fixed SID resolver bug
This commit is contained in:
Ludwig Lehnert
48
app/init.sh
48
app/init.sh
@@ -64,13 +64,25 @@ derive_netbios_name() {
|
|||||||
|
|
||||||
resolve_sid_to_group() {
|
resolve_sid_to_group() {
|
||||||
local sid="$1"
|
local sid="$1"
|
||||||
|
local gid=""
|
||||||
|
local gid_entry=""
|
||||||
local resolved_name=""
|
local resolved_name=""
|
||||||
local group_name=""
|
|
||||||
local short_name=""
|
|
||||||
local sid_output=""
|
local sid_output=""
|
||||||
|
local candidate=""
|
||||||
|
local lower_candidate=""
|
||||||
|
|
||||||
|
gid="$(wbinfo --sid-to-gid "$sid" 2>/dev/null || true)"
|
||||||
|
if [[ -n "$gid" ]]; then
|
||||||
|
gid_entry="$(getent group "$gid" || true)"
|
||||||
|
if [[ -n "$gid_entry" ]]; then
|
||||||
|
printf '%s\n' "${gid_entry%%:*}"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
fi
|
||||||
|
|
||||||
if sid_output="$(wbinfo --sid-to-fullname "$sid" 2>/dev/null)"; then
|
if sid_output="$(wbinfo --sid-to-fullname "$sid" 2>/dev/null)"; then
|
||||||
resolved_name="${sid_output%%$'\t'*}"
|
resolved_name="${sid_output%%$'\t'*}"
|
||||||
|
resolved_name="$(printf '%s' "$resolved_name" | sed -E 's/[[:space:]]+[0-9]+$//')"
|
||||||
fi
|
fi
|
||||||
|
|
||||||
if [[ -z "$resolved_name" ]] && sid_output="$(wbinfo -s "$sid" 2>/dev/null)"; then
|
if [[ -z "$resolved_name" ]] && sid_output="$(wbinfo -s "$sid" 2>/dev/null)"; then
|
||||||
@@ -82,23 +94,23 @@ resolve_sid_to_group() {
|
|||||||
return 1
|
return 1
|
||||||
fi
|
fi
|
||||||
|
|
||||||
group_name="$resolved_name"
|
for candidate in "$resolved_name" "${resolved_name#*\\}"; do
|
||||||
if getent group "$group_name" >/dev/null 2>&1; then
|
if [[ -z "$candidate" ]]; then
|
||||||
printf '%s\n' "$group_name"
|
continue
|
||||||
return 0
|
fi
|
||||||
fi
|
if getent group "$candidate" >/dev/null 2>&1; then
|
||||||
|
printf '%s\n' "$candidate"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
lower_candidate="${candidate,,}"
|
||||||
|
if [[ "$lower_candidate" != "$candidate" ]] && getent group "$lower_candidate" >/dev/null 2>&1; then
|
||||||
|
printf '%s\n' "$lower_candidate"
|
||||||
|
return 0
|
||||||
|
fi
|
||||||
|
done
|
||||||
|
|
||||||
short_name="$group_name"
|
printf '[init] WARN: SID %s resolved to %s but NSS lookup failed; using raw name.\n' "$sid" "$resolved_name" >&2
|
||||||
if [[ "$short_name" == *\\* ]]; then
|
printf '%s\n' "$resolved_name"
|
||||||
short_name="${short_name#*\\}"
|
|
||||||
fi
|
|
||||||
if [[ -n "$short_name" ]] && getent group "$short_name" >/dev/null 2>&1; then
|
|
||||||
printf '%s\n' "$short_name"
|
|
||||||
return 0
|
|
||||||
fi
|
|
||||||
|
|
||||||
log "SID ${sid} resolved to '${resolved_name}', but NSS group lookup failed; using raw name."
|
|
||||||
printf '%s\n' "$group_name"
|
|
||||||
}
|
}
|
||||||
|
|
||||||
resolve_share_groups_from_sids() {
|
resolve_share_groups_from_sids() {
|
||||||
|
|||||||
Reference in New Issue
Block a user