r18483: Ensure all pdb_XXX calls are wrapped in become_root()/unbecome_root()

pairs. Should fix bug #4097.
Jeremy.
(This used to be commit f787b9d156992e0069860cb1ab829970cb69eb81)

diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index b339754c6df0f29986ef5d8475c32391dc349ee2..e89c5a41a29e5ac5ad772c92127a0b85cd50f363 100644 (file)
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -1117,6 +1117,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
 {
        uid_t low, high;
        uint32 rid;
+       BOOL ret;
 
        ZERO_STRUCTP(psid);
 
@@ -1131,7 +1132,11 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
                goto done;
        }
 
-       if (pdb_uid_to_rid(uid, &rid)) {
+       become_root();
+       ret = pdb_uid_to_rid(uid, &rid);
+       unbecome_root();
+
+       if (ret) {
                /* This is a mapped user */
                sid_copy(psid, get_global_sam_sid());
                sid_append_rid(psid, rid);
@@ -1156,6 +1161,7 @@ void uid_to_sid(DOM_SID *psid, uid_t uid)
 
 void gid_to_sid(DOM_SID *psid, gid_t gid)
 {
+       BOOL ret;
        gid_t low, high;
 
        ZERO_STRUCTP(psid);
@@ -1171,7 +1177,11 @@ void gid_to_sid(DOM_SID *psid, gid_t gid)
                goto done;
        }
 
-       if (pdb_gid_to_sid(gid, psid)) {
+       become_root();
+       ret = pdb_gid_to_sid(gid, psid);
+       unbecome_root();
+
+       if (ret) {
                /* This is a mapped group */
                goto done;
        }
@@ -1213,8 +1223,13 @@ BOOL sid_to_uid(const DOM_SID *psid, uid_t *puid)
 
        if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
                union unid_t id;
+               BOOL ret;
 
-               if (pdb_sid_to_id(psid, &id, &type)) {
+               become_root();
+               ret = pdb_sid_to_id(psid, &id, &type);
+               unbecome_root();
+
+               if (ret) {
                        if (type != SID_NAME_USER) {
                                DEBUG(5, ("sid %s is a %s, expected a user\n",
                                          sid_string_static(psid),
@@ -1288,7 +1303,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
 
        if ((sid_check_is_in_builtin(psid) ||
             sid_check_is_in_wellknown_domain(psid))) {
-               if (pdb_getgrsid(&map, *psid)) {
+               BOOL ret;
+
+               become_root();
+               ret = pdb_getgrsid(&map, *psid);
+               unbecome_root();
+
+               if (ret) {
                        *pgid = map.gid;
                        goto done;
                }
@@ -1296,7 +1317,13 @@ BOOL sid_to_gid(const DOM_SID *psid, gid_t *pgid)
        }
 
        if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
-               if (pdb_sid_to_id(psid, &id, &type)) {
+               BOOL ret;
+
+               become_root();
+               ret = pdb_sid_to_id(psid, &id, &type);
+               unbecome_root();
+
+               if (ret) {
                        if ((type != SID_NAME_DOM_GRP) &&
                            (type != SID_NAME_ALIAS)) {
                                DEBUG(5, ("sid %s is a %s, expected a group\n",