summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/lib/debug.c4
-rw-r--r--source3/lib/messages.c9
-rw-r--r--source3/lib/util_sec.c24
-rw-r--r--source3/passdb/lookup_sid.c24
-rw-r--r--source3/passdb/passdb.c8
-rw-r--r--source3/smbd/quotas.c30
6 files changed, 41 insertions, 58 deletions
diff --git a/source3/lib/debug.c b/source3/lib/debug.c
index a2e8574bbd..138c52cdce 100644
--- a/source3/lib/debug.c
+++ b/source3/lib/debug.c
@@ -695,7 +695,7 @@ void check_log_size( void )
if( sys_fstat( x_fileno( dbf ), &st ) == 0 && st.st_size > maxlog ) {
- become_root_uid_only();
+ become_root();
(void)reopen_logs();
if( dbf && get_file_size( debugf ) > maxlog ) {
@@ -710,7 +710,7 @@ void check_log_size( void )
}
}
- unbecome_root_uid_only();
+ unbecome_root();
}
/*
diff --git a/source3/lib/messages.c b/source3/lib/messages.c
index 336a9349e6..316854f643 100644
--- a/source3/lib/messages.c
+++ b/source3/lib/messages.c
@@ -183,13 +183,18 @@ static NTSTATUS message_notify(struct process_id procid)
SMB_ASSERT(pid > 0);
if (euid != 0) {
- become_root_uid_only();
+ /* If we're not root become so to send the message. */
+ save_re_uid();
+ set_effective_uid(0);
}
ret = kill(pid, SIGUSR1);
if (euid != 0) {
- unbecome_root_uid_only();
+ /* Go back to who we were. */
+ int saved_errno = errno;
+ restore_re_uid_fromroot();
+ errno = saved_errno;
}
if (ret == -1) {
diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c
index 3d997ee76a..1899208697 100644
--- a/source3/lib/util_sec.c
+++ b/source3/lib/util_sec.c
@@ -265,7 +265,7 @@ void save_re_uid(void)
and restore them!
****************************************************************************/
-static void restore_re_uid_fromroot(void)
+void restore_re_uid_fromroot(void)
{
#if USE_SETRESUID
setresuid(saved_ruid, saved_euid, -1);
@@ -292,28 +292,6 @@ void restore_re_uid(void)
}
/****************************************************************************
- Lightweight become root - no group change.
-****************************************************************************/
-
-void become_root_uid_only(void)
-{
- save_re_uid();
- set_effective_uid(0);
-}
-
-/****************************************************************************
- Lightweight unbecome root - no group change. Expects we are root already,
- saves errno across call boundary.
-****************************************************************************/
-
-void unbecome_root_uid_only(void)
-{
- int saved_errno = errno;
- restore_re_uid_fromroot();
- errno = saved_errno;
-}
-
-/****************************************************************************
save the real and effective gid for later restoration. Used by the
getgroups code
****************************************************************************/
diff --git a/source3/passdb/lookup_sid.c b/source3/passdb/lookup_sid.c
index cd9d8d7092..b260d8ce57 100644
--- a/source3/passdb/lookup_sid.c
+++ b/source3/passdb/lookup_sid.c
@@ -465,10 +465,10 @@ static BOOL lookup_rids(TALLOC_CTX *mem_ctx, const DOM_SID *domain_sid,
return False;
}
- become_root_uid_only();
+ become_root();
result = pdb_lookup_rids(domain_sid, num_rids, rids,
*names, *types);
- unbecome_root_uid_only();
+ unbecome_root();
return (NT_STATUS_IS_OK(result) ||
NT_STATUS_EQUAL(result, NT_STATUS_NONE_MAPPED) ||
@@ -1127,9 +1127,9 @@ void legacy_uid_to_sid(DOM_SID *psid, uid_t uid)
ZERO_STRUCTP(psid);
- become_root_uid_only();
+ become_root();
ret = pdb_uid_to_rid(uid, &rid);
- unbecome_root_uid_only();
+ unbecome_root();
if (ret) {
/* This is a mapped user */
@@ -1160,9 +1160,9 @@ void legacy_gid_to_sid(DOM_SID *psid, gid_t gid)
ZERO_STRUCTP(psid);
- become_root_uid_only();
+ become_root();
ret = pdb_gid_to_sid(gid, psid);
- unbecome_root_uid_only();
+ unbecome_root();
if (ret) {
/* This is a mapped group */
@@ -1200,9 +1200,9 @@ BOOL legacy_sid_to_uid(const DOM_SID *psid, uid_t *puid)
union unid_t id;
BOOL ret;
- become_root_uid_only();
+ become_root();
ret = pdb_sid_to_id(psid, &id, &type);
- unbecome_root_uid_only();
+ unbecome_root();
if (ret) {
if (type != SID_NAME_USER) {
@@ -1251,9 +1251,9 @@ BOOL legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid)
sid_check_is_in_wellknown_domain(psid))) {
BOOL ret;
- become_root_uid_only();
+ become_root();
ret = pdb_getgrsid(&map, *psid);
- unbecome_root_uid_only();
+ unbecome_root();
if (ret) {
*pgid = map.gid;
@@ -1266,9 +1266,9 @@ BOOL legacy_sid_to_gid(const DOM_SID *psid, gid_t *pgid)
if (sid_peek_check_rid(get_global_sam_sid(), psid, &rid)) {
