diff options
Diffstat (limited to 'source4')
| -rw-r--r-- | source4/Makefile | 1 | ||||
| -rw-r--r-- | source4/auth/ntlm/config.mk | 2 | ||||
| -rw-r--r-- | source4/configure.ac | 1 | ||||
| -rw-r--r-- | source4/heimdal_build/config.h | 5 | ||||
| -rw-r--r-- | source4/heimdal_build/internal.mk | 3 | ||||
| -rw-r--r-- | source4/include/includes.h | 5 | ||||
| -rw-r--r-- | source4/main.mk | 1 | ||||
| -rw-r--r-- | source4/ntvfs/posix/pvfs_acl.c | 8 | ||||
| -rw-r--r-- | source4/ntvfs/unixuid/config.mk | 2 |
9 files changed, 25 insertions, 3 deletions
diff --git a/source4/Makefile b/source4/Makefile index d6ae887066..24e58bc37a 100644 --- a/source4/Makefile +++ b/source4/Makefile @@ -75,6 +75,7 @@ libcmdlinesrcdir := lib/cmdline poptsrcdir := ../lib/popt socketwrappersrcdir := ../lib/socket_wrapper nsswrappersrcdir := ../lib/nss_wrapper +uidwrappersrcdir := ../lib/uid_wrapper appwebsrcdir := lib/appweb libstreamsrcdir := lib/stream libutilsrcdir := ../lib/util diff --git a/source4/auth/ntlm/config.mk b/source4/auth/ntlm/config.mk index 561d14ad10..cb9c3b6cc9 100644 --- a/source4/auth/ntlm/config.mk +++ b/source4/auth/ntlm/config.mk @@ -57,7 +57,7 @@ auth_developer_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_developer.o) [MODULE::auth_unix] INIT_FUNCTION = auth_unix_init SUBSYSTEM = auth -PRIVATE_DEPENDENCIES = CRYPT PAM PAM_ERRORS NSS_WRAPPER +PRIVATE_DEPENDENCIES = CRYPT PAM PAM_ERRORS NSS_WRAPPER UID_WRAPPER auth_unix_OBJ_FILES = $(addprefix $(authsrcdir)/ntlm/, auth_unix.o) diff --git a/source4/configure.ac b/source4/configure.ac index 7c5f310aa9..3f10419a42 100644 --- a/source4/configure.ac +++ b/source4/configure.ac @@ -125,6 +125,7 @@ m4_include(ntvfs/posix/config.m4) m4_include(ntvfs/unixuid/config.m4) m4_include(../lib/socket_wrapper/config.m4) m4_include(../lib/nss_wrapper/config.m4) +m4_include(../lib/uid_wrapper/config.m4) m4_include(auth/config.m4) m4_include(kdc/config.m4) m4_include(ntvfs/sysdep/config.m4) diff --git a/source4/heimdal_build/config.h b/source4/heimdal_build/config.h index 6a82637b2d..8830942e30 100644 --- a/source4/heimdal_build/config.h +++ b/source4/heimdal_build/config.h @@ -27,4 +27,9 @@ #undef HAVE_KRB5_ENCRYPT_BLOCK +#if defined(UID_WRAPPER) && !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) +#define UID_WRAPPER_REPLACE +#include "../uid_wrapper/uid_wrapper.h" +#endif + #endif diff --git a/source4/heimdal_build/internal.mk b/source4/heimdal_build/internal.mk index c0f3b6be99..52281807b5 100644 --- a/source4/heimdal_build/internal.mk +++ b/source4/heimdal_build/internal.mk @@ -598,7 +598,8 @@ PRIVATE_DEPENDENCIES = \ HEIMDAL_ROKEN_PROGNAME \ HEIMDAL_ROKEN_CLOSEFROM \ RESOLV \ - LIBREPLACE_NETWORK + LIBREPLACE_NETWORK \ + UID_WRAPPER # End SUBSYSTEM HEIMDAL_ROKEN ####################### diff --git a/source4/include/includes.h b/source4/include/includes.h index 4862a62e22..37c6115f0f 100644 --- a/source4/include/includes.h +++ b/source4/include/includes.h @@ -73,4 +73,9 @@ #define TALLOC_ABORT(reason) smb_panic(reason) #endif +#if defined(UID_WRAPPER) && !defined(UID_WRAPPER_REPLACE) && !defined(UID_WRAPPER_NOT_REPLACE) +#define UID_WRAPPER_REPLACE +#include "../uid_wrapper/uid_wrapper.h" +#endif + #endif /* _INCLUDES_H */ diff --git a/source4/main.mk b/source4/main.mk index b4a82017c8..4d7fd584f8 100644 --- a/source4/main.mk +++ b/source4/main.mk @@ -19,6 +19,7 @@ mkinclude lib/events/config.mk mkinclude lib/cmdline/config.mk mkinclude ../lib/socket_wrapper/config.mk mkinclude ../lib/nss_wrapper/config.mk +mkinclude ../lib/uid_wrapper/config.mk mkinclude lib/stream/config.mk mkinclude ../lib/util/config.mk mkinclude ../lib/tdr/config.mk diff --git a/source4/ntvfs/posix/pvfs_acl.c b/source4/ntvfs/posix/pvfs_acl.c index 1adced44aa..f5a00c08a8 100644 --- a/source4/ntvfs/posix/pvfs_acl.c +++ b/source4/ntvfs/posix/pvfs_acl.c @@ -473,6 +473,14 @@ NTSTATUS pvfs_access_check_unix(struct pvfs_state *pvfs, max_bits |= SEC_STD_ALL; } +#ifdef UID_WRAPPER_REPLACE + /* when running with the uid wrapper, files will be created + owned by the ruid, but we may have a different simulated + euid. We need to force the permission bits as though the + files owner matches the euid */ + max_bits |= SEC_STD_ALL; +#endif + if (*access_mask == SEC_FLAG_MAXIMUM_ALLOWED) { *access_mask = max_bits; return NT_STATUS_OK; diff --git a/source4/ntvfs/unixuid/config.mk b/source4/ntvfs/unixuid/config.mk index 6377657cec..105ba2f535 100644 --- a/source4/ntvfs/unixuid/config.mk +++ b/source4/ntvfs/unixuid/config.mk @@ -3,7 +3,7 @@ [MODULE::ntvfs_unixuid] INIT_FUNCTION = ntvfs_unixuid_init SUBSYSTEM = ntvfs -PRIVATE_DEPENDENCIES = SAMDB NSS_WRAPPER +PRIVATE_DEPENDENCIES = SAMDB NSS_WRAPPER UID_WRAPPER # End MODULE ntvfs_unixuid ################################################ |