summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Bartlett <abartlet@samba.org>2011-07-21 15:37:41 +1000
committerAndrew Bartlett <abartlet@samba.org>2011-07-29 04:24:07 +0200
commitd2a6ae254a7c6afd2c58d1a9a2c9fd4c074b0afb (patch)
tree337fa7c38229bae92b39f55e7f4220df5107f074
parent8f13c84dcecb769e4ba85fa120d9ac4ac772223e (diff)
downloadsamba-d2a6ae254a7c6afd2c58d1a9a2c9fd4c074b0afb.tar.gz
samba-d2a6ae254a7c6afd2c58d1a9a2c9fd4c074b0afb.tar.bz2
samba-d2a6ae254a7c6afd2c58d1a9a2c9fd4c074b0afb.zip
ntvfs: Use security_unix_token from auth.idl
Signed-off-by: Andrew Tridgell <tridge@samba.org>
-rw-r--r--source4/ntvfs/unixuid/vfs_unixuid.c40
1 files changed, 16 insertions, 24 deletions
diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c
index a8a4a98dd0..02b7cb8db5 100644
--- a/source4/ntvfs/unixuid/vfs_unixuid.c
+++ b/source4/ntvfs/unixuid/vfs_unixuid.c
@@ -43,25 +43,17 @@ NTSTATUS ntvfs_unixuid_init(void);
struct unixuid_private {
struct wbc_context *wbc_ctx;
- struct unix_sec_ctx *last_sec_ctx;
+ struct security_unix_token *last_sec_ctx;
struct security_token *last_token;
};
-
-struct unix_sec_ctx {
- uid_t uid;
- gid_t gid;
- unsigned int ngroups;
- gid_t *groups;
-};
-
/*
- pull the current security context into a unix_sec_ctx
+ pull the current security context into a security_unix_token
*/
-static struct unix_sec_ctx *save_unix_security(TALLOC_CTX *mem_ctx)
+static struct security_unix_token *save_unix_security(TALLOC_CTX *mem_ctx)
{
- struct unix_sec_ctx *sec = talloc(mem_ctx, struct unix_sec_ctx);
+ struct security_unix_token *sec = talloc(mem_ctx, struct security_unix_token);
if (sec == NULL) {
return NULL;
}
@@ -87,9 +79,9 @@ static struct unix_sec_ctx *save_unix_security(TALLOC_CTX *mem_ctx)
}
/*
- set the current security context from a unix_sec_ctx
+ set the current security context from a security_unix_token
*/
-static NTSTATUS set_unix_security(struct unix_sec_ctx *sec)
+static NTSTATUS set_unix_security(struct security_unix_token *sec)
{
seteuid(0);
@@ -118,7 +110,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev,
void *stack_ptr,
const char *location)
{
- struct unix_sec_ctx *sec_ctx;
+ struct security_unix_token *sec_ctx;
if (unixuid_nesting_level == 0) {
/* we don't need to do anything unless we are nested
@@ -132,7 +124,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev,
DEBUG(0,("%s: Failed to save security context\n", location));
return -1;
}
- *(struct unix_sec_ctx **)stack_ptr = sec_ctx;
+ *(struct security_unix_token **)stack_ptr = sec_ctx;
if (seteuid(0) != 0 || setegid(0) != 0) {
DEBUG(0,("%s: Failed to change to root\n", location));
return -1;
@@ -141,7 +133,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev,
/* called when we come out of a nesting level */
NTSTATUS status;
- sec_ctx = *(struct unix_sec_ctx **)stack_ptr;
+ sec_ctx = *(struct security_unix_token **)stack_ptr;
if (sec_ctx == NULL) {
/* this happens the first time this function
is called, as we install the hook while
@@ -149,7 +141,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev,
return 0;
}
- sec_ctx = talloc_get_type_abort(sec_ctx, struct unix_sec_ctx);
+ sec_ctx = talloc_get_type_abort(sec_ctx, struct security_unix_token);
status = set_unix_security(sec_ctx);
talloc_free(sec_ctx);
if (!NT_STATUS_IS_OK(status)) {
@@ -164,19 +156,19 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev,
/*
- form a unix_sec_ctx from the current security_token
+ form a security_unix_token from the current security_token
*/
static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs,
struct ntvfs_request *req,
struct security_token *token,
- struct unix_sec_ctx **sec)
+ struct security_unix_token **sec)
{
struct unixuid_private *priv = ntvfs->private_data;
int i;
NTSTATUS status;
struct id_map *ids;
struct composite_context *ctx;
- *sec = talloc(req, struct unix_sec_ctx);
+ *sec = talloc(req, struct security_unix_token);
/* we can't do unix security without a user and group */
if (token->num_sids < 2) {
@@ -232,11 +224,11 @@ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs,
setup our unix security context according to the session authentication info
*/
static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs,
- struct ntvfs_request *req, struct unix_sec_ctx **sec)
+ struct ntvfs_request *req, struct security_unix_token **sec)
{
struct unixuid_private *priv = ntvfs->private_data;
struct security_token *token;
- struct unix_sec_ctx *newsec;
+ struct security_unix_token *newsec;
NTSTATUS status;
/* If we are asked to set up, but have not had a successful
@@ -283,7 +275,7 @@ static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs,
*/
#define PASS_THRU_REQ(ntvfs, req, op, args) do { \
NTSTATUS status2; \
- struct unix_sec_ctx *sec; \
+ struct security_unix_token *sec; \
status = unixuid_setup_security(ntvfs, req, &sec); \
NT_STATUS_NOT_OK_RETURN(status); \
unixuid_nesting_level++; \