IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
messages.c. Refactor to use become_root() instead and
make it local to messages.c
Jeremy.
(This used to be commit f3ffb3f98472b69b476b702dfe5c0575b32da018)
calls make it :
become_root_uid_only()
operation
unbecome_root_uid_only()
saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.
Jeremy
(This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)
fix the messaging code to call the efficient calls :
save_re_uid()
set_effective_uid(0);
messaging_op
restore_re_uid();
instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.
This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).
Jeremy.
(This used to be commit 4ace291278d9a44f5c577bdd3b282c1231e543df)
This changes our behaviour when the setresuid call is available. We now not
only change the effective uid but also the real uid when becoming
unprivileged. This is mainly for improved AFS compatibility, as AFS selects
the token to send to the server based on the real uid of the process.
I tested this with a W2k server with two non-root 'runas' sessions. They come
in via a single smbd as two different users using two session setups. Samba on
Linux can still switch between the two uids, proved by two different files
created via those sessions.
Volker
(This used to be commit 556c62f93535c606122b22e7e843d9da9a1cd438)
without before sec_init(). This should avoid the formation of another
magic function club. (-:
(This used to be commit 1b941e2c637e41049932945607149094342359c5)
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing
all sort of fun and games.
Andrew Bartlett
(This used to be commit 0c8e9339d8238de92e9146d04091694b62874c33)
allow us to have test targets without special configure options
- fixed make proto so that it actually does something
(This used to be commit 55109a752578e9389d853cb27ec17c2114ecff77)
that libsmb/ creates a local tcp socket then launches smbd as a subprocess
attached to that socket. smbd thinks it is being launched from inetd.
to use it do the following:
- compile with -DSMB_REGRESSION_TEST
- run like this (also works with smbtorture etc)
export SMBD_TEST=1
export LIBSMB_PROG=bin/smbd
smbclient //server/share -Uuser%pass
obviously you need to setup a smb.conf etc. Using --prefix to configure
is useful.
The aim of all this stuff is to add a decent set of regression tests
to the build farm, so we know if smbd actually runs correctly on all the
platforms, not just builds. We can run smbtorture, masktest, locktest etc,
plus a bunch of smbclient scripts and any new tests we write.
This doesn't help much with nmbd (at least not yet) but its a good start.
(This used to be commit 7e8e6ae9a88c4d2587eb4e7f0501cd71bd36ebb2)
