r13293: Rather a big patch I'm afraid, but this should fix bug #3347

by saving the UNIX token used to set a delete on close flag,
and using it when doing the delete. libsmbsharemodes.so still
needs updating to cope with this change.
Samba4 torture tests to follow.
Jeremy.
(This used to be commit 23f16cbc2e8cde97c486831e26bcafd4ab4a9654)

6 files changed, 32 insertions, 32 deletions

diff --git a/source3/rpc_server/srv_dfs_nt.c b/source3/rpc_server/srv_dfs_nt.c
index f61348ee05..63e4d4e9b7 100644
--- a/source3/rpc_server/srv_dfs_nt.c
+++ b/source3/rpc_server/srv_dfs_nt.c
@@ -52,7 +52,7 @@ WERROR _dfs_add(pipes_struct *p, DFS_Q_DFS_ADD* q_u, DFS_R_DFS_ADD *r_u)
 
 	get_current_user(&user,p);
 
-	if (user.uid != 0) {
+	if (user.ut.uid != 0) {
 		DEBUG(10,("_dfs_add: uid != 0. Access denied.\n"));
 		return WERR_ACCESS_DENIED;
 	}
@@ -115,7 +115,7 @@ WERROR _dfs_remove(pipes_struct *p, DFS_Q_DFS_REMOVE *q_u,
 
 	get_current_user(&user,p);
 
-	if (user.uid != 0) {
+	if (user.ut.uid != 0) {
 		DEBUG(10,("_dfs_remove: uid != 0. Access denied.\n"));
 		return WERR_ACCESS_DENIED;
 	}
diff --git a/source3/rpc_server/srv_lsa_nt.c b/source3/rpc_server/srv_lsa_nt.c
index 6cd673550e..f48f3e863a 100644
--- a/source3/rpc_server/srv_lsa_nt.c
+++ b/source3/rpc_server/srv_lsa_nt.c
@@ -1198,7 +1198,7 @@ NTSTATUS _lsa_addprivs(pipes_struct *p, LSA_Q_ADDPRIVS *q_u, LSA_R_ADDPRIVS *r_u
 	   account_pol.tdb was already opened as root, this is all we have */
 	   
 	get_current_user( &user, p );
-	if ( user.uid != sec_initial_uid() 
+	if ( user.ut.uid != sec_initial_uid() 
 		&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
 	{
 		return NT_STATUS_ACCESS_DENIED;
@@ -1239,7 +1239,7 @@ NTSTATUS _lsa_removeprivs(pipes_struct *p, LSA_Q_REMOVEPRIVS *q_u, LSA_R_REMOVEP
 	   account_pol.tdb was already opened as root, this is all we have */
 	   
 	get_current_user( &user, p );
-	if ( user.uid != sec_initial_uid()
+	if ( user.ut.uid != sec_initial_uid()
 		&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) ) 
 	{
 		return NT_STATUS_ACCESS_DENIED;
@@ -1401,7 +1401,7 @@ NTSTATUS _lsa_add_acct_rights(pipes_struct *p, LSA_Q_ADD_ACCT_RIGHTS *q_u, LSA_R
 	   account_pol.tdb was already opened as root, this is all we have */
 	   
 	get_current_user( &user, p );
-	if ( user.uid != sec_initial_uid()
+	if ( user.ut.uid != sec_initial_uid()
 		&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) ) 
 	{
 		return NT_STATUS_ACCESS_DENIED;
@@ -1459,7 +1459,7 @@ NTSTATUS _lsa_remove_acct_rights(pipes_struct *p, LSA_Q_REMOVE_ACCT_RIGHTS *q_u,
 	   account_pol.tdb was already opened as root, this is all we have */
 	   
 	get_current_user( &user, p );
-	if ( user.uid != sec_initial_uid()
+	if ( user.ut.uid != sec_initial_uid()
 		&& !nt_token_check_domain_rid( p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS ) )
 	{
 		return NT_STATUS_ACCESS_DENIED;
@@ -1573,4 +1573,3 @@ NTSTATUS _lsa_lookup_priv_value(pipes_struct *p, LSA_Q_LOOKUP_PRIV_VALUE *q_u, L
 
 	return NT_STATUS_OK;
 }
-
diff --git a/source3/rpc_server/srv_pipe.c b/source3/rpc_server/srv_pipe.c
index ecf79d0c1f..381adbe635 100644
--- a/source3/rpc_server/srv_pipe.c
+++ b/source3/rpc_server/srv_pipe.c
@@ -617,8 +617,8 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 
 	/* Set up for non-authenticated user. */
 	delete_nt_token(&p->pipe_user.nt_user_token);
-	p->pipe_user.ngroups = 0;
-	SAFE_FREE( p->pipe_user.groups);
+	p->pipe_user.ut.ngroups = 0;
+	SAFE_FREE( p->pipe_user.ut.groups);
 
 	status = auth_ntlmssp_update(a, *p_resp_blob, &reply);
 
