Age | Commit message (Collapse) | Author | Files | Lines |
|
(This used to be commit ea226c5ed97d47649833546d5499213093d1925e)
|
|
contexts. Patch from Tim Prouty <tim.prouty@isilon.com>.
(This used to be commit a136de663f122603e8d34e06027896ff39b35e11)
|
|
(This used to be commit b0132e94fc5fef936aa766fb99a306b3628e9f07)
|
|
Jeremy.
(This used to be commit 407e6e695b8366369b7c76af1ff76869b45347b3)
|
|
failed expression in SMB_ASSERT.
(This used to be commit 171dc060e2a576d724eed1ca65636bdafffd7713)
|
|
to the
dynamic group resolution mechanism when switching UNIX credentials.
(This used to be commit b5cb21e951550fe836b0ef5febc037af9a7f51ec)
|
|
always
passed as the first GID when calling setgroups(2).
(This used to be commit 6ebaf856c1d27f2fbfa0444a5c6c17c4331d2780)
|
|
Change the sequence :
gain_root();
sys_setgroups(ngroups, groups);
become_id(uid, gid);
to a function call :
set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups)
James - should be safe for you to create a Darwin-specific
version of this function now.
Jeremy.
(This used to be commit 8ee982b3678be41ce8b4f4c1df428dcbf897ccbe)
|
|
Doing this in two stages to make it very easy to
review. Context switching must look like :
gain_root();
sys_setgroups(ngroups, groups);
become_id(uid, gid);
Re-arrange order so these three calls are always
seen together.
Next will be to turn these into a function.
Jeremy.
(This used to be commit eb537185ee4a3f460709267c843c9303a9bb61b5)
|
|
(This used to be commit ae6b9b34e59167e3958bfdb9997fa25340b9a0a3)
|
|
where we don't correctly check the return from memdup.
Jeremy.
(This used to be commit ce14daf51c7ee2f9c68c77f7f4674e6f0e35c9ca)
|
|
macro which sets the freed pointer to NULL.
(This used to be commit b65be8874a2efe5a4b167448960a4fcf6bd995e2)
|
|
Sync with trunk as off r13315
(This used to be commit 17e63ac4ed8325c0d44fe62b2442449f3298559f)
|
|
by saving the UNIX token used to set a delete on close flag,
and using it when doing the delete. libsmbsharemodes.so still
needs updating to cope with this change.
Samba4 torture tests to follow.
Jeremy.
(This used to be commit 23f16cbc2e8cde97c486831e26bcafd4ab4a9654)
|
|
allocation
functions so we can funnel through some well known functions. Should help greatly with
malloc checking.
HEAD patch to follow.
Jeremy.
(This used to be commit 620f2e608f70ba92f032720c031283d295c5c06a)
|
|
Use winbindd to get the group list if possible since we already
know it from netsamlogon_cache.tdb. More effecient than letting
libc call getgrent() to get seconary groups.
Tested by Ken Cross.
(This used to be commit 3c537c906f29a08e75895c8c8e3ed5c5abaaa940)
|
|
(This used to be commit 65e7b5273bb58802bf0c389b77f7fcae0a1f6139)
|
|
(This used to be commit 03ac082dcb375b6f3ca3d810a6a6367542bc23ce)
|
|
Changed "SMB/Netbios" to "SMB/CIFS" in file header.
(This used to be commit 6a58c9bd06d0d7502a24bf5ce5a2faf0a146edfa)
|
|
<a.bokovoy@sam-solutions.net>.
This patch is designed to remove the 'special cases' required for this support.
In particular this now kills off winbind_initgroups, as it appears no longer to
be required.
Andrew Bartlett
(This used to be commit f1d8d509766e9169d39332559162cfec249bfc70)
|
|
Got "medieval on our ass" about const warnings (as many as I could :-).
Jeremy.
(This used to be commit ee5e7ca547eff016818ba5c43b8ea0c9fa69b808)
|
|
correct uid.
(This used to be commit ad30a35ebc04f6a56c3ffb28bfb793557cf1fdf7)
|
|
Ensure make_conection() can only be called as root.
Jeremy.
(This used to be commit 8d23a7441b4687458ee021bfe8880558506eddba)
|
|
(This used to be commit 2d0922b0eabfdc0aaf1d0797482fef47ed7fde8e)
|
|
(This used to be commit 1a04ea247680fa7ad1ae7dc3f9953f753d8cf955)
|
|
(This used to be commit a95943fde0ad89ae3f2deca2f7ba9cb5ab612b74)
|
|
problem with wrong token being used in current_user.
Jeremy.
(This used to be commit 2c7d2a1d533052d3556715439fcd66c5233d3137)
|
|
Andrew Bartlett
(This used to be commit b33000cdc0cafd4888c3f07c56050626743abd14)
|
|
smbd/sec_ctx.c: Fixed potential memory leak spotted by
Kenichi Okuyama@Tokyo Research Lab, IBM-Japan, Co.
utils/nmblookup.c: gcc warning on Solaris fix.
Jeremy.
(This used to be commit 1be60597cd62af2b30a1496d06ea5704e87d3b7d)
|
|
Jeremy.
