mirror of
https://github.com/samba-team/samba.git
synced 2024-12-22 13:34:15 +03:00
Update smbrun to allow for settings environment variables.
Signed-off-by: Trever L. Adams <trever.adams@gmail.com> Reviewed-by: David Disseldorp <ddiss@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org> Autobuild-User(master): Jeremy Allison <jra@samba.org> Autobuild-Date(master): Thu Oct 13 04:26:26 CEST 2016 on sn-devel-144
This commit is contained in:
parent
2a245512b8
commit
7accec7f78
@ -78,7 +78,7 @@ static int _smb_create_user(const char *domain, const char *unix_username, const
|
||||
return -1;
|
||||
}
|
||||
}
|
||||
ret = smbrun(add_script,NULL);
|
||||
ret = smbrun(add_script, NULL, NULL);
|
||||
flush_pwnam_cache();
|
||||
DEBUG(ret ? 0 : 3,
|
||||
("smb_create_user: Running the command `%s' gave %d\n",
|
||||
@ -434,7 +434,7 @@ static NTSTATUS log_nt_token(struct security_token *token)
|
||||
}
|
||||
|
||||
DEBUG(8, ("running command: [%s]\n", command));
|
||||
if (smbrun(command, NULL) != 0) {
|
||||
if (smbrun(command, NULL, NULL) != 0) {
|
||||
DEBUG(0, ("Could not log NT token\n"));
|
||||
TALLOC_FREE(frame);
|
||||
return NT_STATUS_ACCESS_DENIED;
|
||||
|
@ -315,7 +315,7 @@ bool map_username(TALLOC_CTX *ctx, const char *user_in, char **p_user_out)
|
||||
}
|
||||
|
||||
DEBUG(10,("Running [%s]\n", command));
|
||||
ret = smbrun(command, &fd);
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
DEBUGADD(10,("returned [%d]\n", ret));
|
||||
|
||||
TALLOC_FREE(command);
|
||||
|
@ -227,7 +227,7 @@ int smb_create_group(const char *unix_group, gid_t *new_gid)
|
||||
return -1;
|
||||
}
|
||||
|
||||
ret = smbrun(add_script, &fd);
|
||||
ret = smbrun(add_script, &fd, NULL);
|
||||
DEBUG(ret ? 0 : 3,("smb_create_group: Running the command `%s' gave %d\n",add_script,ret));
|
||||
if (ret == 0) {
|
||||
smb_nscd_flush_group_cache();
|
||||
@ -282,7 +282,7 @@ int smb_delete_group(const char *unix_group)
|
||||
if (!del_script) {
|
||||
return -1;
|
||||
}
|
||||
ret = smbrun(del_script,NULL);
|
||||
ret = smbrun(del_script, NULL, NULL);
|
||||
DEBUG(ret ? 0 : 3,("smb_delete_group: Running the command `%s' gave %d\n",del_script,ret));
|
||||
if (ret == 0) {
|
||||
smb_nscd_flush_group_cache();
|
||||
@ -322,7 +322,7 @@ int smb_set_primary_group(const char *unix_group, const char* unix_user)
|
||||
if (!add_script) {
|
||||
return -1;
|
||||
}
|
||||
ret = smbrun(add_script,NULL);
|
||||
ret = smbrun(add_script, NULL, NULL);
|
||||
flush_pwnam_cache();
|
||||
DEBUG(ret ? 0 : 3,("smb_set_primary_group: "
|
||||
"Running the command `%s' gave %d\n",add_script,ret));
|
||||
@ -364,7 +364,7 @@ int smb_add_user_group(const char *unix_group, const char *unix_user)
|
||||
if (!add_script) {
|
||||
return -1;
|
||||
}
|
||||
ret = smbrun(add_script,NULL);
|
||||
ret = smbrun(add_script, NULL, NULL);
|
||||
DEBUG(ret ? 0 : 3,("smb_add_user_group: Running the command `%s' gave %d\n",add_script,ret));
|
||||
if (ret == 0) {
|
||||
smb_nscd_flush_group_cache();
|
||||
@ -404,7 +404,7 @@ int smb_delete_user_group(const char *unix_group, const char *unix_user)
|
||||
if (!del_script) {
|
||||
return -1;
|
||||
}
|
||||
ret = smbrun(del_script,NULL);
|
||||
ret = smbrun(del_script, NULL, NULL);
|
||||
DEBUG(ret ? 0 : 3,("smb_delete_user_group: Running the command `%s' gave %d\n",del_script,ret));
|
||||
if (ret == 0) {
|
||||
smb_nscd_flush_group_cache();
|
||||
|
@ -162,8 +162,8 @@ bool parse_usershare_acl(TALLOC_CTX *ctx, const char *acl_str, struct security_d
|
||||
|
||||
/* The following definitions come from lib/smbrun.c */
|
||||
|
||||
int smbrun_no_sanitize(const char *cmd, int *outfd);
|
||||
int smbrun(const char *cmd, int *outfd);
|
||||
int smbrun_no_sanitize(const char *cmd, int *outfd, char * const *env);
|
||||
int smbrun(const char *cmd, int *outfd, char * const *env);
|
||||
int smbrunsecret(const char *cmd, const char *secret);
|
||||
|
||||
/* The following definitions come from lib/sock_exec.c */
|
||||
|
@ -68,7 +68,8 @@ run a command being careful about uid/gid handling and putting the output in
|
||||
outfd (or discard it if outfd is NULL).