@@ -641,8 +641,8 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 	 * Store the UNIX credential data (uid/gid pair) in the pipe structure.
 	 */
 
-	p->pipe_user.uid = a->server_info->uid;
-	p->pipe_user.gid = a->server_info->gid;
+	p->pipe_user.ut.uid = a->server_info->uid;
+	p->pipe_user.ut.gid = a->server_info->gid;
 	
 	/*
 	 * Copy the session key from the ntlmssp state.
@@ -654,9 +654,10 @@ static BOOL pipe_ntlmssp_verify_final(pipes_struct *p, DATA_BLOB *p_resp_blob)
 		return False;
 	}
 
-	p->pipe_user.ngroups = a->server_info->n_groups;
-	if (p->pipe_user.ngroups) {
-		if (!(p->pipe_user.groups = memdup(a->server_info->groups, sizeof(gid_t) * p->pipe_user.ngroups))) {
+	p->pipe_user.ut.ngroups = a->server_info->n_groups;
+	if (p->pipe_user.ut.ngroups) {
+		if (!(p->pipe_user.ut.groups = memdup(a->server_info->groups,
+						sizeof(gid_t) * p->pipe_user.ut.ngroups))) {
 			DEBUG(0,("failed to memdup group list to p->pipe_user.groups\n"));
 			return False;
 		}
diff --git a/source3/rpc_server/srv_pipe_hnd.c b/source3/rpc_server/srv_pipe_hnd.c
index 5fb84115cc..37d3ef64c0 100644
--- a/source3/rpc_server/srv_pipe_hnd.c
+++ b/source3/rpc_server/srv_pipe_hnd.c
@@ -343,8 +343,8 @@ static void *make_internal_rpc_pipe_p(char *pipe_name,
 
 	ZERO_STRUCT(p->pipe_user);
 
-	p->pipe_user.uid = (uid_t)-1;
-	p->pipe_user.gid = (gid_t)-1;
+	p->pipe_user.ut.uid = (uid_t)-1;
+	p->pipe_user.ut.gid = (gid_t)-1;
 	
 	/* Store the session key and NT_TOKEN */
 	if (vuser) {
@@ -1224,7 +1224,7 @@ static BOOL close_internal_rpc_pipe_hnd(void *np_conn)
 
 	delete_nt_token(&p->pipe_user.nt_user_token);
 	data_blob_free(&p->session_key);
-	SAFE_FREE(p->pipe_user.groups);
+	SAFE_FREE(p->pipe_user.ut.groups);
 
 	DLIST_REMOVE(InternalPipes, p);
 
diff --git a/source3/rpc_server/srv_spoolss_nt.c b/source3/rpc_server/srv_spoolss_nt.c
index 334158bbbd..a22d6db266 100644
--- a/source3/rpc_server/srv_spoolss_nt.c
+++ b/source3/rpc_server/srv_spoolss_nt.c
@@ -1620,9 +1620,9 @@ WERROR _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
 			/* if the user is not root, doesn't have SE_PRINT_OPERATOR privilege,
 			   and not a printer admin, then fail */
 			
-			if ( user.uid != 0
+			if ( user.ut.uid != 0
 				&& !user_has_privileges( user.nt_user_token, &se_printop )
-				&& !user_in_list(uidtoname(user.uid), lp_printer_admin(snum), user.groups, user.ngroups) )
+				&& !user_in_list(uidtoname(user.ut.uid), lp_printer_admin(snum), user.ut.groups, user.ut.ngroups) )
 			{
 				close_printer_handle(p, handle);
 				return WERR_ACCESS_DENIED;
@@ -1676,7 +1676,7 @@ WERROR _spoolss_open_printer_ex( pipes_struct *p, SPOOL_Q_OPEN_PRINTER_EX *q_u,
 			return WERR_ACCESS_DENIED;
 		}
 
-		if (!user_ok(uidtoname(user.uid), snum, user.groups, user.ngroups) || !print_access_check(&user, snum, printer_default->access_required)) {
+		if (!user_ok(uidtoname(user.ut.uid), snum, user.ut.groups, user.ut.ngroups) || !print_access_check(&user, snum, printer_default->access_required)) {
 			DEBUG(3, ("access DENIED for printer open\n"));
 			close_printer_handle(p, handle);
 			return WERR_ACCESS_DENIED;
@@ -1869,7 +1869,7 @@ static WERROR _spoolss_enddocprinter_internal(pipes_struct *p, POLICY_HND *handl
 		return WERR_BADFID;
 
