summaryrefslogtreecommitdiff
path: root/lib/util
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2009-08-05 10:50:03 +1000
committerAndrew Tridgell <tridge@samba.org>2009-08-05 10:51:00 +1000
commitfd43e0ee09e3f82093e9a15dd6cbd2fbaa113426 (patch)
treeb9971f7c8b9758dec89f109a2e79dd0ad899f4f2 /lib/util
parent3e3f64f05fa5d970b058c4b21b6ecd40b883e8e6 (diff)
downloadsamba-fd43e0ee09e3f82093e9a15dd6cbd2fbaa113426.tar.gz
samba-fd43e0ee09e3f82093e9a15dd6cbd2fbaa113426.tar.bz2
samba-fd43e0ee09e3f82093e9a15dd6cbd2fbaa113426.zip
added a uid_wrapper library
This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
Diffstat (limited to 'lib/util')
-rw-r--r--lib/util/config.mk1
-rw-r--r--lib/util/util.c2
2 files changed, 3 insertions, 0 deletions
diff --git a/lib/util/config.mk b/lib/util/config.mk
index ad39096c56..47e026865e 100644
--- a/lib/util/config.mk
+++ b/lib/util/config.mk
@@ -54,6 +54,7 @@ PUBLIC_HEADERS += $(addprefix $(libutilsrcdir)/, util.h \
ASN1_UTIL_OBJ_FILES = $(libutilsrcdir)/asn1.o
[SUBSYSTEM::UNIX_PRIVS]
+PRIVATE_DEPENDENCIES = UID_WRAPPER
UNIX_PRIVS_OBJ_FILES = $(libutilsrcdir)/unix_privs.o
diff --git a/lib/util/util.c b/lib/util/util.c
index f49d25865c..dea140148f 100644
--- a/lib/util/util.c
+++ b/lib/util/util.c
@@ -135,10 +135,12 @@ _PUBLIC_ bool directory_create_or_exist(const char *dname, uid_t uid,
}
if ((st.st_uid != uid) ||
((st.st_mode & 0777) != dir_perms)) {
+#ifndef UID_WRAPPER_REPLACE
DEBUG(0, ("invalid permissions on directory "
"%s\n", dname));
umask(old_umask);
return false;
+#endif
}
}
return true;