IF YOU WOULD LIKE TO GET AN ACCOUNT, please write an
email to Administrator. User accounts are meant only to access repo
and report issues and/or generate pull requests.
This is a purpose-specific Git hosting for
BaseALT
projects. Thank you for your understanding!
Только зарегистрированные пользователи имеют доступ к сервису!
Для получения аккаунта, обратитесь к администратору.
calls make it :
become_root_uid_only()
operation
unbecome_root_uid_only()
saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.
Jeremy
fix the messaging code to call the efficient calls :
save_re_uid()
set_effective_uid(0);
messaging_op
restore_re_uid();
instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.
This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).
Jeremy.
This changes our behaviour when the setresuid call is available. We now not
only change the effective uid but also the real uid when becoming
unprivileged. This is mainly for improved AFS compatibility, as AFS selects
the token to send to the server based on the real uid of the process.
I tested this with a W2k server with two non-root 'runas' sessions. They come
in via a single smbd as two different users using two session setups. Samba on
Linux can still switch between the two uids, proved by two different files
created via those sessions.
Volker
that libsmb/ creates a local tcp socket then launches smbd as a subprocess
attached to that socket. smbd thinks it is being launched from inetd.
to use it do the following:
- compile with -DSMB_REGRESSION_TEST
- run like this (also works with smbtorture etc)
export SMBD_TEST=1
export LIBSMB_PROG=bin/smbd
smbclient //server/share -Uuser%pass
obviously you need to setup a smb.conf etc. Using --prefix to configure
is useful.
The aim of all this stuff is to add a decent set of regression tests
to the build farm, so we know if smbd actually runs correctly on all the
platforms, not just builds. We can run smbtorture, masktest, locktest etc,
plus a bunch of smbclient scripts and any new tests we write.
This doesn't help much with nmbd (at least not yet) but its a good start.
