r17293: After the results from the cluster tests in Germany,

fix the messaging code to call the efficient calls :

save_re_uid()
set_effective_uid(0);

messaging_op

restore_re_uid();

instead of using heavyweight become_root()/unbecome_root()
pairs around all messaging code. Fixup the messaging
code to ensure sec_init() is called (only once) so that non-root
processes still work when sending messages.

This is a lighter weight solution to become_root()/unbecome_root()
(which swaps all the supplemental groups) and should be more
efficient. I will migrate all server code over to using this
(a similar technique should be used in the passdb backend
where needed).

Jeremy.
(This used to be commit 4ace291278d9a44f5c577bdd3b282c1231e543df)

3 files changed, 32 insertions, 8 deletions

diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index 57e4514b58..bae4052964 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -117,7 +117,10 @@ static void ping_message(int msg_type, struct process_id src,
 
 BOOL message_init(void)
 {
-	if (tdb) return True;
+	sec_init();
+
+	if (tdb)
+		return True;
 
 	tdb = tdb_open_log(lock_path("messages.tdb"), 
 		       0, TDB_CLEAR_IF_FIRST|TDB_DEFAULT, 
@@ -164,6 +167,10 @@ static TDB_DATA message_key_pid(struct process_id pid)
 static BOOL message_notify(struct process_id procid)
 {
 	pid_t pid = procid.pid;
+	int saved_errno;
+	int ret;
+	uid_t euid = geteuid();
+
 	/*
 	 * Doing kill with a non-positive pid causes messages to be
 	 * sent to places we don't want.
@@ -171,15 +178,28 @@ static BOOL message_notify(struct process_id procid)
 
 	SMB_ASSERT(pid > 0);
 
-	if (kill(pid, SIGUSR1) == -1) {
-		if (errno == ESRCH) {
+	if (euid != 0) {
+	        save_re_uid();
+		set_effective_uid(0);
+	}
+
+	ret = kill(pid, SIGUSR1);
+	saved_errno = errno;
+
+	if (euid != 0) {
+		restore_re_uid();
+	}
+
+	if (ret == -1) {
+		if (saved_errno == ESRCH) {
 			DEBUG(2,("pid %d doesn't exist - deleting messages record\n", (int)pid));
 			tdb_delete(tdb, message_key_pid(procid));
 		} else {
-			DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(errno)));
+			DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(saved_errno)));
 		}
 		return False;
 	}
+
 	return True;
 }
 
diff --git a/source3/lib/tallocmsg.c b/source3/lib/tallocmsg.c
index b515093cd6..e4364f1ff7 100644
--- a/source3/lib/tallocmsg.c
+++ b/source3/lib/tallocmsg.c
@@ -44,10 +44,8 @@ void msg_pool_usage(int msg_type, struct process_id src_pid,
 		return;
 	}
 	
-	become_root();
 	message_send_pid(src_pid, MSG_POOL_USAGE,
 			 reply, strlen(reply)+1, True);
-	unbecome_root();
 
 	SAFE_FREE(reply);
 }
diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c
index 26be27ea51..c13b20ec92 100644
--- a/source3/lib/util_sec.c
+++ b/source3/lib/util_sec.c
@@ -52,10 +52,16 @@ static gid_t initial_gid;
 remember what uid we got started as - this allows us to run correctly
 as non-root while catching trapdoor systems
 ****************************************************************************/
+
 void sec_init(void)
 {
-	initial_uid = geteuid();
-	initial_gid = getegid();
+	static int initialized;
+
+	if (!initialized) {
+		initial_uid = geteuid();
+		initial_gid = getegid();
+		initialized = 1;
+	}
 }
 
 /****************************************************************************