 	Printer->document_started=False;
-	print_job_end(snum, Printer->jobid,True);
+	print_job_end(snum, Printer->jobid,NORMAL_CLOSE);
 	/* error codes unhandled so far ... */
 
 	return WERR_OK;
@@ -7554,12 +7554,12 @@ WERROR _spoolss_addprinterdriver(pipes_struct *p, SPOOL_Q_ADDPRINTERDRIVER *q_u,
 	    case 3:
 		fstrcpy(driver_name, driver.info_3->name ? driver.info_3->name : "");
 		sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.",
-			driver_name, get_drv_ver_to_os(driver.info_3->cversion),uidtoname(user.uid));
+			driver_name, get_drv_ver_to_os(driver.info_3->cversion),uidtoname(user.ut.uid));
 		break;
 	    case 6:   
 		fstrcpy(driver_name, driver.info_6->name ?  driver.info_6->name : "");
 		sys_adminlog(LOG_INFO,"Added printer driver. Print driver name: %s. Print driver OS: %s. Administrator name: %s.",
-			driver_name, get_drv_ver_to_os(driver.info_6->version),uidtoname(user.uid));
+			driver_name, get_drv_ver_to_os(driver.info_6->version),uidtoname(user.ut.uid));
 		break;
         }
 	/* END_ADMIN_LOG */
diff --git a/source3/rpc_server/srv_srvsvc_nt.c b/source3/rpc_server/srv_srvsvc_nt.c
index 65e0504e67..8150a8bf69 100644
--- a/source3/rpc_server/srv_srvsvc_nt.c
+++ b/source3/rpc_server/srv_srvsvc_nt.c
@@ -1401,7 +1401,7 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
 
 	/* fail out now if you are not root or not a domain admin */
 
-	if ((user.uid != sec_initial_uid()) && 
+	if ((user.ut.uid != sec_initial_uid()) && 
 		( ! nt_token_check_domain_rid(p->pipe_user.nt_user_token, DOMAIN_GROUP_RID_ADMINS))) {
 
 		goto done;
@@ -1412,7 +1412,7 @@ WERROR _srv_net_sess_del(pipes_struct *p, SRV_Q_NET_SESS_DEL *q_u, SRV_R_NET_SES
 		if ((strequal(session_list[snum].username, username) || username[0] == '\0' ) &&
 		    strequal(session_list[snum].remote_machine, machine)) {
 		
-			if (user.uid != sec_initial_uid()) {
+			if (user.ut.uid != sec_initial_uid()) {
 				not_root = True;
 				become_root();
 			}
@@ -1572,7 +1572,7 @@ WERROR _srv_net_share_set_info(pipes_struct *p, SRV_Q_NET_SHARE_SET_INFO *q_u, S
 	
 	/* fail out now if you are not root and not a disk op */
 	
-	if ( user.uid != sec_initial_uid() && !is_disk_op )
+	if ( user.ut.uid != sec_initial_uid() && !is_disk_op )
 		return WERR_ACCESS_DENIED;
 
 	switch (q_u->info_level) {
@@ -1739,7 +1739,7 @@ WERROR _srv_net_share_add(pipes_struct *p, SRV_Q_NET_SHARE_ADD *q_u, SRV_R_NET_S
 
 	is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
 
-	if (user.uid != sec_initial_uid()  && !is_disk_op ) 
+	if (user.ut.uid != sec_initial_uid()  && !is_disk_op ) 
 		return WERR_ACCESS_DENIED;
 
 	if (!lp_add_share_cmd() || !*lp_add_share_cmd()) {
@@ -1906,7 +1906,7 @@ WERROR _srv_net_share_del(pipes_struct *p, SRV_Q_NET_SHARE_DEL *q_u, SRV_R_NET_S
 
 	is_disk_op = user_has_privileges( p->pipe_user.nt_user_token, &se_diskop );
 
-	if (user.uid != sec_initial_uid()  && !is_disk_op ) 
+	if (user.ut.uid != sec_initial_uid()  && !is_disk_op ) 
 		return WERR_ACCESS_DENIED;
 
 	if (!lp_delete_share_cmd() || !*lp_delete_share_cmd()) {
@@ -2098,7 +2098,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
 
 	psd->dacl->revision = (uint16) NT4_ACL_REVISION;
 
-	close_file(fsp, True);
+	close_file(fsp, NORMAL_CLOSE);
 	unbecome_user();
 	close_cnum(conn, user.vuid);
 	return r_u->status;
@@ -2106,7 +2106,7 @@ WERROR _srv_net_file_query_secdesc(pipes_struct *p, SRV_Q_NET_FILE_QUERY_SECDESC
 error_exit:
 
 	if(fsp) {
-		close_file(fsp, True);
+		close_file(fsp, NORMAL_CLOSE);
 	}
 
 	if (became_user)
@@ -2207,7 +2207,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
 		goto error_exit;
 	}
 
-	close_file(fsp, True);
+	close_file(fsp, NORMAL_CLOSE);
 	unbecome_user();
 	close_cnum(conn, user.vuid);
 	return r_u->status;
@@ -2215,7 +2215,7 @@ WERROR _srv_net_file_set_secdesc(pipes_struct *p, SRV_Q_NET_FILE_SET_SECDESC *q_
 error_exit:
 
 	if(fsp) {
-		close_file(fsp, True);
+		close_file(fsp, NORMAL_CLOSE);
 	}
 
 	if (became_user) {