|
||||
****************************************************************************/
|
||||
|
||||
static int smbrun_internal(const char *cmd, int *outfd, bool sanitize)
|
||||
static int smbrun_internal(const char *cmd, int *outfd, bool sanitize,
|
||||
char * const *env)
|
||||
{
|
||||
pid_t pid;
|
||||
uid_t uid = current_user.ut.uid;
|
||||
@ -197,8 +198,14 @@ static int smbrun_internal(const char *cmd, int *outfd, bool sanitize)
|
||||
exit(82);
|
||||
}
|
||||
|
||||
if (env != NULL) {
|
||||
execle("/bin/sh","sh","-c",
|
||||
newcmd ? (const char *)newcmd : cmd, NULL,
|
||||
env);
|
||||
} else {
|
||||
execl("/bin/sh","sh","-c",
|
||||
newcmd ? (const char *)newcmd : cmd, NULL);
|
||||
}
|
||||
|
||||
SAFE_FREE(newcmd);
|
||||
}
|
||||
@ -212,18 +219,18 @@ static int smbrun_internal(const char *cmd, int *outfd, bool sanitize)
|
||||
Use only in known safe shell calls (printing).
|
||||
****************************************************************************/
|
||||
|
||||
int smbrun_no_sanitize(const char *cmd, int *outfd)
|
||||
int smbrun_no_sanitize(const char *cmd, int *outfd, char * const *env)
|
||||
{
|
||||
return smbrun_internal(cmd, outfd, False);
|
||||
return smbrun_internal(cmd, outfd, false, env);
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
By default this now sanitizes shell expansion.
|
||||
****************************************************************************/
|
||||
|
||||
int smbrun(const char *cmd, int *outfd)
|
||||
int smbrun(const char *cmd, int *outfd, char * const *env)
|
||||
{
|
||||
return smbrun_internal(cmd, outfd, True);
|
||||
return smbrun_internal(cmd, outfd, true, env);
|
||||
}
|
||||
|
||||
/****************************************************************************
|
||||
|
@ -693,7 +693,7 @@ static NTSTATUS smb_create_user(TALLOC_CTX *mem_ctx,
|
||||
if (!add_script) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
add_ret = smbrun(add_script, NULL);
|
||||
add_ret = smbrun(add_script, NULL, NULL);
|
||||
DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' "
|
||||
"gave %d\n", add_script, add_ret));
|
||||
if (add_ret == 0) {
|
||||
|
@ -276,7 +276,7 @@ static NTSTATUS smb_create_user(TALLOC_CTX *mem_ctx,
|
||||
if (!add_script) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
add_ret = smbrun(add_script, NULL);
|
||||
add_ret = smbrun(add_script, NULL, NULL);
|
||||
DEBUG(add_ret ? 0 : 1,("fetch_account: Running the command `%s' "
|
||||
"gave %d\n", add_script, add_ret));
|
||||
if (add_ret == 0) {
|
||||
|
@ -59,7 +59,7 @@ static NTSTATUS shell_snap_check_path(struct vfs_handle_struct *handle,
|
||||
goto err_tmp_free;
|
||||
}
|
||||
|
||||
ret = smbrun(cmd_run, NULL);
|
||||
ret = smbrun(cmd_run, NULL, NULL);
|
||||
if (ret != 0) {
|
||||
DEBUG(0, ("%s failed with %d\n", cmd_run, ret));
|
||||
status = NT_STATUS_NOT_SUPPORTED;
|
||||
@ -116,7 +116,7 @@ static NTSTATUS shell_snap_create(struct vfs_handle_struct *handle,
|
||||
goto err_tmp_free;
|
||||
}
|
||||
|
||||
ret = smbrun(cmd_run, &fd);
|
||||
ret = smbrun(cmd_run, &fd, NULL);
|
||||
talloc_free(cmd_run);
|
||||
if (ret != 0) {
|
||||
if (fd != -1) {
|
||||
