summaryrefslogtreecommitdiff
path: root/source3
diff options
context:
space:
mode:
authorAndrew Tridgell <tridge@samba.org>2001-07-08 18:25:19 +0000
committerAndrew Tridgell <tridge@samba.org>2001-07-08 18:25:19 +0000
commit955247fa38fcf5167edf7935a694e75514bc7dcf (patch)
tree0a446cf28cf939a727960db8fed8d418c3aa74cb /source3
parent3ad0801dd3e8a937493ea9a7395b727e809b5824 (diff)
downloadsamba-955247fa38fcf5167edf7935a694e75514bc7dcf.tar.gz
samba-955247fa38fcf5167edf7935a694e75514bc7dcf.tar.bz2
samba-955247fa38fcf5167edf7935a694e75514bc7dcf.zip
allow winbindd to run as non-root so we can test it more easily
(This used to be commit 001129e2153633dbd079889b11331e9c27786e5b)
Diffstat (limited to 'source3')
-rw-r--r--source3/nsswitch/wb_common.c6
-rw-r--r--source3/nsswitch/winbindd.c10
2 files changed, 7 insertions, 9 deletions
diff --git a/source3/nsswitch/wb_common.c b/source3/nsswitch/wb_common.c
index 8376007424..ed0075a358 100644
--- a/source3/nsswitch/wb_common.c
+++ b/source3/nsswitch/wb_common.c
@@ -99,7 +99,8 @@ static int open_pipe_sock(void)
return -1;
}
- if (!S_ISDIR(st.st_mode) || (st.st_uid != 0)) {
+ if (!S_ISDIR(st.st_mode) ||
+ (st.st_uid != 0 && st.st_uid != geteuid())) {
return -1;
}
@@ -128,7 +129,8 @@ static int open_pipe_sock(void)
/* Check permissions on unix socket file */
- if (!S_ISSOCK(st.st_mode) || (st.st_uid != 0)) {
+ if (!S_ISSOCK(st.st_mode) ||
+ (st.st_uid != 0 && st.st_uid != geteuid())) {
return -1;
}
diff --git a/source3/nsswitch/winbindd.c b/source3/nsswitch/winbindd.c
index 9371078a79..b81d60dc66 100644
--- a/source3/nsswitch/winbindd.c
+++ b/source3/nsswitch/winbindd.c
@@ -167,7 +167,8 @@ static int create_sock(void)
return -1;
}
- if ((st.st_uid != 0) || ((st.st_mode & 0777) != 0755)) {
+ if ((st.st_uid != sec_initial_uid()) ||
+ ((st.st_mode & 0777) != 0755)) {
DEBUG(0, ("invalid permissions on socket directory %s\n",
WINBINDD_SOCKET_DIR));
return -1;
@@ -645,12 +646,7 @@ int main(int argc, char **argv)
BOOL interactive = False;
int opt, new_debuglevel = -1;
- /* Must be root */
-
- if(geteuid() != (uid_t)0) {
- fprintf(stderr, "Must have effective user id of zero.\n");
- exit(1);
- }
+ sec_init();
/* Set environment variable so we don't recursively call ourselves.
This may also be useful interactively. */