From 8cfc6ea92320be4ef26b91fce58fd76bfc7b95eb Mon Sep 17 00:00:00 2001
From: Volker Lendecke <vl@samba.org>
Date: Tue, 19 Dec 2023 10:30:58 +0100
Subject: [PATCH] Revert "rpc_server:srvsvc - retrieve share ACL via root
 context"

This reverts commit 80c0b416892bfacc0d919fe032461748d7962f05.

With the previous patch it is no longer required. We open
share_info.tdb as root when starting up rpcd_classic and keep it open.

Commit 80c0b416892bfacc0d919fe032461748d7962f05 only fixed the
problem in one place, but we had it in a lot more places...

Bug: https://bugzilla.samba.org/show_bug.cgi?id=15265
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>

Autobuild-User(master): Stefan Metzmacher <metze@samba.org>
Autobuild-Date(master): Wed Dec 20 11:20:51 UTC 2023 on atb-devel-224
---
 source3/rpc_server/srvsvc/srv_srvsvc_nt.c | 17 +++--------------
 1 file changed, 3 insertions(+), 14 deletions(-)

diff --git a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
index d6e7bed5949..29d224c427d 100644
--- a/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srvsvc/srv_srvsvc_nt.c
@@ -542,7 +542,6 @@ static bool is_hidden_share(int snum)
 static bool is_enumeration_allowed(struct pipes_struct *p,
                                    int snum)
 {
-	bool allowed;
 	struct dcesrv_call_state *dce_call = p->dce_call;
 	struct auth_session_info *session_info =
 		dcesrv_call_session_info(dce_call);
@@ -559,19 +558,9 @@ static bool is_enumeration_allowed(struct pipes_struct *p,
 		return false;
 	}
 
-
-	/*
-	 * share_access_check() must be opened as root
-	 * because it ultimately gets a R/W db handle on share_info.tdb
-	 * which has 0o600 permissions
-	 */
-	become_root();
-	allowed = share_access_check(session_info->security_token,
-				     lp_servicename(talloc_tos(), lp_sub, snum),
-				     FILE_READ_DATA, NULL);
-	unbecome_root();
-
-	return allowed;
+	return share_access_check(session_info->security_token,
+				  lp_servicename(talloc_tos(), lp_sub, snum),
+				  FILE_READ_DATA, NULL);
 }
 
 /****************************************************************************