@ -178,7 +178,7 @@ static NTSTATUS shell_snap_delete(struct vfs_handle_struct *handle,
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
|
||||
ret = smbrun(cmd_run, NULL);
|
||||
ret = smbrun(cmd_run, NULL, NULL);
|
||||
talloc_free(cmd_run);
|
||||
if (ret != 0) {
|
||||
return NT_STATUS_UNSUCCESSFUL;
|
||||
|
@ -521,7 +521,8 @@ static NTSTATUS tsmsm_set_offline(struct vfs_handle_struct *handle,
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
DEBUG(10, ("tsmsm_set_offline: Running [%s]\n", command));
|
||||
if((result = smbrun(command, NULL)) != 0) {
|
||||
result = smbrun(command, NULL, NULL)
|
||||
if(result != 0) {
|
||||
DEBUG(1,("tsmsm_set_offline: Running [%s] returned %d\n", command, result));
|
||||
TALLOC_FREE(command);
|
||||
return NT_STATUS_INTERNAL_ERROR;
|
||||
|
@ -501,7 +501,7 @@ static void wins_hook(const char *operation, struct name_record *namerec, int tt
|
||||
}
|
||||
|
||||
DEBUG(3,("calling wins hook for %s\n", nmb_namestr(&namerec->name)));
|
||||
smbrun(command, NULL);
|
||||
smbrun(command, NULL, NULL);
|
||||
TALLOC_FREE(command);
|
||||
}
|
||||
|
||||
|
@ -485,7 +485,7 @@ static NTSTATUS pdb_default_create_user(struct pdb_methods *methods,
|
||||
if (!add_script) {
|
||||
return NT_STATUS_NO_MEMORY;
|
||||
}
|
||||
add_ret = smbrun(add_script,NULL);
|
||||
add_ret = smbrun(add_script, NULL, NULL);
|
||||
DEBUG(add_ret ? 0 : 3, ("_samr_create_user: Running the command `%s' gave %d\n",
|
||||
add_script, add_ret));
|
||||
if (add_ret == 0) {
|
||||
@ -570,7 +570,7 @@ static int smb_delete_user(const char *unix_user)
|
||||
if (!del_script) {
|
||||
return -1;
|
||||
}
|
||||
ret = smbrun(del_script,NULL);
|
||||
ret = smbrun(del_script, NULL, NULL);
|
||||
flush_pwnam_cache();
|
||||
if (ret == 0) {
|
||||
smb_nscd_flush_user_cache();
|
||||
|
@ -2013,7 +2013,7 @@ static NTSTATUS ldapsam_rename_sam_account(struct pdb_methods *my_methods,
|
||||
oldname_lower,
|
||||
true,
|
||||
true);
|
||||
rc = smbrun(rename_script, NULL);
|
||||
rc = smbrun(rename_script, NULL, NULL);
|
||||
|
||||
DEBUG(rc ? 0 : 3,("Running the command `%s' gave %d\n",
|
||||
rename_script, rc));
|
||||
|
@ -1501,7 +1501,7 @@ static NTSTATUS smbpasswd_rename_sam_account (struct pdb_methods *my_methods,
|
||||
goto done;
|
||||
}
|
||||
|
||||
rename_ret = smbrun(rename_script, NULL);
|
||||
rename_ret = smbrun(rename_script, NULL, NULL);
|
||||
|
||||
DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n", rename_script, rename_ret));
|
||||
|
||||
|
@ -1083,7 +1083,7 @@ static NTSTATUS tdbsam_rename_sam_account(struct pdb_methods *my_methods,
|
||||
if (!rename_script) {
|
||||
goto cancel;
|
||||
}
|
||||
rename_ret = smbrun(rename_script, NULL);
|
||||
rename_ret = smbrun(rename_script, NULL, NULL);
|
||||
|
||||
DEBUG(rename_ret ? 0 : 3,("Running the command `%s' gave %d\n",
|
||||
rename_script, rename_ret));
|
||||
|
@ -85,7 +85,7 @@ static int print_run_command(int snum, const char* printername, bool do_sub,
|
||||
}
|
||||
}
|
||||
|
||||
ret = smbrun_no_sanitize(syscmd,outfd);
|
||||
ret = smbrun_no_sanitize(syscmd, outfd, NULL);
|
||||
|
||||
DEBUG(3,("Running the command `%s' gave %d\n",syscmd,ret));
|
||||
|
||||
|