(This used to be commit a60ecb4e53a6c8a3a6a37a89042ae943202263fe)
|
|
RPC code to merge with new passdb code.
Currently rpcclient doesn't compile. I'm working on it...
Jeremy.
(This used to be commit 0be41d5158ea4e645e93e8cd30617c038416e549)
|
|
source/Makefile.in
- changes to ctags and etags rules that somehow got lost along the way.
source/include/proto.h
- make proto
source/smbd/sec_ctx.c
source/smbd/password.c
- merge debugs for debugging user groups and NT token stuff.
source/lib/util_str.c
- capitalise domain name returned from parse_domain_user()
source/nsswitch/wb_client.c
- fix broken conditional in debug statement.
source/include/rpc_secdes.h
source/include/rpc_spoolss.h
source/printing/nt_printing.c
source/lib/util_seaccess.c
- fix printer permission bugs related to ACE masks for printers.
This adds mapping of generic access rights to object specific
rights for NT printers. Still need to work out whether or not to
ignore ACEs with certain flags set, though. See comments in
util_seaccess.c:check_ace() for details.
source/printing/nt_printing.c
source/printing/printing.c
- use PRINTER_ACCESS_ADMINISTER instead of JOB_ACCESS_ADMINISTER
until we sort out printer/printjob permission stuff.
(This used to be commit 1dba9c5cd1e6389734c648f6903abcb7c8d5b2f0)
|
|
Jeremy.
(This used to be commit f4c32a75e6e60eae6078449478d04ff22373d817)
|
|
Jeremy.
(This used to be commit cdbd2e99775642dc2e92004be9014bf38a92d80f)
|
|
Jeremy.
(This used to be commit b809a2d0c81c54e917ccc0c99b3e70ea8d7ceab1)
|
|
with PCL drivers. The problem was we were updating the changeid on every
SETPRINTERDATA/DELETEPRINTERDATA call. We should not do this, we should
just update the 'setprinter' called count. We update the changeid on calls
to SETPRINTER/ADDPRINTER/ADDPRINTEREX etc. Also fixed the correct returning
of the create time on printers.
Jeremy.
(This used to be commit 521f09829fd329f87b3d19e8871e2b989c98a58e)
|
|
(This used to be commit cae5eeb16e81b6aa95c68223268513c32aed7056)
|
|
(This used to be commit 2817b6cc8af3edbaa63b5db67689ab94cb240d4f)
|
|
(This used to be commit 5aed84b74981a4f4fcc4d466ef03178eff22ba85)
|
|
Added debug messages to se_access_check().
Added FULL_ACCESS acl to default acl on printers.
Jeremy.
(This used to be commit 7507f6f408cf8b0f8d7e2b3da54ce5fb5ef5343b)
|
|
with the current user. This will allow se_access_check() to quickly do
a SD check without having to translate uid/gid's to SIDs.
Still needs work on pipe calls.
Jeremy.
(This used to be commit e28d01b744b3dbd33e0e54af4e7f426fa8c082b8)
|
|
get ready and fix se_access_check().
Added cannonical lookup_name(), lookup_sid(), uid_to_sid(), gid_to_sid()
functions that look via winbind first the fall back on local lookup.
All Samba should use these rather than trying to call winbindd code
directly.
Added NT_USER_TOKEN struct in user_struct, contains list of NT sids
associated with this user.
se_access_check() should use this (cached) value rather than attempting
to do the same thing itself when given a uid/gid pair.
More work needs to be done to preserve these things accross security
context changes (especially with the tricky pipe problem) but I'm
beginning to see how this will be done..... probably by registering
a new vuid for an authenticated RPC pipe and not treating the
pipe calls specially.
More thoughts needed - but we're almost there...
Jeremy.
(This used to be commit 5e5cc6efe2e4687be59085f562caea1e2e05d0a8)
|
|
Jeremy.
(This used to be commit 2aa21db960666736331b18956422b7c13aad0f0f)
|
|
jreilly@hp.com.
Memory leak fix for new sec_ctx code (sorry Tim :-).
Jeremy.
(This used to be commit edaf49c66d5a5ccf6689b358c301e208599a468f)
|
|
code. This code is now implemented as a stack of security contexts, where
a security context is defined as a set of effective user, group and
supplementary group ids.
The following functions are implemented:
BOOL push_sec_ctx(void);
Create a new security context on the stack which is the same as the
current security context.
void set_sec_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups);
Set the current security context to a given set of user and group
ids.
void set_root_sec_ctx(void);
Set to uid = gid = 0. No supplementary groups are set.
BOOL pop_sec_ctx(void);
Pop a security context from the stack and restore the user and group
permissions of the previous context.
void init_sec_ctx(void);
Initialise the security context stack. This must be called before any
of the other operations are used or weird things may happen.
The idea is that there is a base security context which is either root or
some authenticated unix user. Other security contexts can be pushed and
popped as needed for things like changing passwords, or rpc pipe operations
where the rpc pipe user is different from the smb user.
(This used to be commit 87c78d6d5a6bf8d0907d6f8ef5ee0d642946cad3)
|