obtain the next valid GID. - * On failure, -1 is returned. On success, a valid GID is returned. - */ - static int - smb_lgrp_pgrp_findnextgid(void) - { - FILE *fptr; - gid_t last, next; - int gid; - - if ((fptr = popen("exec sh -c " - "\"getent group|cut -f3 -d:|sort -nr|uniq \" 2>/dev/null", - "r")) == NULL) - return (-1); - - if (fscanf(fptr, "%u\n", &next) == EOF) { - (void) pclose(fptr); - return (SMB_LGRP_PGRP_DEFRID + 1); - } - - last = MAXUID; - gid = -1; - do { - if (!smb_lgrp_pgrp_valid_gid(next)) - continue; - - if (next <= SMB_LGRP_PGRP_DEFRID) { - if (last != SMB_LGRP_PGRP_DEFRID + 1) - gid = SMB_LGRP_PGRP_DEFRID + 1; - break; - } - - if ((gid = next + 1) != last) { - while (!smb_lgrp_pgrp_valid_gid((gid_t)gid)) - gid++; - if (gid > 0 && gid < last) - break; - } - - gid = -1; - last = next; - } while (fscanf(fptr, "%u\n", &next) != EOF); - - (void) pclose(fptr); - return (gid); - } - - /* * smb_lgrp_pgrp_add * * Create a posix group with the given name. * This group will be added to the /etc/group file. */ static int smb_lgrp_pgrp_add(char *group) { FILE *etcgrp; FILE *etctmp; ! int o_mask, gret; int newdone = 0; struct stat sb; char buf[SMB_LGRP_PGRP_GRPBUFSIZ]; gid_t gid; int rc = 0; rc = smb_lgrp_pgrp_valid_gname(group); if ((rc == SMB_LGRP_PGRP_INVALID) || (rc == SMB_LGRP_PGRP_NOTUNIQUE)) return (-1); ! if ((gret = smb_lgrp_pgrp_findnextgid()) < 0) return (-1); - gid = gret; if ((etcgrp = fopen(SMB_LGRP_PGRP_GROUP, "r")) == NULL) return (-1); if (fstat(fileno(etcgrp), &sb) < 0) --- 2545,2577 ---- return (SMB_LGRP_PGRP_UNIQUE); } /* * smb_lgrp_pgrp_add * * Create a posix group with the given name. * This group will be added to the /etc/group file. */ static int smb_lgrp_pgrp_add(char *group) { FILE *etcgrp; FILE *etctmp; ! int o_mask; int newdone = 0; struct stat sb; char buf[SMB_LGRP_PGRP_GRPBUFSIZ]; gid_t gid; int rc = 0; rc = smb_lgrp_pgrp_valid_gname(group); if ((rc == SMB_LGRP_PGRP_INVALID) || (rc == SMB_LGRP_PGRP_NOTUNIQUE)) return (-1); ! if ((findnextgid(SMB_LGRP_PGRP_DEFRID, MAXUID, &gid)) != 0) return (-1); if ((etcgrp = fopen(SMB_LGRP_PGRP_GROUP, "r")) == NULL) return (-1); if (fstat(fileno(etcgrp), &sb) < 0)