@ -401,7 +401,8 @@ static WERROR delete_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
|
||||
if ( is_print_op )
|
||||
become_root();
|
||||
|
||||
if ( (ret = smbrun(command, NULL)) == 0 ) {
|
||||
ret = smbrun(command, NULL, NULL);
|
||||
if (ret == 0) {
|
||||
/* Tell everyone we updated smb.conf. */
|
||||
message_send_all(msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0, NULL);
|
||||
}
|
||||
@ -6317,7 +6318,7 @@ static WERROR add_port_hook(TALLOC_CTX *ctx, struct security_token *token, const
|
||||
if ( is_print_op )
|
||||
become_root();
|
||||
|
||||
ret = smbrun(command, NULL);
|
||||
ret = smbrun(command, NULL, NULL);
|
||||
|
||||
if ( is_print_op )
|
||||
unbecome_root();
|
||||
@ -6384,7 +6385,8 @@ static bool add_printer_hook(TALLOC_CTX *ctx, struct security_token *token,
|
||||
if ( is_print_op )
|
||||
become_root();
|
||||
|
||||
if ( (ret = smbrun(command, &fd)) == 0 ) {
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
if (ret == 0) {
|
||||
/* Tell everyone we updated smb.conf. */
|
||||
message_send_all(msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0, NULL);
|
||||
}
|
||||
@ -8142,7 +8144,7 @@ static WERROR enumports_hook(TALLOC_CTX *ctx, int *count, char ***lines)
|
||||
}
|
||||
|
||||
DEBUG(10,("Running [%s]\n", command));
|
||||
ret = smbrun(command, &fd);
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
DEBUG(10,("Returned [%d]\n", ret));
|
||||
TALLOC_FREE(command);
|
||||
if (ret != 0) {
|
||||
|
@ -1904,7 +1904,8 @@ WERROR _srvsvc_NetShareSetInfo(struct pipes_struct *p,
|
||||
if (is_disk_op)
|
||||
become_root();
|
||||
|
||||
if ( (ret = smbrun(command, NULL)) == 0 ) {
|
||||
ret = smbrun(command, NULL, NULL);
|
||||
if (ret == 0) {
|
||||
/* Tell everyone we updated smb.conf. */
|
||||
message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED,
|
||||
NULL, 0, NULL);
|
||||
@ -2106,7 +2107,8 @@ WERROR _srvsvc_NetShareAdd(struct pipes_struct *p,
|
||||
|
||||
/* FIXME: use libnetconf here - gd */
|
||||
|
||||
if ( (ret = smbrun(command, NULL)) == 0 ) {
|
||||
ret = smbrun(command, NULL, NULL);
|
||||
if (ret == 0) {
|
||||
/* Tell everyone we updated smb.conf. */
|
||||
message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0,
|
||||
NULL);
|
||||
@ -2213,7 +2215,8 @@ WERROR _srvsvc_NetShareDel(struct pipes_struct *p,
|
||||
if ( is_disk_op )
|
||||
become_root();
|
||||
|
||||
if ( (ret = smbrun(command, NULL)) == 0 ) {
|
||||
ret = smbrun(command, NULL, NULL);
|
||||
if (ret == 0) {
|
||||
/* Tell everyone we updated smb.conf. */
|
||||
message_send_all(p->msg_ctx, MSG_SMB_CONF_UPDATED, NULL, 0,
|
||||
NULL);
|
||||
|
@ -592,7 +592,7 @@ WERROR _winreg_InitiateSystemShutdownEx(struct pipes_struct *p,
|
||||
if ( can_shutdown )
|
||||
become_root();
|
||||
|
||||
ret = smbrun( shutdown_script, NULL );
|
||||
ret = smbrun(shutdown_script, NULL, NULL);
|
||||
|
||||
if ( can_shutdown )
|
||||
unbecome_root();
|
||||
@ -626,7 +626,7 @@ WERROR _winreg_AbortSystemShutdown(struct pipes_struct *p,
|
||||
if ( can_shutdown )
|
||||
become_root();
|
||||
|
||||
ret = smbrun( abort_shutdown_script, NULL );
|
||||
ret = smbrun(abort_shutdown_script, NULL, NULL);
|
||||
|
||||
if ( can_shutdown )
|
||||
unbecome_root();
