diff options
Diffstat (limited to 'source4')
-rw-r--r-- | source4/heimdal_build/config.h | 6 | ||||
-rw-r--r-- | source4/include/includes.h | 6 | ||||
-rw-r--r-- | source4/ntvfs/posix/pvfs_acl.c | 14 |
3 files changed, 17 insertions, 9 deletions
diff --git a/source4/heimdal_build/config.h b/source4/heimdal_build/config.h index 8830942e30..8c0e6b0475 100644 --- a/source4/heimdal_build/config.h +++ b/source4/heimdal_build/config.h @@ -27,9 +27,13 @@ #undef HAVE_KRB5_ENCRYPT_BLOCK -#if defined(UID_WRAPPER) && !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) +#if defined(UID_WRAPPER) +#if !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) #define UID_WRAPPER_REPLACE #include "../uid_wrapper/uid_wrapper.h" #endif +#else +#define uwrap_enabled() 0 +#endif #endif diff --git a/source4/include/includes.h b/source4/include/includes.h index 37c6115f0f..e94c0fe633 100644 --- a/source4/include/includes.h +++ b/source4/include/includes.h @@ -73,9 +73,13 @@ #define TALLOC_ABORT(reason) smb_panic(reason) #endif -#if defined(UID_WRAPPER) && !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) +#if defined(UID_WRAPPER) +#if !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) #define UID_WRAPPER_REPLACE #include "../uid_wrapper/uid_wrapper.h" #endif +#else +#define uwrap_enabled() 0 +#endif #endif /* _INCLUDES_H */ diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c index f5a00c08a8..232883911e 100644 --- a/source4/ntvfs/posix/pvfs_acl.c +++ b/source4/ntvfs/posix/pvfs_acl.c @@ -473,13 +473,13 @@ NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, max_bits |= SEC_STD_ALL; } -#ifdef UID_WRAPPER_REPLACE - /* when running with the uid wrapper, files will be created - owned by the ruid, but we may have a different simulated - euid. We need to force the permission bits as though the - files owner matches the euid */ - max_bits |= SEC_STD_ALL; -#endif + if (!uwrap_enabled()) { + /* when running with the uid wrapper, files will be created + owned by the ruid, but we may have a different simulated + euid. We need to force the permission bits as though the + files owner matches the euid */ + max_bits |= SEC_STD_ALL; + } if (*access_mask == SEC_FLAG_MAXIMUM_ALLOWED) { *access_mask = max_bits; |