BOOL ret;
- become_root_uid_only();
+ become_root();
ret = pdb_sid_to_id(psid, &id, &type);
- unbecome_root_uid_only();
+ unbecome_root();
if (ret) {
if ((type != SID_NAME_DOM_GRP) &&
diff --git a/source3/passdb/passdb.c b/source3/passdb/passdb.c
index a061977f3c..0ad5e21c78 100644
--- a/source3/passdb/passdb.c
+++ b/source3/passdb/passdb.c
@@ -1390,9 +1390,9 @@ BOOL pdb_update_bad_password_count(struct samu *sampass, BOOL *updated)
return True;
}
- become_root_uid_only();
+ become_root();
res = pdb_get_account_policy(AP_RESET_COUNT_TIME, &resettime);
- unbecome_root_uid_only();
+ unbecome_root();
if (!res) {
DEBUG(0, ("pdb_update_bad_password_count: pdb_get_account_policy failed.\n"));
@@ -1435,9 +1435,9 @@ BOOL pdb_update_autolock_flag(struct samu *sampass, BOOL *updated)
return True;
}
- become_root_uid_only();
+ become_root();
res = pdb_get_account_policy(AP_LOCK_ACCOUNT_DURATION, &duration);
- unbecome_root_uid_only();
+ unbecome_root();
if (!res) {
DEBUG(0, ("pdb_update_autolock_flag: pdb_get_account_policy failed.\n"));
diff --git a/source3/smbd/quotas.c b/source3/smbd/quotas.c
index 0492130950..ddfcb8e0f8 100644
--- a/source3/smbd/quotas.c
+++ b/source3/smbd/quotas.c
@@ -238,7 +238,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
if (!found)
return(False);
- become_root_uid_only();
+ become_root();
if (strcmp(mnt->mnt_type, "xfs")==0) {
r=get_smb_linux_xfs_quota(mnt->mnt_fsname, euser_id, egrp_id, &D);
@@ -251,7 +251,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
}
}
- unbecome_root_uid_only();
+ unbecome_root();
/* Use softlimit to determine disk space, except when it has been exceeded */
*bsize = D.bsize;
@@ -655,20 +655,20 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
if ( ! found )
return(False) ;
- become_root_uid_only();
+ become_root();
#if defined(SUNOS5)
if ( strcmp( mnt.mnt_fstype, "nfs" ) == 0) {
BOOL retval;
DEBUG(5,("disk_quotas: looking for mountpath (NFS) \"%s\"\n", mnt.mnt_special));
retval = nfs_quotas(mnt.mnt_special, euser_id, bsize, dfree, dsize);
- unbecome_root_uid_only();
+ unbecome();
return retval;
}
DEBUG(5,("disk_quotas: looking for quotas file \"%s\"\n", name));
if((file=sys_open(name, O_RDONLY,0))<0) {
- unbecome_root_uid_only();
+ unbecome_root();
return(False);
}
command.op = Q_GETQUOTA;
@@ -681,7 +681,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
ret = quotactl(Q_GETQUOTA, name, euser_id, &D);
#endif
- unbecome_root_uid_only();
+ unbecome_root();
if (ret < 0) {
DEBUG(5,("disk_quotas ioctl (Solaris) failed. Error = %s\n", strerror(errno) ));
@@ -841,7 +841,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
}
euser_id=geteuid();
- become_root_uid_only();
+ become_root();
/* Use softlimit to determine disk space, except when it has been exceeded */
@@ -851,7 +851,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
{
r=quotactl (Q_GETQUOTA, mnt->mnt_fsname, euser_id, (caddr_t) &D);
- unbecome_root_uid_only();
+ unbecome_root();
if (r==-1)
return(False);
@@ -882,7 +882,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
{
r=quotactl (Q_XGETQUOTA, mnt->mnt_fsname, euser_id, (caddr_t) &F);
- unbecome_root_uid_only();
+ unbecome_root();
if (r==-1)
{
@@ -916,7 +916,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
}
else
{
- unbecome_root_uid_only();
+ unbecome_root();
return(False);
}
@@ -1184,13 +1184,13 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
return False;
#endif
- become_root_uid_only();
+ become_root();
#if defined(__FreeBSD__) || defined(__DragonFly__)
if (strcmp(mnts[i].f_fstypename,"nfs") == 0) {
BOOL retval;
retval = nfs_quotas(mnts[i].f_mntfromname,euser_id,bsize,dfree,dsize);
- unbecome_root_uid_only();
+ unbecome_root();
return retval;
}
#endif
@@ -1204,7 +1204,7 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
r= quotactl(path,QCMD(Q_GETQUOTA,GRPQUOTA),egrp_id,(char *) &D);
}
- unbecome_root_uid_only();
+ unbecome_root();
}
#elif defined(AIX)
/* AIX has both USER and GROUP quotas:
@@ -1218,9 +1218,9 @@ BOOL disk_quotas(const char *path, SMB_BIG_UINT *bsize, SMB_BIG_UINT *dfree, SMB
if(statbuf.f_vfstype == MNT_J2)
{
/* For some reason we need to be root for jfs2 */
- become_root_uid_only();
+ become_root();
r = quotactl(path,QCMD(Q_J2GETQUOTA,USRQUOTA),euser_id,(char *) &user_quota);
- unbecome_root_uid_only();
+ unbecome_root();
/* Copy results to old struct to let the following code work as before */
D.dqb_curblocks = user_quota.bused;
D.dqb_bsoftlimit = user_quota.bsoft;