Move to common user token debugging, and ensure we always print both the

NT_TOKEN and the unix credentials - as we incresingly use the NT stuff we want
to make it easy to check they don't get out of wack.

Andrew Bartlett

diff --git a/source/auth/auth_util.c b/source/auth/auth_util.c
index c2d92a985ff4d5a35f448e2c5949d060378c36e3..ce5fd32337b0891217130c1083c1f5b31ed8f1b1 100644 (file)
--- a/source/auth/auth_util.c
+++ b/source/auth/auth_util.c
@@ -478,12 +478,32 @@ void debug_nt_user_token(int dbg_class, int dbg_lev, NT_USER_TOKEN *token)
        fstring sid_str;
        int     i;
        
+       if (!token) {
+               DEBUGC(dbg_class, dbg_lev, ("NT user token: (NULL)\n"));
+               return;
+       }
+       
        DEBUGC(dbg_class, dbg_lev, ("NT user token of user %s\n",
-               sid_to_string(sid_str, &token->user_sids[0]) ));
+                                   sid_to_string(sid_str, &token->user_sids[0]) ));
        DEBUGADDC(dbg_class, dbg_lev, ("contains %i SIDs\n", token->num_sids));
        for (i = 0; i < token->num_sids; i++)
                DEBUGADDC(dbg_class, dbg_lev, ("SID[%3i]: %s\n", i, 
-                       sid_to_string(sid_str, &token->user_sids[i])));
+                                              sid_to_string(sid_str, &token->user_sids[i])));
+}
+
+/****************************************************************************
+ prints a UNIX 'token' to debug output.
+****************************************************************************/
+
+void debug_unix_user_token(int dbg_class, int dbg_lev, uid_t uid, gid_t gid, int n_groups, gid_t *groups)
+{
+       int     i;
+       DEBUGC(dbg_class, dbg_lev, ("UNIX token of user %ld\n", (long int)uid));
+
+       DEBUGADDC(dbg_class, dbg_lev, ("Primary group is %ld and contains %i supplementary groups\n", (long int)gid, n_groups));
+       for (i = 0; i < n_groups; i++)
+               DEBUGADDC(dbg_class, dbg_lev, ("Group[%3i]: %ld\n", i, 
+                       (long int)groups[i]));
 }
 
 /****************************************************************************
@@ -668,12 +688,10 @@ static NTSTATUS get_user_groups_from_local_sam(const DOM_SID *user_sid,
                }
        }
 
+       debug_unix_user_token(DBGC_CLASS, 5, usr->pw_uid, usr->pw_gid, n_unix_groups, *unix_groups);
+
        passwd_free(&usr);
        
-       DEBUG(5,("get_user_groups_from_local_sam: user is in the unix following groups\n"));
-       for (i = 0; i < n_unix_groups; i++)
-               DEBUGADD(5,("supplementary group gid:%ld\n",(long int)(*unix_groups)[i]));
-
        if (n_unix_groups > 0) {
                *groups   = malloc(sizeof(DOM_SID) * n_unix_groups);
                if (!*groups) {

diff --git a/source/smbd/sec_ctx.c b/source/smbd/sec_ctx.c
index bdcdce6e14509225d4625774d1c46a83d053b18c..411ece52495c5f80b615147ad7fba289c0a1829b 100644 (file)
--- a/source/smbd/sec_ctx.c
+++ b/source/smbd/sec_ctx.c
@@ -287,17 +287,8 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN
        DEBUG(3, ("setting sec ctx (%u, %u) - sec_ctx_stack_ndx = %d\n", 
                (unsigned int)uid, (unsigned int)gid, sec_ctx_stack_ndx));
 
-       if (ngroups) {
-               int i;
-
-               DEBUG(3, ("%d user groups: \n", ngroups));
-               for (i = 0; i < ngroups; i++) {
-                       DEBUGADD(3, ("%u ", (unsigned int)groups[i]));
-               }
-
-               DEBUG(3, ("\n"));
-       }
-       
+       debug_nt_user_token(DBGC_CLASS, 5, token);
+       debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
 
        gain_root();