|
||||
|
@ -36,7 +36,7 @@ static WERROR rcinit_stop( const char *service, struct SERVICE_STATUS *status )
|
||||
/* we've already performed the access check when the service was opened */
|
||||
|
||||
become_root();
|
||||
ret = smbrun( command , &fd );
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
unbecome_root();
|
||||
|
||||
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
|
||||
@ -70,7 +70,7 @@ static WERROR rcinit_start( const char *service )
|
||||
/* we've already performed the access check when the service was opened */
|
||||
|
||||
become_root();
|
||||
ret = smbrun( command , &fd );
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
unbecome_root();
|
||||
|
||||
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
|
||||
@ -99,7 +99,7 @@ static WERROR rcinit_status( const char *service, struct SERVICE_STATUS *status
|
||||
is STOPPED */
|
||||
|
||||
become_root();
|
||||
ret = smbrun( command , &fd );
|
||||
ret = smbrun(command, &fd, NULL);
|
||||
unbecome_root();
|
||||
|
||||
DEBUGADD(5, ("rcinit_start: [%s] returned [%d]\n", command, ret));
|
||||
|
@ -91,7 +91,7 @@ static NTSTATUS check_magic(struct files_struct *fsp)
|
||||
status = map_nt_error_from_unix(errno);
|
||||
goto out;
|
||||
}
|
||||
ret = smbrun(p,&tmp_fd);
|
||||
ret = smbrun(p, &tmp_fd, NULL);
|
||||
DEBUG(3,("Invoking magic command %s gave %d\n",
|
||||
p,ret));
|
||||
|
||||
|
@ -129,7 +129,7 @@ static void msg_deliver(struct msg_state *state)
|
||||
if (s == NULL) {
|
||||
goto done;
|
||||
}
|
||||
smbrun(s,NULL);
|
||||
smbrun(s, NULL, NULL);
|
||||
|
||||
done:
|
||||
TALLOC_FREE(frame);
|
||||
|
@ -764,7 +764,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
|
||||
conn->session_info->info->domain_name,
|
||||
lp_root_preexec(talloc_tos(), snum));
|
||||
DEBUG(5,("cmd=%s\n",cmd));
|
||||
ret = smbrun(cmd,NULL);
|
||||
ret = smbrun(cmd, NULL, NULL);
|
||||
TALLOC_FREE(cmd);
|
||||
if (ret != 0 && lp_root_preexec_close(snum)) {
|
||||
DEBUG(1,("root preexec gave %d - failing "
|
||||
@ -801,7 +801,7 @@ static NTSTATUS make_connection_snum(struct smbXsrv_connection *xconn,
|
||||
conn->session_info->unix_info->sanitized_username,
|
||||
conn->session_info->info->domain_name,
|
||||
lp_preexec(talloc_tos(), snum));
|
||||
ret = smbrun(cmd,NULL);
|
||||
ret = smbrun(cmd, NULL, NULL);
|
||||
TALLOC_FREE(cmd);
|
||||
if (ret != 0 && lp_preexec_close(snum)) {
|
||||
DEBUG(1,("preexec gave %d - failing connection\n",
|
||||
@ -1199,7 +1199,7 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
|
||||
conn->session_info->unix_info->sanitized_username,
|
||||
conn->session_info->info->domain_name,
|
||||
lp_postexec(talloc_tos(), SNUM(conn)));
|
||||
smbrun(cmd,NULL);
|
||||
smbrun(cmd, NULL, NULL);
|
||||
TALLOC_FREE(cmd);
|
||||
change_to_root_user();
|
||||
}
|
||||
@ -1215,7 +1215,7 @@ void close_cnum(connection_struct *conn, uint64_t vuid)
|
||||
conn->session_info->unix_info->sanitized_username,
|
||||
conn->session_info->info->domain_name,
|
||||
lp_root_postexec(talloc_tos(), SNUM(conn)));
|
||||
smbrun(cmd,NULL);
|
||||
smbrun(cmd, NULL, NULL);
|
||||
TALLOC_FREE(cmd);
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user