sin/samba-mirror
1
0
Fork 0
mirror of https://github.com/samba-team/samba.git synced 2025-08-04 08:22:08 +03:00
Code Activity

smbd: remove "only user" and "username" parameters

Browse Source 
These have long been superseded by "valid users"

Signed-off-by: Uri Simchoni <uri@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
This commit is contained in:
Uri Simchoni
2016-04-06 08:50:27 +03:00
committed by Jeremy Allison
parent dc3e224408
commit b51add1f3b
4 changed files with 2 additions and 68 deletions
Download Patch File Download Diff File Expand all files Collapse all files

22
docs-xml/smbdotconf/security/onlyuser.xml
View File

@ -1,22 +0,0 @@
<samba:parameter name="only user"
type="boolean"
context="S"
deprecated="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
<para>To restrict a service to a particular set of users you
can use the <smbconfoption name="valid users"/> parameter.</para>
<para>This parameter is deprecated</para>
<para>However, it currently operates only in conjunction with
<smbconfoption name="username"/>. The supported way to restrict
a service to a particular set of users is the
<smbconfoption name="valid users"/> parameter.</para>
</description>
<related>user</related>
<value type="default">no</value>
</samba:parameter>

25
docs-xml/smbdotconf/security/username.xml
View File

@ -1,25 +0,0 @@
<samba:parameter name="username"
context="S"
type="string"
deprecated="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>user</synonym>
<synonym>users</synonym>
<description>
<para>To restrict a service to a particular set of users you
can use the <smbconfoption name="valid users"/> parameter.</para>
<para>This parameter is deprecated</para>
<para>However, it currently operates only in conjunction with
<smbconfoption name="only user"/>. The supported way to restrict
a service to a particular set of users is the
<smbconfoption name="valid users"/> parameter.</para>
</description>
<value type="default"><comment>The guest account if a guest service,
else &lt;empty string&gt;.</comment></value>
<value type="example">fred, mary, jack, jane, @users, @pcgroup</value>
</samba:parameter>

3
source3/param/loadparm.c
View File

@ -118,7 +118,6 @@ static struct loadparm_service sDefault =
.usershare_last_mod = {0, 0}, .usershare_last_mod = {0, 0},
.szService = NULL, .szService = NULL,
.path = NULL, .path = NULL,
.username = NULL,
.invalid_users = NULL, .invalid_users = NULL,
.valid_users = NULL, .valid_users = NULL,
.admin_users = NULL, .admin_users = NULL,
@ -202,7 +201,6 @@ static struct loadparm_service sDefault =
.oplocks = true, .oplocks = true,
.kernel_oplocks = false, .kernel_oplocks = false,
.level2_oplocks = true, .level2_oplocks = true,
.only_user = false,
.mangled_names = true, .mangled_names = true,
.wide_links = false, .wide_links = false,
.follow_symlinks = true, .follow_symlinks = true,
@ -1571,7 +1569,6 @@ static bool lp_add_ipc(const char *ipc_name, bool guest_ok)
} }
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir()); lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->path, tmpdir());
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->username, "");
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment); lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->comment, comment);
lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC"); lpcfg_string_set(ServicePtrs[i], &ServicePtrs[i]->fstype, "IPC");
ServicePtrs[i]->max_connections = 0; ServicePtrs[i]->max_connections = 0;

20
source3/smbd/share_access.c
View File

@ -183,7 +183,7 @@ bool token_contains_name_in_list(const char *username,
/* /*
* Check whether the user described by "token" has access to share snum. * Check whether the user described by "token" has access to share snum.
* *
* This looks at "invalid users", "valid users" and "only user/username" * This looks at "invalid users" and "valid users".
* *
* Please note that the user name and share names passed in here mainly for * Please note that the user name and share names passed in here mainly for
* the substitution routines that expand the parameter values, the decision * the substitution routines that expand the parameter values, the decision
@ -217,22 +217,6 @@ bool user_ok_token(const char *username, const char *domain,
} }
} }
if (lp_only_user(snum)) {
const char *list[2];
list[0] = lp_username(talloc_tos(), snum);
list[1] = NULL;
if ((list[0] == NULL) || (*list[0] == '\0')) {
DEBUG(0, ("'only user = yes' and no 'username ='\n"));
return False;
}
if (!token_contains_name_in_list(NULL, domain,
lp_servicename(talloc_tos(), snum),
token, list)) {
DEBUG(10, ("%s != 'username'\n", username));
return False;
}
}
DEBUG(10, ("user_ok_token: share %s is ok for unix user %s\n", DEBUG(10, ("user_ok_token: share %s is ok for unix user %s\n",
lp_servicename(talloc_tos(), snum), username)); lp_servicename(talloc_tos(), snum), username));
@ -243,7 +227,7 @@ bool user_ok_token(const char *username, const char *domain,
* Check whether the user described by "token" is restricted to read-only * Check whether the user described by "token" is restricted to read-only
* access on share snum. * access on share snum.
* *
* This looks at "invalid users", "valid users" and "only user/username" * This looks at "read list", "write list" and "read only".
* *
* Please note that the user name and share names passed in here mainly for * Please note that the user name and share names passed in here mainly for
* the substitution routines that expand the parameter values, the decision * the substitution routines that expand the parameter values, the decision