mirror of
https://github.com/samba-team/samba.git
synced 2024-12-25 23:21:54 +03:00
5a872512b0
conjunction with the posix backend this gives us a way to correctly
setup the unix security context in Samba4.
I chose the following method to determine the unix uid's and gid's to
use given the list of SIDs from the login process
- look for a "UnixID" field in the sam record. If present, then use it
(check if the record is of the right type as well)
- if UnixID is not present, then look for the "UnixName" sam
field. If it is present then use getpwnam() or getgrnam() to find
the unix id.
- if UnixID and UnixName are not present, then look for a unix
account of the right type called by the same name as the sAMAccountName field.
- if none of the above work then fail the operation with NT_STATUS_ACCESS_DENIED
obviously these steps only work well with a local SAM. It will need to
be more sophisticated in future.
I did not put any cache in place at all. That will need to be added
for decent performance.
(This used to be commit 78b67d19b9)
59 lines
1.8 KiB
Plaintext
59 lines
1.8 KiB
Plaintext
SMB_MODULE_MK(ntvfs_unixuid, NTVFS, STATIC, ntvfs/config.mk)
|
|
|
|
|
|
################################################
|
|
# look for a method of setting the effective uid
|
|
seteuid=no;
|
|
if test $seteuid = no; then
|
|
AC_CACHE_CHECK([for setresuid],samba_cv_USE_SETRESUID,[
|
|
AC_TRY_RUN([
|
|
#define AUTOCONF_TEST 1
|
|
#define USE_SETRESUID 1
|
|
#include "confdefs.h"
|
|
#include "${srcdir-.}/lib/util_sec.c"],
|
|
samba_cv_USE_SETRESUID=yes,samba_cv_USE_SETRESUID=no,samba_cv_USE_SETRESUID=cross)])
|
|
if test x"$samba_cv_USE_SETRESUID" = x"yes"; then
|
|
seteuid=yes;AC_DEFINE(USE_SETRESUID,1,[Whether setresuid() is available])
|
|
fi
|
|
fi
|
|
|
|
|
|
if test $seteuid = no; then
|
|
AC_CACHE_CHECK([for setreuid],samba_cv_USE_SETREUID,[
|
|
AC_TRY_RUN([
|
|
#define AUTOCONF_TEST 1
|
|
#define USE_SETREUID 1
|
|
#include "confdefs.h"
|
|
#include "${srcdir-.}/lib/util_sec.c"],
|
|
samba_cv_USE_SETREUID=yes,samba_cv_USE_SETREUID=no,samba_cv_USE_SETREUID=cross)])
|
|
if test x"$samba_cv_USE_SETREUID" = x"yes"; then
|
|
seteuid=yes;AC_DEFINE(USE_SETREUID,1,[Whether setreuid() is available])
|
|
fi
|
|
fi
|
|
|
|
if test $seteuid = no; then
|
|
AC_CACHE_CHECK([for seteuid],samba_cv_USE_SETEUID,[
|
|
AC_TRY_RUN([
|
|
#define AUTOCONF_TEST 1
|
|
#define USE_SETEUID 1
|
|
#include "confdefs.h"
|
|
#include "${srcdir-.}/lib/util_sec.c"],
|
|
samba_cv_USE_SETEUID=yes,samba_cv_USE_SETEUID=no,samba_cv_USE_SETEUID=cross)])
|
|
if test x"$samba_cv_USE_SETEUID" = x"yes"; then
|
|
seteuid=yes;AC_DEFINE(USE_SETEUID,1,[Whether seteuid() is available])
|
|
fi
|
|
fi
|
|
|
|
if test $seteuid = no; then
|
|
AC_CACHE_CHECK([for setuidx],samba_cv_USE_SETUIDX,[
|
|
AC_TRY_RUN([
|
|
#define AUTOCONF_TEST 1
|
|
#define USE_SETUIDX 1
|
|
#include "confdefs.h"
|
|
#include "${srcdir-.}/lib/util_sec.c"],
|
|
samba_cv_USE_SETUIDX=yes,samba_cv_USE_SETUIDX=no,samba_cv_USE_SETUIDX=cross)])
|
|
if test x"$samba_cv_USE_SETUIDX" = x"yes"; then
|
|
seteuid=yes;AC_DEFINE(USE_SETUIDX,1,[Whether setuidx() is available])
|
|
fi
|
|
fi
|