diff options
Diffstat (limited to 'source3/smbd/service.c')
| -rw-r--r-- | source3/smbd/service.c | 39 |
1 files changed, 17 insertions, 22 deletions
diff --git a/source3/smbd/service.c b/source3/smbd/service.c index a8a590da80..6f83a2d3b7 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -305,7 +305,6 @@ static void set_admin_user(connection_struct *conn) #endif ) { conn->admin_user = True; - conn->force_user = True; /* Admin users are effectivly 'forced' */ DEBUG(0,("%s logged in as admin user (root privileges)\n",conn->user)); } else { conn->admin_user = False; @@ -330,6 +329,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, { struct passwd *pass = NULL; BOOL guest = False; + BOOL force = False; connection_struct *conn; struct stat st; fstring user; @@ -349,6 +349,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, if (lp_guest_only(snum)) { const char *guestname = lp_guestaccount(); guest = True; + force = True; pass = getpwnam_alloc(guestname); if (!pass) { DEBUG(0,("authorise_login: Invalid guest account %s??\n",guestname)); @@ -396,7 +397,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, return NULL; } pass = Get_Pwnam(user); - conn->force_user = True; + conn->force_user = force; conn->uid = pass->pw_uid; conn->gid = pass->pw_gid; string_set(&conn->user, pass->pw_name); @@ -433,7 +434,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, /* * If force user is true, then store the - * given userid and also the groups + * given userid and also the primary groupid * of the user we're forcing. */ @@ -491,7 +492,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, gid = nametogid(gname); if (gid != (gid_t)-1) { - /* * If the user has been forced and the forced group starts * with a '+', then we only set the group to be the forced @@ -507,7 +507,6 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, conn->gid = gid; DEBUG(3,("Forced group %s\n",gname)); } - conn->force_group = True; } else { DEBUG(1,("Couldn't find group %s\n",gname)); conn_free(conn); @@ -525,27 +524,23 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, DEBUG(3,("Connect path is '%s' for service [%s]\n",s, lp_servicename(snum))); } - if (conn->force_user || conn->force_group) { - - /* groups stuff added by ih */ - conn->ngroups = 0; - conn->groups = NULL; - - /* Find all the groups this uid is in and - store them. Used by change_to_user() */ - initialise_groups(conn->user, conn->uid, conn->gid); - get_current_groups(conn->gid, &conn->ngroups,&conn->groups); + /* groups stuff added by ih */ + conn->ngroups = 0; + conn->groups = NULL; + + /* Find all the groups this uid is in and + store them. Used by change_to_user() */ + initialise_groups(conn->user, conn->uid, conn->gid); + get_current_groups(conn->gid, &conn->ngroups,&conn->groups); - conn->nt_user_token = create_nt_token(conn->uid, conn->gid, - conn->ngroups, conn->groups, - guest); - } + conn->nt_user_token = create_nt_token(conn->uid, conn->gid, + conn->ngroups, conn->groups, + guest, NULL); /* * New code to check if there's a share security descripter * added from NT server manager. This is done after the * smb.conf checks are done as we need a uid and token. JRA. - * */ { @@ -578,7 +573,7 @@ static connection_struct *make_connection_snum(int snum, user_struct *vuser, if (!claim_connection(conn, lp_servicename(SNUM(conn)), lp_max_connections(SNUM(conn)), - False,0)) { + False)) { DEBUG(1,("too many connections - rejected\n")); conn_free(conn); *status = NT_STATUS_INSUFFICIENT_RESOURCES; @@ -808,7 +803,7 @@ connection_struct *make_connection(const char *service_in, DATA_BLOB password, } else if ((lp_security() != SEC_SHARE) && (vuser->homes_snum != -1) && strequal(service_in, lp_servicename(vuser->homes_snum))) { DATA_BLOB no_pw = data_blob(NULL, 0); - DEBUG(5, ("making a connection to 'homes' service [%s] created at session setup time\n", service_in)); + DEBUG(5, ("making a connection to 'homes' service [%s] created at session setup time\n", service)); return make_connection_snum(vuser->homes_snum, vuser, no_pw, dev, status); |