1
0
mirror of https://github.com/samba-team/samba.git synced 2025-01-21 18:04:06 +03:00

46 Commits

Author SHA1 Message Date
Andreas Schneider
71b40127e1 s3:lib: Fix code spelling
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Martin Schwenke <mschwenke@ddn.com>
2023-07-13 05:41:36 +00:00
Volker Lendecke
8b45a42bc8 lib: Improve comment wording
Signed-off-by: Volker Lendecke <vl@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
2021-08-24 17:32:28 +00:00
Stefan Metzmacher
1c0eed6ba7 s3:util_sec: fix the build on non-linux platforms
This fixes a regression introduced by
"util_sec.c: Move __thread variable to global scope"
(5a80f399b51221fb0b8661f30d940ca24e1ce627).

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2020-03-27 09:02:37 +00:00
Khem Raj
5a80f399b5 util_sec.c: Move __thread variable to global scope
Make clang happy otherwise it complains about variable scope

fixes

source3/./lib/util_sec.c:470:4: error: '__thread' variables must have global storage
        } __thread cache;
          ^

Signed-off-by: Khem Raj <raj.khem@gmail.com>
Reviewed-by: Matthias Dieter Wallnöfer <mdw@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-09-17 12:31:40 +00:00
David Disseldorp
f1b43dfe4a s3/lib: clean up have_syscall() formatting
Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-01-29 00:29:17 +01:00
David Disseldorp
45a202a197 s3/lib: don't rely on implicit int return type
C99 removed this behaviour.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Andreas Schneider <asn@samba.org>
2019-01-29 00:29:17 +01:00
Andreas Schneider
1642dc2fd4 s3:lib: Do not redefine bool and use stdbool.h
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Gary Lockyer <gary@catalyst.net.nz>
2018-11-22 22:13:27 +01:00
Stefan Metzmacher
10fc65b74d s3:util_sec: add a cache to set_thread_credentials()
Calling set_thread_credentials() with the same values,
skips syscalls the 2nd time.

We only do this if '__thread' is supported to provide
thread local storage.

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Reviewed-by: Ralph Boehme <slow@samba.org>

Autobuild-User(master): Ralph Böhme <slow@samba.org>
Autobuild-Date(master): Tue Jul 24 20:35:17 CEST 2018 on sn-devel-144
2018-07-24 20:35:17 +02:00
Ralph Boehme
0d2eeb9422 lib/util: rename USE_LINUX_THREAD_CREDENTIALS to HAVE_LINUX_THREAD_CREDENTIALS
The define reflects the results of a feature test, not a configure
option.

Signed-off-by: Ralph Boehme <slow@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2018-07-24 17:38:28 +02:00
Andreas Schneider
6361063995 s3-lib: Get the real initial uid for selftest
We need this that if we connect as the user who started smbd, we are
able to perform privileged operation like creating a user.

Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2015-11-05 09:23:15 +01:00
Andreas Schneider
15feb84273 s3-lib: Add root_mode() which can deal with uid_wrapper.
Signed-off-by: Andreas Schneider <asn@samba.org>
Reviewed-by: Stefan Metzmacher <metze@samba.org>
2014-04-17 14:56:06 +02:00
Jeremy Allison
d81e20653b Move set_thread_credentials_permanently() to set_thread_credentials()
as we need to keep the saved set uid/gid otherwise there is an
interaction with open[at]() and NO_ATIME returning EPERM. As this
is meant for threaded code inside the process we don't need
to do an irreverisble change anyway.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Wed Jul 11 03:54:00 CEST 2012 on sn-devel-104
2012-07-11 03:54:00 +02:00
Jeremy Allison
b25619175f Fix typo we've had for a long time in set_re_uid() in the USE_SETRESUID case.
We only set the real euid, not the effective one. This is not
a security issue as this is *only* used in the quota code, and
only between code that brackets it with save_re_uid()/restore_re_uid(),
Also this is not used on most platforms (we use USE_SETREUID by
preference) but it's better to have this right. Bug to follow to get this
fixed in 3.6.next and 3.5.next.
2012-07-10 16:50:51 -07:00
Jeremy Allison
a559fcf156 Add function set_thread_credentials_permanently(). Panic if fail.
Not yet used.
2012-07-03 15:34:22 -07:00
Jeremy Allison
f81fd1ccc3 Try and fix the autoconf build on Solaris/Nexenta/etc.
Their AC_TRY_RUN doesn't include any current CPPFLAGS. Make
the set[res]uid checks independent of this. Needs a small
change to the waf build in order to code with the change.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Sat Jun 30 00:32:36 CEST 2012 on sn-devel-104
2012-06-30 00:32:36 +02:00
Jeremy Allison
485787f0df Move back to using per-thread credentials on Linux. Fixes the glibc native AIO lost wakeup problem.
See this post:

https://lists.samba.org/archive/samba-technical/2012-June/085101.html

for details.

Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Fri Jun 29 03:57:45 CEST 2012 on sn-devel-104
2012-06-29 03:57:45 +02:00
Jeremy Allison
821bd95156 Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.
Will allow thread-specific credentials to be added by modifying
the central definitions. Deliberately left the setXX[ug]id()
call in popt as this is not used in Samba.
2012-06-28 17:15:16 -07:00
Andreas Schneider
7cb08171ce Include uid_wrapper correctly. 2011-10-27 13:32:02 +02:00
Volker Lendecke
1184e7de59 s3: Use the uid_wrapper
Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Andreas Schneider <asn@samba.org>
2011-10-06 12:15:27 +02:00
Jeremy Allison
30191d1a57 RIP BOOL. Convert BOOL -> bool. I found a few interesting
bugs in various places whilst doing this (places that assumed
BOOL == int). I also need to fix the Samba4 pidl generation
(next checkin).
Jeremy.
(This used to be commit f35a266b3cbb3e5fa6a86be60f34fe340a3ca71f)
2007-10-18 17:40:25 -07:00
Andrew Tridgell
5e54558c6d r23784: use the GPLv3 boilerplate as recommended by the FSF and the license text
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
2007-10-10 12:28:22 -05:00
Jeremy Allison
d824b98f80 r23779: Change from v2 or later to v3 or later.
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
2007-10-10 12:28:20 -05:00
Jeremy Allison
bc45c82904 r22096: become_root_uid_only() is unneeded - it's only used in
messages.c. Refactor to use become_root() instead and
make it local to messages.c
Jeremy.
(This used to be commit f3ffb3f98472b69b476b702dfe5c0575b32da018)
2007-10-10 12:19:11 -05:00
Volker Lendecke
a24714b9fd r21005: Add a debug message for EAGAIN error of setresuid.
Volker
(This used to be commit 70c589a8323637ff8e1f96a56f8acaf550a58dc4)
2007-10-10 12:17:26 -05:00
Jeremy Allison
e4e2be0d8b r17294: Make the code a little cleaner. Instead of using the two
calls make it :

become_root_uid_only()
operation
unbecome_root_uid_only()

saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.

Jeremy
(This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)
2007-10-10 11:38:24 -05:00
Jeremy Allison
a093a76dc1 r17293: After the results from the cluster tests in Germany,
fix the messaging code to call the efficient calls :

save_re_uid()
set_effective_uid(0);

messaging_op

restore_re_uid();

instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.

This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).

Jeremy.
(This used to be commit 4ace291278d9a44f5c577bdd3b282c1231e543df)
2007-10-10 11:38:24 -05:00
Andrew Bartlett
e2d301accf Clarify comment on set_effective_uid()
Andrew Bartlett
(This used to be commit ca24ae50ea37942dde335e97019880b6ce518a6a)
2004-01-27 10:01:30 +00:00
Volker Lendecke
4f62277d89 After a phonecall with jra finally commit this.
This changes our behaviour when the setresuid call is available. We now not
only change the effective uid but also the real uid when becoming
unprivileged. This is mainly for improved AFS compatibility, as AFS selects
the token to send to the server based on the real uid of the process.

I tested this with a W2k server with two non-root 'runas' sessions. They come
in via a single smbd as two different users using two session setups. Samba on
Linux can still switch between the two uids, proved by two different files
created via those sessions.

Volker
(This used to be commit 556c62f93535c606122b22e7e843d9da9a1cd438)
2003-10-23 16:49:46 +00:00
Volker Lendecke
ee868462a0 Add a descriptive comment to our usage of setresuid. lib/afs.c needs
to be changed if we decide to set our real uid. Jeremy?

