summaryrefslogtreecommitdiff
path: root/source3/smbd
diff options
context:
space:
mode:
authorJeremy Allison <jra@samba.org>2007-06-08 19:58:32 +0000
committerGerald (Jerry) Carter <jerry@samba.org>2007-10-10 12:23:12 -0500
commit0a1f5d71e4ad551f178613fff8bd288ad0cad057 (patch)
tree10dabb1e2aaa2bc3f0c8041faa69afc9661716f2 /source3/smbd
parent334c961cc55aafb6b5587ba8ab517b94f1cbe278 (diff)
downloadsamba-0a1f5d71e4ad551f178613fff8bd288ad0cad057.tar.gz
samba-0a1f5d71e4ad551f178613fff8bd288ad0cad057.tar.bz2
samba-0a1f5d71e4ad551f178613fff8bd288ad0cad057.zip
r23391: Second part of the patch for Apple.
Change the sequence : gain_root(); sys_setgroups(ngroups, groups); become_id(uid, gid); to a function call : set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups) James - should be safe for you to create a Darwin-specific version of this function now. Jeremy. (This used to be commit 8ee982b3678be41ce8b4f4c1df428dcbf897ccbe)
Diffstat (limited to 'source3/smbd')
-rw-r--r--source3/smbd/sec_ctx.c36
1 files changed, 22 insertions, 14 deletions
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index 14faba5ee3..fd79fbb7fe 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -228,6 +228,21 @@ BOOL push_sec_ctx(void)
}
/****************************************************************************
+ Change UNIX security context. Calls panic if not successful so no return value.
+****************************************************************************/
+
+static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
+{
+ /* Start context switch */
+ gain_root();
+#ifdef HAVE_SETGROUPS
+ sys_setgroups(ngroups, groups);
+#endif
+ become_id(uid, gid);
+ /* end context switch */
+}
+
+/****************************************************************************
Set the current security context to a given user.
****************************************************************************/
@@ -243,13 +258,8 @@ void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups, NT_USER_TOKEN
debug_nt_user_token(DBGC_CLASS, 5, token);
debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups);
- /* Start context switch */
- gain_root();
-#ifdef HAVE_SETGROUPS
- sys_setgroups(ngroups, groups);
-#endif
- become_id(uid, gid);
- /* end context switch */
+ /* Change uid, gid and supplementary group list. */
+ set_unix_security_ctx(uid, gid, ngroups, groups);
ctx_p->ut.ngroups = ngroups;
@@ -336,13 +346,11 @@ BOOL pop_sec_ctx(void)
prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx];
- /* Start context switch */
- gain_root();
-#ifdef HAVE_SETGROUPS
- sys_setgroups(prev_ctx_p->ut.ngroups, prev_ctx_p->ut.groups);
-#endif
- become_id(prev_ctx_p->ut.uid, prev_ctx_p->ut.gid);
- /* end context switch */
+ /* Change uid, gid and supplementary group list. */
+ set_unix_security_ctx(prev_ctx_p->ut.uid,
+ prev_ctx_p->ut.gid,
+ prev_ctx_p->ut.ngroups,
+ prev_ctx_p->ut.groups);
/* Update current_user stuff */