http://bugs.winehq.org/show_bug.cgi?id=21397
Summary: LookupAccountName cannot retrieve a 'groups' SID Product: Wine Version: 1.1.36 Platform: x86 OS/Version: Linux Status: NEW Severity: normal Priority: P2 Component: advapi32 AssignedTo: wine-bugs@winehq.org ReportedBy: us@edmeades.me.uk
Debugging an application I found the cause of the first failure is that the software installs a 'group' (which fails with a fixme). Post install, I created a group (addgroup) but the application calls LookupAccountName to retrieve the SID of that created group.
You can hack around this (if LookupAccountName fails, query the current user and re-call the function to get it's sid) but looking at the function there is complete support missing for anything other than the current user.
Ideally it should call (something like getgrent?) and if it finds a group, map it to a SID somehow (perhaps end the SID with the gid?). It could handle querying other users as well in a similar way (getpwnam?)
JEWMQ
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #1 from Jason Edmeades us@edmeades.me.uk 2010-01-16 18:18:38 --- Created an attachment (id=25761) --> (http://bugs.winehq.org/attachment.cgi?id=25761) Sample source for test app
Sample source calls LookupAccountName with 'localgroup' as requested account and displays some of the returned info. Expect 1 (<anything>) result: 1 4 (from XP)
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #2 from Jason Edmeades us@edmeades.me.uk 2010-01-16 18:19:02 --- Created an attachment (id=25762) --> (http://bugs.winehq.org/attachment.cgi?id=25762) Executable for that source
http://bugs.winehq.org/show_bug.cgi?id=21397
Austin English austinenglish@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |download, testcase
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #3 from Kai Blin kai.blin@gmail.com 2010-01-17 13:16:48 --- We could possibly fake things that way. Or we could simply start using a persistent storage for our user/group database. Using local groups to map windows groups is going to fail once the first app wants to make a group a member of a group. That could be avoided by using winbind to resolve these mappings. Making winbind useful for looking up local users is on my todo list.
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #4 from Jason Edmeades us@edmeades.me.uk 2010-01-17 15:37:29 --- I dont know anything about winbind, but would that help regardless of samba integration / having DC's around? Also, when you say 'users' do you mean both users and groups?
Any thoughts on an acceptable patch for the main tree which could get my scenario working without being too much of a hack for AJ. From my debugging its the only real problem which prevents my application from working, and in fact the application doesnt care what SID it gets back, as long as it gets something back which is a valid SID (ie doesnt fail subsequently in calls to token manipulation routines). My only thought to fas is doing something like getgrent, then if its a valid group copying in the interactive SID would suffice, but its still a little dodgy.
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #5 from Jason Edmeades us@edmeades.me.uk 2010-01-17 15:43:13 --- Created an attachment (id=25778) --> (http://bugs.winehq.org/attachment.cgi?id=25778) Extreme hack to work around the problem for reference
This attachment is a patch which makes any LookupAccountName succeed and pass back a valid SID (that of the interactive user)... Nasty but suffices....
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #6 from Kai Blin kai.blin@gmail.com 2010-01-18 15:23:03 --- (In reply to comment #4)
I dont know anything about winbind, but would that help regardless of samba integration / having DC's around? Also, when you say 'users' do you mean both users and groups?
Yes, that should work. I'll be setting up a test system for this soon. There is an idmap-nss backend which should do what we want provided we allocate the correct SID range. Per spec, S-1-22-1 is reserved for local unix users and S-1-22-2 is reserved for local unix groups.
I'll see if I can come up with a patch that queries winbind for these kind of lookups.
http://bugs.winehq.org/show_bug.cgi?id=21397
--- Comment #7 from Austin English austinenglish@gmail.com 2012-06-24 23:36:44 CDT --- austin@laptop:~$ wine lookup.exe 0 (1332) result: 0 0
still in 1.5.7.
https://bugs.winehq.org/show_bug.cgi?id=21397
Ken Sharp imwellcushtymelike@gmail.com changed:
What |Removed |Added ---------------------------------------------------------------------------- Keywords| |source
--- Comment #8 from Ken Sharp imwellcushtymelike@gmail.com --- No change in Wine 1.7.45
https://bugs.winehq.org/show_bug.cgi?id=21397
winetest@luukku.com changed:
What |Removed |Added ---------------------------------------------------------------------------- CC| |winetest@luukku.com
--- Comment #9 from winetest@luukku.com --- 0 (1332) result: 0 0
wine 2.1 and staging 2.0.
-
wine-bugs@winehq.org