summaryrefslogtreecommitdiff
path: root/source3/smbd/uid.c
diff options
context:
space:
mode:
Diffstat (limited to 'source3/smbd/uid.c')
-rw-r--r--source3/smbd/uid.c74
1 files changed, 58 insertions, 16 deletions
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 2ec50cd4d8..3bf5a7ee49 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -167,6 +167,9 @@ static bool check_user_ok(connection_struct *conn,
conn->read_only = readonly_share;
conn->admin_user = admin_user;
+ if (conn->admin_user) {
+ conn->server_info->utok.uid = sec_initial_uid();
+ }
return(True);
}
@@ -278,26 +281,22 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
return false;
}
+ /* security = share sets force_user. */
+ if (!conn->force_user && !vuser) {
+ DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
+ "share %s.\n",vuid, lp_servicename(snum) ));
+ return False;
+ }
+
/*
* conn->server_info is now correctly set up with a copy we can mess
* with for force_group etc.
*/
- if (conn->force_user) /* security = share sets this too */ {
- uid = conn->server_info->utok.uid;
- gid = conn->server_info->utok.gid;
- group_list = conn->server_info->utok.groups;
- num_groups = conn->server_info->utok.ngroups;
- } else if (vuser) {
- uid = conn->admin_user ? 0 : vuser->server_info->utok.uid;
- gid = conn->server_info->utok.gid;
- num_groups = conn->server_info->utok.ngroups;
- group_list = conn->server_info->utok.groups;
- } else {
- DEBUG(2,("change_to_user: Invalid vuid used %d in accessing "
- "share %s.\n",vuid, lp_servicename(snum) ));
- return False;
- }
+ uid = conn->server_info->utok.uid;
+ gid = conn->server_info->utok.gid;
+ num_groups = conn->server_info->utok.ngroups;
+ group_list = conn->server_info->utok.groups;
/*
* See if we should force group for this service.
@@ -342,7 +341,7 @@ bool change_to_user(connection_struct *conn, uint16 vuid)
set_sec_ctx() */
current_user.ut.ngroups = num_groups;
- current_user.ut.groups = group_list;
+ current_user.ut.groups = group_list;
set_sec_ctx(uid, gid, current_user.ut.ngroups, current_user.ut.groups,
conn->server_info->ptok);
@@ -505,3 +504,46 @@ bool unbecome_user(void)
pop_conn_ctx();
return True;
}
+
+/****************************************************************************
+ Return the current user we are running effectively as on this connection.
+ I'd like to make this return conn->server_info->utok.uid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+uid_t get_current_uid(connection_struct *conn)
+{
+ return current_user.ut.uid;
+}
+
+/****************************************************************************
+ Return the current group we are running effectively as on this connection.
+ I'd like to make this return conn->server_info->utok.gid, but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+gid_t get_current_gid(connection_struct *conn)
+{
+ return current_user.ut.gid;
+}
+
+/****************************************************************************
+ Return the UNIX token we are running effectively as on this connection.
+ I'd like to make this return &conn->server_info->utok, but become_root()
+ doesn't alter this value.
+****************************************************************************/
+
+const UNIX_USER_TOKEN *get_current_utok(connection_struct *conn)
+{
+ return &current_user.ut;
+}
+
+const NT_USER_TOKEN *get_current_nttok(connection_struct *conn)
+{
+ return current_user.nt_user_token;
+}
+
+uint16_t get_current_vuid(connection_struct *conn)
+{
+ return current_user.vuid;
+}