mirror of
https://github.com/samba-team/samba.git
synced 2025-07-22 16:59:09 +03:00
smbd: remove "only user" and "username" parameters
These have long been superseded by "valid users" Signed-off-by: Uri Simchoni <uri@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Uri Simchoni
committed by
Jeremy Allison
Jeremy Allison
parent
dc3e224408
commit
b51add1f3b
@ -1,22 +0,0 @@
|
||||
<samba:parameter name="only user"
|
||||
type="boolean"
|
||||
context="S"
|
||||
deprecated="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<description>
|
||||
<para>To restrict a service to a particular set of users you
|
||||
can use the <smbconfoption name="valid users"/> parameter.</para>
|
||||
|
||||
<para>This parameter is deprecated</para>
|
||||
|
||||
<para>However, it currently operates only in conjunction with
|
||||
<smbconfoption name="username"/>. The supported way to restrict
|
||||
a service to a particular set of users is the
|
||||
<smbconfoption name="valid users"/> parameter.</para>
|
||||
|
||||
</description>
|
||||
|
||||
<related>user</related>
|
||||
|
||||
<value type="default">no</value>
|
||||
</samba:parameter>
|
||||
@ -1,25 +0,0 @@
|
||||
<samba:parameter name="username"
|
||||
context="S"
|
||||
type="string"
|
||||
deprecated="1"
|
||||
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
|
||||
<synonym>user</synonym>
|
||||
<synonym>users</synonym>
|
||||
<description>
|
||||
<para>To restrict a service to a particular set of users you
|
||||
can use the <smbconfoption name="valid users"/> parameter.</para>
|
||||
|
||||
<para>This parameter is deprecated</para>
|
||||
|
||||
<para>However, it currently operates only in conjunction with
|
||||
<smbconfoption name="only user"/>. The supported way to restrict
|
||||
a service to a particular set of users is the
|
||||
<smbconfoption name="valid users"/> parameter.</para>
|
||||
|
||||
</description>
|
||||
|
||||
<value type="default"><comment>The guest account if a guest service,
|
||||
else <empty string>.</comment></value>
|
||||
|
||||
<value type="example">fred, mary, jack, jane, @users, @pcgroup</value>
|
||||
</samba:parameter>
|
||||
@ -118,7 +118,6 @@ static struct loadparm_service sDefault =
|
||||
.usershare_last_mod = {0, 0},
|
||||
.szService = NULL,
|
||||
.path = NULL,
|
||||
.username = NULL,
|
||||
.invalid_users = NULL,
|
||||
.valid_users = NULL,
|
||||
.admin_users = NULL,
|
||||
@ -202,7 +201,6 @@ static struct loadparm_service sDefault =
|
||||
.oplocks = true,
|
||||
.kernel_oplocks = false,
|
||||
.level2_oplocks = true,
|
||||
.only_user = false,
|
||||
.mangled_names = true,
|
||||
.wide_links = false,
|
||||
.follow_symlinks = true,
|
||||
@ -1571,7 +1569,6 @@ static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
|
||||
}
|
||||
|
||||
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
|
||||
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
|
||||
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
|
||||
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
|
||||
ServicePtrs[i]->max_connections = 0;
|
||||
|
||||
@ -183,7 +183,7 @@ bool token_contains_name_in_list(const char *username,
|
||||
/*
|
||||
* Check whether the user described by "token" has access to share snum.
|
||||
*
|
||||
* This looks at "invalid users", "valid users" and "only user/username"
|
||||
* This looks at "invalid users" and "valid users".
|
||||
*
|
||||
* Please note that the user name and share names passed in here mainly for
|
||||
* the substitution routines that expand the parameter values, the decision
|
||||
@ -217,22 +217,6 @@ bool user_ok_token(const char *username, const char *domain,
|
||||
}
|
||||
}
|
||||
|
||||
if (lp_only_user(snum)) {
|
||||
const char *list[2];
|
||||
list[0] = lp_username(talloc_tos(), snum);
|
||||
list[1] = NULL;
|
||||
if ((list[0] == NULL) || (*list[0] == '\0')) {
|
||||
DEBUG(0, ("'only user = yes' and no 'username ='\n"));
|
||||
return False;
|
||||
}
|
||||
if (!token_contains_name_in_list(NULL, domain,
|
||||
lp_servicename(talloc_tos(), snum),
|
||||
token, list)) {
|
||||
DEBUG(10, ("%s != 'username'\n", username));
|
||||
return False;
|
||||
}
|
||||
}
|
||||
|
||||
DEBUG(10, ("user_ok_token: share %s is ok for unix user %s\n",
|
||||
lp_servicename(talloc_tos(), snum), username));
|
||||
|
||||
@ -243,7 +227,7 @@ bool user_ok_token(const char *username, const char *domain,
|
||||
* Check whether the user described by "token" is restricted to read-only
|
||||
* access on share snum.
|
||||
*
|
||||
* This looks at "invalid users", "valid users" and "only user/username"
|
||||
* This looks at "read list", "write list" and "read only".
|
||||
*
|
||||
* Please note that the user name and share names passed in here mainly for
|
||||
* the substitution routines that expand the parameter values, the decision
|
||||
|
||||
Reference in New Issue
Block a user