r17294: Make the code a little cleaner. Instead of using the two

calls make it :

become_root_uid_only()
operation
unbecome_root_uid_only()

saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.

Jeremy
(This used to be commit 4143aa83c029848d8ec741d9218b3fa6e3fd28dd)

3 files changed, 45 insertions, 22 deletions

diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index bae4052964..410e4af659 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -167,7 +167,6 @@ static TDB_DATA message_key_pid(struct process_id pid)
 static BOOL message_notify(struct process_id procid)
 {
 	pid_t pid = procid.pid;
-	int saved_errno;
 	int ret;
 	uid_t euid = geteuid();
 
@@ -179,23 +178,21 @@ static BOOL message_notify(struct process_id procid)
 	SMB_ASSERT(pid > 0);
 
 	if (euid != 0) {
-	        save_re_uid();
-		set_effective_uid(0);
+		become_root_uid_only();
 	}
 
 	ret = kill(pid, SIGUSR1);
-	saved_errno = errno;
 
 	if (euid != 0) {
-		restore_re_uid();
+		unbecome_root_uid_only();
 	}
 
 	if (ret == -1) {
-		if (saved_errno == ESRCH) {
+		if (errno == ESRCH) {
 			DEBUG(2,("pid %d doesn't exist - deleting messages record\n", (int)pid));
 			tdb_delete(tdb, message_key_pid(procid));
 		} else {
-			DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(saved_errno)));
+			DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(errno)));
 		}
 		return False;
 	}
diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c
index c13b20ec92..3f8cb690cd 100644
--- a/source3/lib/util_sec.c
+++ b/source3/lib/util_sec.c
@@ -258,10 +258,9 @@ void save_re_uid(void)
 /****************************************************************************
  and restore them!
 ****************************************************************************/
-void restore_re_uid(void)
-{
-	set_effective_uid(0);
 
+static void restore_re_uid_fromroot(void)
+{
 #if USE_SETRESUID
 	setresuid(saved_ruid, saved_euid, -1);
 #elif USE_SETREUID
@@ -280,6 +279,33 @@ void restore_re_uid(void)
 	assert_uid(saved_ruid, saved_euid);
 }
 
+void restore_re_uid(void)
+{
+	set_effective_uid(0);
+	restore_re_uid_fromroot();
+}
+
+/****************************************************************************
+ Lightweight become root - no group change.
+****************************************************************************/
+
+void become_root_uid_only(void)
+{
+	save_re_uid();
+	set_effective_uid(0);
+}
+
+/****************************************************************************
+ Lightweight unbecome root - no group change. Expects we are root already,
+ saves errno across call boundary.
+****************************************************************************/
+
+void unbecome_root_uid_only(void)
+{
+	int saved_errno = errno;
+	restore_re_uid_fromroot();
+	errno = saved_errno;
+}
 
 /****************************************************************************
  save the real and effective gid for later restoration. Used by the 
diff --git a/source3/smbd/posix_acls.c b/source3/smbd/posix_acls.c
index 3ea442f818..f2ed2778f2 100644
--- a/source3/smbd/posix_acls.c
+++ b/source3/smbd/posix_acls.c
@@ -2458,9 +2458,9 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
 					fsp->fsp_name ));
 
-				become_root();
+				become_root_uid_only();
 				sret = SMB_VFS_SYS_ACL_SET_FILE(conn, fsp->fsp_name, the_acl_type, the_acl);
-				unbecome_root();
+				unbecome_root_uid_only();
 				if (sret == 0) {
 					ret = True;	
 				}
@@ -2489,9 +2489,9 @@ static BOOL set_canon_ace_list(files_struct *fsp, canon_ace *the_ace, BOOL defau
 				DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
 					fsp->fsp_name ));
 
-				become_root();
+				become_root_uid_only();
 				sret = SMB_VFS_SYS_ACL_SET_FD(fsp, fsp->fh->fd, the_acl);
-				unbecome_root();
+				unbecome_root_uid_only();
 				if (sret == 0) {
 					ret = True;
 				}
@@ -3018,10 +3018,10 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_
 		/* Case (3) */
 		     ( has_restore_priv ) ) {
 
-			become_root();
+			become_root_uid_only();
 			/* Keep the current file gid the same - take ownership doesn't imply group change. */
 			ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1);
-			unbecome_root();
+			unbecome_root_uid_only();
 			return ret;
 		}
 	}
@@ -3045,10 +3045,10 @@ static int try_chown(connection_struct *conn, const char *fname, uid_t uid, gid_
 	*/
 	uid = current_user.ut.uid;
 
-	become_root();
+	become_root_uid_only();
 	/* Keep the current file gid the same. */
 	ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, uid, (gid_t)-1);
-	unbecome_root();
+	unbecome_root_uid_only();
 
 	close_file_fchmod(fsp);
 
@@ -3226,9 +3226,9 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
 								"current user in file %s primary group. Override delete_def_acl\n",
 								fsp->fsp_name ));
 
-							become_root();
+							become_root_uid_only();
 							sret = SMB_VFS_SYS_ACL_DELETE_DEF_FILE(conn, fsp->fsp_name);
-							unbecome_root();
+							unbecome_root_uid_only();
 						}
 
 						if (sret == -1) {
@@ -3273,9 +3273,9 @@ BOOL set_nt_acl(files_struct *fsp, uint32 security_info_sent, SEC_DESC *psd)
 								"current user in file %s primary group. Override chmod\n",
 								fsp->fsp_name ));
 
-							become_root();
+							become_root_uid_only();
 							sret = SMB_VFS_CHMOD(conn,fsp->fsp_name, posix_perms);
-							unbecome_root();
+							unbecome_root_uid_only();
 						}
 
 						if (sret == -1) {