We had a race condition when changing a machine acount password as we

were no longer locking the secrets entry. I saw this on a live system.
Jeremy.
(This used to be commit 660dafcbb2d1029831212a32d995891626a0344c)

diff --git a/source3/passdb/secrets.c b/source3/passdb/secrets.c
index b2bdaf2753cc54053c8129d9e247144731fd99f1..08a0e9c9acfa9a7b1d704498744e4f1f1cd0fa4b 100644 (file)
--- a/source3/passdb/secrets.c
+++ b/source3/passdb/secrets.c
@@ -206,8 +206,27 @@ char *trustdom_keystr(const char *domain)
 }
 
 /************************************************************************
- Routine to get the machine trust account password for a domain.
+ Lock the trust password entry.
 ************************************************************************/
+
+BOOL secrets_lock_trust_account_password(char *domain, BOOL dolock)
+{
+       if (!tdb)
+               return False;
+
+       if (dolock)
+               return (tdb_lock_bystring(tdb, trust_keystr(domain)) == 0);
+       else
+               tdb_unlock_bystring(tdb, trust_keystr(domain));
+       return True;
+}
+
+/************************************************************************
+ Routine to get the trust account password for a domain.
+ The user of this function must have locked the trust password file using
+ the above call.
+************************************************************************/
+
 BOOL secrets_fetch_trust_account_password(char *domain, uint8 ret_pwd[16],
                                          time_t *pass_last_set_time)
 {
@@ -243,6 +262,7 @@ BOOL secrets_fetch_trust_account_password(char *domain, uint8 ret_pwd[16],
 /************************************************************************
  Routine to get account password to trusted domain
 ************************************************************************/
+
 BOOL secrets_fetch_trusted_domain_password(char *domain, char** pwd,
                                           DOM_SID *sid, time_t *pass_last_set_time)
 {

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index c796797fad126dff5664d2830cc28b6ac2d8acc6..0f7cfd0e9cb0e78ba0a19d2f7b228f8c9e1ec09e 100644 (file)
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -1154,9 +1154,16 @@ static BOOL timeout_processing(int deadtime, int *select_timeout, time_t *last_t
      * First, open the machine password file with an exclusive lock.
      */
 
+    if (secrets_lock_trust_account_password(global_myworkgroup, True) == False) {
+      DEBUG(0,("process: unable to lock the machine account password for \
+machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+      return True;
+    }
+
     if(!secrets_fetch_trust_account_password(global_myworkgroup, trust_passwd_hash, &lct)) {
       DEBUG(0,("process: unable to read the machine account password for \
 machine %s in domain %s.\n", global_myname, global_myworkgroup ));
+      secrets_lock_trust_account_password(global_myworkgroup, False);
       return True;
     }
 
@@ -1166,6 +1173,7 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup ));
 
     if(t < lct + lp_machine_password_timeout()) {
       global_machine_password_needs_changing = False;
+      secrets_lock_trust_account_password(global_myworkgroup, False);
       return True;
     }
 
@@ -1173,6 +1181,7 @@ machine %s in domain %s.\n", global_myname, global_myworkgroup ));
 
     change_trust_account_password( global_myworkgroup, remote_machine_list);
     global_machine_password_needs_changing = False;
+    secrets_lock_trust_account_password(global_myworkgroup, False);
   }
 
   /*