Implement Metze's suggestion of trying getpwuid(0) then getpwnam(root).

[ira/wip.git] / source3 / auth / token_util.c

diff --git a/source3/auth/token_util.c b/source3/auth/token_util.c
index 2b55af779ea8d182e3cfa223cd70efaa9a3339e8..86dae3a08cb9aa45e5a77b810df633303ae3c1cd 100644 (file)
--- a/source3/auth/token_util.c
+++ b/source3/auth/token_util.c
@@ -77,23 +77,26 @@ bool nt_token_check_domain_rid( NT_USER_TOKEN *token, uint32 rid )
 
 NT_USER_TOKEN *get_root_nt_token( void )
 {
-       struct nt_user_token *token = NULL;
+       struct nt_user_token *token, *for_cache;
        DOM_SID u_sid, g_sid;
        struct passwd *pw;
        void *cache_data;
 
        cache_data = memcache_lookup_talloc(
                NULL, SINGLETON_CACHE_TALLOC,
-               data_blob_string_const("root_nt_token"));
+               data_blob_string_const_null("root_nt_token"));
 
        if (cache_data != NULL) {
                return talloc_get_type_abort(
                        cache_data, struct nt_user_token);
        }
 
-       if ( !(pw = sys_getpwnam( "root" )) ) {
-               DEBUG(0,("get_root_nt_token: getpwnam(\"root\") failed!\n"));
-               return NULL;
+       if ( !(pw = sys_getpwuid(0)) ) {
+               if ( !(pw = sys_getpwnam("root")) ) {
+                       DEBUG(0,("get_root_nt_token: both sys_getpwuid(0) "
+                               "and sys_getpwnam(\"root\") failed!\n"));
+                       return NULL;
+               }
        }
 
        /* get the user and primary group SIDs; although the
@@ -102,14 +105,16 @@ NT_USER_TOKEN *get_root_nt_token( void )
        uid_to_sid(&u_sid, pw->pw_uid);
        gid_to_sid(&g_sid, pw->pw_gid);
 
-       token = create_local_nt_token(NULL, &u_sid, False,
+       token = create_local_nt_token(talloc_autofree_context(), &u_sid, False,
                                      1, &global_sid_Builtin_Administrators);
 
        token->privileges = se_disk_operators;
 
+       for_cache = token;
+
        memcache_add_talloc(
                NULL, SINGLETON_CACHE_TALLOC,
-               data_blob_string_const("root_nt_token"), token);
+               data_blob_string_const_null("root_nt_token"), &for_cache);
 
        return token;
 }
@@ -291,6 +296,7 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid)
 {
        NTSTATUS status;
        DOM_SID dom_admins, root_sid;
+       fstring root_name;
        enum lsa_SidType type;
        TALLOC_CTX *ctx;
        bool ret;
@@ -316,9 +322,9 @@ NTSTATUS create_builtin_administrators(const DOM_SID *dom_sid)
        if ( (ctx = talloc_init("create_builtin_administrators")) == NULL ) {
                return NT_STATUS_NO_MEMORY;
        }
-       ret = lookup_domain_name(ctx, get_global_sam_name(), "root",
-                                LOOKUP_NAME_DOMAIN,
-                                NULL, NULL, &root_sid, &type);
+       fstr_sprintf( root_name, "%s\\root", get_global_sam_name() );
+       ret = lookup_name(ctx, root_name, LOOKUP_NAME_DOMAIN, NULL, NULL,
+                         &root_sid, &type);
        TALLOC_FREE( ctx );
 
        if ( ret ) {