summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/include/proto.h3
-rw-r--r--source3/modules/vfs_readonly.c13
-rw-r--r--source3/smbd/share_access.c6
-rw-r--r--source3/smbd/uid.c3
4 files changed, 21 insertions, 4 deletions
diff --git a/source3/include/proto.h b/source3/include/proto.h
index 5f9203a21f..33425849d1 100644
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8459,7 +8459,8 @@ bool user_ok_token(const char *username, const char *domain,
struct nt_user_token *token, int snum);
bool is_share_read_only_for_token(const char *username,
const char *domain,
- struct nt_user_token *token, int snum);
+ struct nt_user_token *token,
+ connection_struct *conn);
/* The following definitions come from smbd/srvstr.c */
diff --git a/source3/modules/vfs_readonly.c b/source3/modules/vfs_readonly.c
index d4ddf32e3a..58c83e5e1b 100644
--- a/source3/modules/vfs_readonly.c
+++ b/source3/modules/vfs_readonly.c
@@ -64,12 +64,25 @@ static int readonly_connect(vfs_handle_struct *handle,
"period", period_def);
if (period && period[0] && period[1]) {
+ int i;
time_t current_time = time(NULL);
time_t begin_period = get_date(period[0], &current_time);
time_t end_period = get_date(period[1], &current_time);
if ((current_time >= begin_period) && (current_time <= end_period)) {
+ connection_struct *conn = handle->conn;
+
handle->conn->read_only = True;
+
+ /* Wipe out the VUID cache. */
+ for (i=0; i< VUID_CACHE_SIZE; i++) {
+ struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i];
+ ent->vuid = UID_FIELD_INVALID;
+ TALLOC_FREE(ent->server_info);
+ ent->read_only = false;
+ ent->admin_user = false;
+ }
+ conn->vuid_cache.next_entry = 0;
}
return SMB_VFS_NEXT_CONNECT(handle, service, user);
diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index f5f79c86e5..9dbacc2998 100644
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -252,9 +252,11 @@ bool user_ok_token(const char *username, const char *domain,
bool is_share_read_only_for_token(const char *username,
const char *domain,
- struct nt_user_token *token, int snum)
+ struct nt_user_token *token,
+ connection_struct *conn)
{
- bool result = lp_readonly(snum);
+ int snum = SNUM(conn);
+ bool result = conn->read_only;
if (lp_readlist(snum) != NULL) {
if (token_contains_name_in_list(username, domain,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 045de6f2d3..c238f40cfd 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -88,7 +88,8 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid,
readonly_share = is_share_read_only_for_token(
server_info->unix_name,
pdb_get_domain(server_info->sam_account),
- server_info->ptok, snum);
+ server_info->ptok,
+ conn);
if (!readonly_share &&
!share_access_check(server_info->ptok, lp_servicename(snum),