diff options
| author | Andrew Tridgell <tridge@samba.org> | 2009-08-05 11:21:06 +1000 |
|---|---|---|
| committer | Andrew Tridgell <tridge@samba.org> | 2009-08-05 11:21:06 +1000 |
| commit | 58e5e1ea8d4c5a9eb8d36aa8132fd1ba3985ca53 (patch) | |
| tree | c66cc43d180750e40a4a7ffb42ca1bfe6bbd7f11 /lib | |
| parent | fd43e0ee09e3f82093e9a15dd6cbd2fbaa113426 (diff) | |
| download | samba-58e5e1ea8d4c5a9eb8d36aa8132fd1ba3985ca53.tar.gz samba-58e5e1ea8d4c5a9eb8d36aa8132fd1ba3985ca53.tar.bz2 samba-58e5e1ea8d4c5a9eb8d36aa8132fd1ba3985ca53.zip | |
make the UID_WRAPPER skip checks at runtime
This fixes two issues pointed out by Andrew. It adds a runtime
uwrap_enabled() call that wraps the skips needed for uid emulation. It
also makes the skip in the directory_create_or_exist() function only
change the uid checking code, not the permissions code
Diffstat (limited to 'lib')
| -rw-r--r-- | lib/uid_wrapper/uid_wrapper.c | 7 | ||||
| -rw-r--r-- | lib/uid_wrapper/uid_wrapper.h | 2 | ||||
| -rw-r--r-- | lib/util/config.mk | 2 | ||||
| -rw-r--r-- | lib/util/util.c | 11 |
4 files changed, 17 insertions, 5 deletions
diff --git a/lib/uid_wrapper/uid_wrapper.c b/lib/uid_wrapper/uid_wrapper.c index e009fa0b5c..948ff65b35 100644 --- a/lib/uid_wrapper/uid_wrapper.c +++ b/lib/uid_wrapper/uid_wrapper.c @@ -45,6 +45,13 @@ static void uwrap_init(void) } } +#undef uwrap_enabled +_PUBLIC_ int uwrap_enabled(void) +{ + uwrap_init(); + return uwrap.enabled?1:0; +} + _PUBLIC_ int uwrap_seteuid(uid_t euid) { uwrap_init(); diff --git a/lib/uid_wrapper/uid_wrapper.h b/lib/uid_wrapper/uid_wrapper.h index e2df613f50..5d7c99d2b2 100644 --- a/lib/uid_wrapper/uid_wrapper.h +++ b/lib/uid_wrapper/uid_wrapper.h @@ -58,4 +58,6 @@ #endif #define getgid uwrap_getgid +int uwrap_enabled(void); + #endif /* __UID_WRAPPER_H__ */ diff --git a/lib/util/config.mk b/lib/util/config.mk index 47e026865e..6dc8354948 100644 --- a/lib/util/config.mk +++ b/lib/util/config.mk @@ -2,7 +2,7 @@ PUBLIC_DEPENDENCIES = \ LIBTALLOC LIBCRYPTO \ SOCKET_WRAPPER LIBREPLACE_NETWORK \ - CHARSET EXECINFO + CHARSET EXECINFO UID_WRAPPER LIBSAMBA-UTIL_VERSION = 0.0.1 LIBSAMBA-UTIL_SOVERSION = 0 diff --git a/lib/util/util.c b/lib/util/util.c index dea140148f..2a809d3ccb 100644 --- a/lib/util/util.c +++ b/lib/util/util.c @@ -133,14 +133,17 @@ _PUBLIC_ bool directory_create_or_exist(const char *dname, uid_t uid, umask(old_umask); return false; } - if ((st.st_uid != uid) || - ((st.st_mode & 0777) != dir_perms)) { -#ifndef UID_WRAPPER_REPLACE + if (st.st_uid != uid && !uwrap_enabled()) { + DEBUG(0, ("invalid ownership on directory " + "%s\n", dname)); + umask(old_umask); + return false; + } + if ((st.st_mode & 0777) != dir_perms) { DEBUG(0, ("invalid permissions on directory " "%s\n", dname)); umask(old_umask); return false; -#endif } } return true; |