[Bug 21397] New: LookupAccountName cannot retrieve a 'groups' SID
http://bugs.winehq.org/show_bug.cgi?id=21397 Summary: LookupAccountName cannot retrieve a 'groups' SID Product: Wine Version: 1.1.36 Platform: x86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: advapi32 AssignedTo: wine-bugs(a)winehq.org ReportedBy: us(a)edmeades.me.uk Debugging an application I found the cause of the first failure is that the software installs a 'group' (which fails with a fixme). Post install, I created a group (addgroup) but the application calls LookupAccountName to retrieve the SID of that created group. You can hack around this (if LookupAccountName fails, query the current user and re-call the function to get it's sid) but looking at the function there is complete support missing for anything other than the current user. Ideally it should call (something like getgrent?) and if it finds a group, map it to a SID somehow (perhaps end the SID with the gid?). It could handle querying other users as well in a similar way (getpwnam?) JEWMQ -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #1 from Jason Edmeades <us(a)edmeades.me.uk> 2010-01-16 18:18:38 --- Created an attachment (id=25761) --> (http://bugs.winehq.org/attachment.cgi?id=25761) Sample source for test app Sample source calls LookupAccountName with 'localgroup' as requested account and displays some of the returned info. Expect 1 (<anything>) result: 1 4 (from XP) -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #2 from Jason Edmeades <us(a)edmeades.me.uk> 2010-01-16 18:19:02 --- Created an attachment (id=25762) --> (http://bugs.winehq.org/attachment.cgi?id=25762) Executable for that source -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 Austin English <austinenglish(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, testcase -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #3 from Kai Blin <kai.blin(a)gmail.com> 2010-01-17 13:16:48 --- We could possibly fake things that way. Or we could simply start using a persistent storage for our user/group database. Using local groups to map windows groups is going to fail once the first app wants to make a group a member of a group. That could be avoided by using winbind to resolve these mappings. Making winbind useful for looking up local users is on my todo list. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #4 from Jason Edmeades <us(a)edmeades.me.uk> 2010-01-17 15:37:29 --- I dont know anything about winbind, but would that help regardless of samba integration / having DC's around? Also, when you say 'users' do you mean both users and groups? Any thoughts on an acceptable patch for the main tree which could get my scenario working without being too much of a hack for AJ. From my debugging its the only real problem which prevents my application from working, and in fact the application doesnt care what SID it gets back, as long as it gets something back which is a valid SID (ie doesnt fail subsequently in calls to token manipulation routines). My only thought to fas is doing something like getgrent, then if its a valid group copying in the interactive SID would suffice, but its still a little dodgy. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #5 from Jason Edmeades <us(a)edmeades.me.uk> 2010-01-17 15:43:13 --- Created an attachment (id=25778) --> (http://bugs.winehq.org/attachment.cgi?id=25778) Extreme hack to work around the problem for reference This attachment is a patch which makes any LookupAccountName succeed and pass back a valid SID (that of the interactive user)... Nasty but suffices.... -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #6 from Kai Blin <kai.blin(a)gmail.com> 2010-01-18 15:23:03 --- (In reply to comment #4)
I dont know anything about winbind, but would that help regardless of samba integration / having DC's around? Also, when you say 'users' do you mean both users and groups?
Yes, that should work. I'll be setting up a test system for this soon. There is an idmap-nss backend which should do what we want provided we allocate the correct SID range. Per spec, S-1-22-1 is reserved for local unix users and S-1-22-2 is reserved for local unix groups. I'll see if I can come up with a patch that queries winbind for these kind of lookups. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
http://bugs.winehq.org/show_bug.cgi?id=21397 --- Comment #7 from Austin English <austinenglish(a)gmail.com> 2012-06-24 23:36:44 CDT --- austin(a)laptop:~$ wine lookup.exe 0 (1332) result: 0 0 still in 1.5.7. -- Configure bugmail: http://bugs.winehq.org/userprefs.cgi?tab=email Do not reply to this email, post in Bugzilla using the above URL to reply. ------- You are receiving this mail because: ------- You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=21397 Ken Sharp <imwellcushtymelike(a)gmail.com> changed: What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source --- Comment #8 from Ken Sharp <imwellcushtymelike(a)gmail.com> --- No change in Wine 1.7.45 -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
https://bugs.winehq.org/show_bug.cgi?id=21397 winetest(a)luukku.com changed: What |Removed |Added ---------------------------------------------------------------------------- CC| |winetest(a)luukku.com --- Comment #9 from winetest(a)luukku.com --- 0 (1332) result: 0 0 wine 2.1 and staging 2.0. -- Do not reply to this email, post in Bugzilla using the above URL to reply. You are receiving this mail because: You are watching all bug changes.
participants (1)
-
wine-bugs@winehq.org