summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
-rw-r--r--source3/smbd/sec_ctx.c42
1 files changed, 42 insertions, 0 deletions
diff --git a/source3/smbd/sec_ctx.c b/source3/smbd/sec_ctx.c
index f185ffcdaa..0cab2a7e9c 100644
--- a/source3/smbd/sec_ctx.c
+++ b/source3/smbd/sec_ctx.c
@@ -211,6 +211,48 @@ NT_USER_TOKEN *dup_nt_token(NT_USER_TOKEN *ptoken)
}
/****************************************************************************
+ Initialize the groups a user belongs to.
+****************************************************************************/
+
+BOOL initialise_groups(char *user, uid_t uid, gid_t gid)
+{
+ struct sec_ctx *prev_ctx_p;
+ BOOL result = True;
+
+ become_root();
+
+ /* Call initgroups() to get user groups */
+
+ if (initgroups(user,gid) == -1) {
+ DEBUG(0,("Unable to initgroups. Error was %s\n", strerror(errno) ));
+ if (getuid() == 0) {
+ if (gid < 0 || gid > 32767 || uid < 0 || uid > 32767) {
+ DEBUG(0,("This is probably a problem with the account %s\n", user));
+ }
+ }
+ result = False;
+ goto done;
+ }
+
+ /* Store groups in previous user's security context. This will
+ always work as the become_root() call increments the stack
+ pointer. */
+
+ prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx - 1];
+
+ safe_free(prev_ctx_p->groups);
+ prev_ctx_p->groups = NULL;
+ prev_ctx_p->ngroups = 0;
+
+ get_current_groups(&prev_ctx_p->ngroups, &prev_ctx_p->groups);
+
+ done:
+ unbecome_root();
+
+ return result;
+}
+
+/****************************************************************************
Create a new security context on the stack. It is the same as the old
one. User changes are done using the set_sec_ctx() function.
****************************************************************************/