diff options
-rw-r--r-- | source3/Makefile.in | 5 | ||||
-rw-r--r-- | source3/lib/util_sec.c | 55 | ||||
-rw-r--r-- | source3/lib/util_sock.c | 28 | ||||
-rw-r--r-- | source3/libsmb/cliconnect.c | 5 | ||||
-rw-r--r-- | source3/smbd/server.c | 12 |
5 files changed, 59 insertions, 46 deletions
diff --git a/source3/Makefile.in b/source3/Makefile.in index bf13115445..6f2334a068 100644 --- a/source3/Makefile.in +++ b/source3/Makefile.in @@ -709,11 +709,14 @@ winbindd_proto: -h _WINBINDD_PROTO_H_ nsswitch/winbindd_proto.h \ $(WINBINDD_OBJ1) +delproto: + @/bin/rm -f include/proto.h + include/proto.h: @echo rebuilding include/proto.h @cd $(srcdir) && $(AWK) -f script/mkproto.awk `echo $(PROTO_OBJ) | tr ' ' '\n' | sed -e 's/\.o/\.c/g' | sort -u | egrep -v 'ubiqx/|wrapped'` > include/proto.h -proto: include/proto.h +proto: delproto include/proto.h etags: etags `find $(srcdir) -name "*.[ch]" | grep -v /CVS/` diff --git a/source3/lib/util_sec.c b/source3/lib/util_sec.c index 164e6ab506..c62df82396 100644 --- a/source3/lib/util_sec.c +++ b/source3/lib/util_sec.c @@ -44,6 +44,31 @@ extern int DEBUGLEVEL; #define smb_panic(x) exit(1) #endif +/* are we running as non-root? This is used by the regresison test code, + and potentially also for sites that want non-root smbd */ +static uid_t initial_uid; + +/**************************************************************************** +remember what uid we got started as - this allows us to run correctly +as non-root while catching trapdoor systems +****************************************************************************/ +void sec_init(void) +{ + initial_uid = geteuid(); + if (initial_uid != (uid_t)0) { + /* the DEBUG() subsystem has not been initialised when this is called */ + fprintf(stderr, "WARNING: running as non-root. Some functionality will be missing\n"); + } +} + +/**************************************************************************** +are we running in non-root mode? +****************************************************************************/ +BOOL non_root_mode(void) +{ + return (initial_uid != (uid_t)0); +} + /**************************************************************************** abort if we haven't set the uid correctly ****************************************************************************/ @@ -51,13 +76,13 @@ static void assert_uid(uid_t ruid, uid_t euid) { if ((euid != (uid_t)-1 && geteuid() != euid) || (ruid != (uid_t)-1 && getuid() != ruid)) { -#ifndef SMB_REGRESSION_TEST - DEBUG(0,("Failed to set uid privileges to (%d,%d) now set to (%d,%d)\n", - (int)ruid, (int)euid, - (int)getuid(), (int)geteuid())); - smb_panic("failed to set uid\n"); - exit(1); -#endif + if (!non_root_mode()) { + DEBUG(0,("Failed to set uid privileges to (%d,%d) now set to (%d,%d)\n", + (int)ruid, (int)euid, + (int)getuid(), (int)geteuid())); + smb_panic("failed to set uid\n"); + exit(1); + } } } @@ -68,14 +93,14 @@ static void assert_gid(gid_t rgid, gid_t egid) { if ((egid != (gid_t)-1 && getegid() != egid) || (rgid != (gid_t)-1 && getgid() != rgid)) { -#ifndef SMB_REGRESSION_TEST - DEBUG(0,("Failed to set gid privileges to (%d,%d) now set to (%d,%d) uid=(%d,%d)\n", - (int)rgid, (int)egid, - (int)getgid(), (int)getegid(), - (int)getuid(), (int)geteuid())); - smb_panic("failed to set gid\n"); - exit(1); -#endif + if (!non_root_mode()) { + DEBUG(0,("Failed to set gid privileges to (%d,%d) now set to (%d,%d) uid=(%d,%d)\n", + (int)rgid, (int)egid, + (int)getgid(), (int)getegid(), + (int)getuid(), (int)geteuid())); + smb_panic("failed to set gid\n"); + exit(1); + } } } diff --git a/source3/lib/util_sock.c b/source3/lib/util_sock.c index 426d0572f1..7f8b83ec7d 100644 --- a/source3/lib/util_sock.c +++ b/source3/lib/util_sock.c @@ -1146,36 +1146,33 @@ int create_pipe_socket(char *dir, int dir_perms, return s; } -#ifdef SMB_REGRESSION_TEST /******************************************************************* this is like socketpair but uses tcp. It is used by the Samba -user testing +regression test code +The function guarantees that nobody else can attach to the socket, +or if they do that this function fails and the socket gets closed +returns 0 on success, -1 on failure +the resulting file descriptors are symmetrical ******************************************************************/ static int socketpair_tcp(int fd[2]) { int listener; struct sockaddr sock; socklen_t socklen = sizeof(sock); - int len = socklen; - int one = 1; int connect_done = 0; - + fd[0] = fd[1] = listener = -1; memset(&sock, 0, sizeof(sock)); if ((listener = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; - setsockopt(listener,SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof(one)); - if (listen(listener, 1) != 0) goto failed; if (getsockname(listener, &sock, &socklen) != 0) goto failed; if ((fd[1] = socket(PF_INET, SOCK_STREAM, 0)) == -1) goto failed; - setsockopt(fd[1],SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof(one)); - set_blocking(fd[1], 0); if (connect(fd[1],(struct sockaddr *)&sock,sizeof(sock)) == -1) { @@ -1184,9 +1181,7 @@ static int socketpair_tcp(int fd[2]) connect_done = 1; } - if ((fd[0] = accept(listener, &sock, &len)) == -1) goto failed; - - setsockopt(fd[0],SOL_SOCKET,SO_REUSEADDR,(char *)&one,sizeof(one)); + if ((fd[0] = accept(listener, &sock, &socklen)) == -1) goto failed; close(listener); if (connect_done == 0) { @@ -1208,9 +1203,12 @@ static int socketpair_tcp(int fd[2]) /******************************************************************* run a program on a local tcp socket, this is used to launch smbd -in the test code +when regression testing +the return value is a socket which is attached to a subprocess +running "prog". stdin and stdout are attached. stderr is left +attached to the original stderr ******************************************************************/ -int sock_exec(char *prog) +int sock_exec(const char *prog) { int fd[2]; if (socketpair_tcp(fd) != 0) return -1; @@ -1225,4 +1223,4 @@ int sock_exec(char *prog) close(fd[1]); return fd[0]; } -#endif + diff --git a/source3/libsmb/cliconnect.c b/source3/libsmb/cliconnect.c index 034208f3b2..67eef52583 100644 --- a/source3/libsmb/cliconnect.c +++ b/source3/libsmb/cliconnect.c @@ -579,12 +579,9 @@ BOOL cli_connect(struct cli_state *cli, const char *host, struct in_addr *ip) if (cli->port == 0) cli->port = 139; /* Set to default */ -#ifdef SMB_REGRESSION_TEST if (getenv("LIBSMB_PROG")) { cli->fd = sock_exec(getenv("LIBSMB_PROG")); - } else -#endif - { + } else { cli->fd = open_socket_out(SOCK_STREAM, &cli->dest_ip, cli->port, cli->timeout); } diff --git a/source3/smbd/server.c b/source3/smbd/server.c index f4c82839bb..17b7774b1d 100644 --- a/source3/smbd/server.c +++ b/source3/smbd/server.c @@ -621,17 +621,7 @@ static void usage(char *pname) setluid(0); #endif - /* - * gain_root_privilege uses an assert than will cause a core - * dump if euid != 0. Ensure this is the case. - */ - -#ifndef SMB_REGRESSION_TEST - if(geteuid() != (uid_t)0) { - fprintf(stderr, "%s: Version %s : Must have effective user id of zero to run.\n", argv[0], VERSION); - exit(1); - } -#endif + sec_init(); append_log = True; |