Volker
(This used to be commit 1fed55aa781bcf9efdd42f361c972b69152137a4)
2003-09-23 14:49:17 +00:00
Andrew Tridgell
e90b652848 updated the 3.0 branch from the head branch - ready for alpha18
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
2002-07-15 10:35:28 +00:00
Tim Potter
1d582af3c0 Spelling fixes.
(This used to be commit a5ac2ac4ada48ee3be061a32ba40bd8c4b3b3865)
2002-03-24 23:25:05 +00:00
Andrew Tridgell
1736b99a50 reverted tims patch that broke configure
why does anything but smbd care about sec_init() anyway??
(This used to be commit 569505b77140c2688aeab4df058b864464f23c1d)
2002-02-18 10:23:02 +00:00
Tim Potter
606fdc7c5c Whoops, typo.
(This used to be commit e7abb79fb304b34aeb369dc6deafa96dfd1e02f3)
2002-02-17 18:56:30 +00:00
Tim Potter
d159876d64 Do a smb_panic() if sec_initial_[ug]id() or non_root_mode() is called
without before sec_init().  This should avoid the formation of another
magic function club.  (-:
(This used to be commit 1b941e2c637e41049932945607149094342359c5)
2002-02-17 18:32:59 +00:00
Tim Potter
cd68afe312 Removed version number from file header.
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
2002-01-30 06:08:46 +00:00
Andrew Bartlett
2fc8e32ad3 Parionia to ensure people don't install libsmb based programs setuid root.
libsmb has not been written to be setuid, with things like LIBSMB_PROG allowing
all sort of fun and games.

Andrew Bartlett
(This used to be commit 0c8e9339d8238de92e9146d04091694b62874c33)
2001-10-31 01:52:34 +00:00
Tim Potter
dc1fc3ee8e Removed 'extern int DEBUGLEVEL' as it is now in the smb.h header.
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
2001-10-02 04:29:50 +00:00
Andrew Bartlett
9a846daf44 Restore the profiling data shmem parinoia. This whole area needs to be
fixed - an mmaped file or the like would be a good idea.
(This used to be commit bc1385fc5e55eeed626615fad92877296064a27e)
2001-09-15 02:10:22 +00:00
Andrew Tridgell
03efd16d34 added sec_initial_uid() function so we can ask if a file is owned by
the initial uid
(This used to be commit 9449544428c9c3153f9e757c57bccda382fa2882)
2001-07-08 18:22:46 +00:00
Andrew Tridgell
85a310c7f3 fixed inetd operation as non-root
(This used to be commit 9a9da44455fc35cb9b1625ffefd12a9c5fe48d6b)
2001-07-06 02:25:03 +00:00
Andrew Tridgell
413ad23faf make sure we have BOOL in autoconf usage of util_sec.c
(This used to be commit 72f63f5144ececdef31c659ab645eb71a88943b5)
2001-06-25 01:20:47 +00:00
Andrew Tridgell
8b79a473fa - make the regresison test mode code build in by default. This should
allow us to have test targets without special configure options
- fixed make proto so that it actually does something
(This used to be commit 55109a752578e9389d853cb27ec17c2114ecff77)
2001-06-25 00:46:34 +00:00
Andrew Tridgell
868d010aa1 added the ability to test smbd safely as an ordinary user. The way it works is
that libsmb/ creates a local tcp socket then launches smbd as a subprocess
attached to that socket. smbd thinks it is being launched from inetd.

to use it do the following:

- compile with -DSMB_REGRESSION_TEST
- run like this (also works with smbtorture etc)
    export SMBD_TEST=1
    export LIBSMB_PROG=bin/smbd
    smbclient //server/share -Uuser%pass

obviously you need to setup a smb.conf etc. Using --prefix to configure
is useful.

The aim of all this stuff is to add a decent set of regression tests
to the build farm, so we know if smbd actually runs correctly on all the
platforms, not just builds. We can run smbtorture, masktest, locktest etc,
plus a bunch of smbclient scripts and any new tests we write.

This doesn't help much with nmbd (at least not yet) but its a good start.
(This used to be commit 7e8e6ae9a88c4d2587eb4e7f0501cd71bd36ebb2)
2001-06-22 15:14:45 +00:00
Tim Potter
4cf7fcc505 Fixed compiler warning.
(This used to be commit 6553f1d02792d81987dda51af76b4fc06d73a787)
2000-12-06 02:52:54 +00:00
Jeremy Allison
27ce49e3e6 Moved over lib/util_sec (with added fixes) as the HEAD source
seems to have drifted a little.
Jeremy.
(This used to be commit ebcdb4afee04cc3b94e60b1de86c2b534d4e233e)
2000-02-08 11:32:43 +00:00
Andrew Tridgell
173f7e66dc util_sec.c from 2.0.6
(This used to be commit 955d187139365d16f3fca1abd3853ca4e49f244c)
1999-12-17 01:39:47 +00:00