summaryrefslogtreecommitdiff
path: root/source4/ntvfs/unixuid
AgeCommit message (Collapse)AuthorFilesLines
2012-06-28Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.Jeremy Allison1-5/+6
Will allow thread-specific credentials to be added by modifying the central definitions. Deliberately left the setXX[ug]id() call in popt as this is not used in Samba.
2012-06-13s4:ntvfs: add '_fn' suffix to all ntvfs_ops function pointersStefan Metzmacher1-31/+31
This hopefully fixes the build on systems where _LARGE_FILES triggers defines of syscalls e.g. '#define lseek lseek64' on AIX. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jun 13 11:03:15 CEST 2012 on sn-devel-104
2012-02-10s3-waf: add dependency on talloc or it won't build if talloc.h is not in the ↵Matthieu Patou1-1/+1
default include path The problem occurs only if talloc, tdb and ldb are used as system libraries and talloc is not installed in a default. Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Fri Feb 10 23:27:29 CET 2012 on sn-devel-104
2011-10-27Include uid_wrapper correctly.Andreas Schneider1-10/+0
2011-07-29s4-auth Move conversion of security_token to unix_token to authAndrew Bartlett2-54/+4
This allows us to honour the AUTH_SESSION_INFO_UNIX_TOKEN flag. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-07-29ntvfs: Use security_unix_token from auth.idlAndrew Bartlett1-24/+16
Signed-off-by: Andrew Tridgell <tridge@samba.org>
2011-03-19source4/ntvfs: Fix prototypes for all functions.Jelmer Vernooij1-0/+2
2010-11-07samdb: Lowercase library name.Jelmer Vernooij1-1/+1
2010-10-31s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2-11/+0
The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
2010-10-23s4: Rename NSS_WRAPPER to nss_wrapper.Jelmer Vernooij1-1/+1
Only link to nss_wrapper when it is enabled. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
2010-10-23s4: Rename UID_WRAPPER to uid_wrapper.Jelmer Vernooij1-1/+1
Only link to uid_wrapper when it is enabled.
2010-08-23s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett1-1/+1
struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
2010-08-18s4:ntvfs Don't treat the user SID and primary group SID special for idmapAndrew Bartlett1-12/+4
This simply askes IDMAP about all the user SIDs, rather than the user and group sid, followed by all but the first two sids from the token. Andrew Bartlett
2010-05-24s4:idmap Adjust code to new idmap structure names and layout.Andrew Bartlett1-12/+12
Andrew Bartlett
2010-04-06s4-waf: removed the AUTOGENERATED markersAndrew Tridgell1-4/+0
we won't be using the mk -> wscript generator again
2010-04-06s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell1-0/+2
them
2010-04-06build: commit all the waf build files in the treeAndrew Tridgell1-0/+11
2010-02-11s4: Switch to S3-style id mapping data types.Kai Blin1-5/+5
2010-02-05s4:UID wrapper - Fix includesMatthias Dieter Wallnöfer1-0/+10
The includes of the UID wrapper headers werent't really efficient according to metze's post on the technical mailing list (http://lists.samba.org/archive/samba-technical/2010-February/069165.html). To achieve this move the "uid_wrapper.h" includes into "lib/util/unix_privs.c", "lib/util/util.c", "ntvfs/posix/pvfs_acl.c" and "ntvfs/unixuid/vfs_unixuid.c".
2010-02-02Change uint_t to unsigned int in source4Matt Kraai1-1/+1
Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-10-02s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()Andrew Bartlett1-1/+4
This segfault occoured in cases where we rejected (or never attempted) the tree connect, so had an invalid private pointer for the logoff codepath. Andrew Bartlett
2009-08-05added a uid_wrapper libraryAndrew Tridgell1-1/+1
This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
2009-07-19Cosmetic correctionMatthias Dieter Wallnöfer1-1/+1
Changes the order of two commands. First set up the "priv" structure, then assign it to the "ntvfs" structure.
2009-05-20Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott1-2/+2
This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
2009-03-19use the tevent nesting code to avoid the uid problem in the VFSAndrew Tridgell1-0/+66
backend The vfs_unixuid module changes the uid of the process when executing operations on behalf of the user. Within the VFS backend we may rely on semi-async calls, such as winbind calls, which will call the event loop again. To cope with this we need to ensure that while inside those calls we revert the uid to root, then revert back to the connected user when we have finished with the semi-async calls.
2009-02-02s4:ntvfs/unixuid: s/private/privStefan Metzmacher1-23/+23
metze
2008-10-24Remove unused include param/param.h.Jelmer Vernooij1-1/+0
2008-05-18Use variables for source directory in a couple more places.Jelmer Vernooij1-1/+1
(This used to be commit c41bd3005f5f0b9cfd3709fc9217b4a401d265b4)
2008-04-08Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3Jelmer Vernooij1-22/+50
Conflicts: source/auth/credentials/config.mk source/auth/gensec/config.mk source/build/smb_build/makefile.pm source/heimdal_build/config.mk source/lib/events/config.mk source/lib/nss_wrapper/config.mk source/lib/policy/config.mk source/lib/registry/config.mk source/lib/socket_wrapper/config.mk source/lib/tdb/config.mk source/lib/tls/config.mk source/lib/util/config.mk source/libcli/config.mk source/libcli/ldap/config.mk source/libnet/config.mk source/librpc/config.mk source/param/config.mk source/rpc_server/config.mk source/scripting/ejs/config.mk source/smbd/process_model.mk (This used to be commit 760378e0294dd0cd4523a83448328478632d7e3d)
2008-04-02ntvfs: Use wbclient in vsf_unixuid, not sidmapKai Blin1-22/+50
(This used to be commit 2908a77fa5c32e92665775a5785345f704202f0a)
2008-03-03Move object file lists to the Makefile.Jelmer Vernooij1-2/+2
(This used to be commit a7e6d2a1832db388fdafa1279f84c9a8bbfc87d6)
2007-12-21r26353: Remove use of global_loadparm.Jelmer Vernooij1-1/+1
(This used to be commit 17637e4490e42db6cdef619286c4d5a0982e9d1a)
2007-12-21r26228: Store loadparm context in auth context, move more loadparm_contexts ↵Jelmer Vernooij1-1/+2
up the call stack. (This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
2007-12-21r25839: use nss_wrapper code in samba4 ifStefan Metzmacher1-1/+1
--enable-nss-wrapper or --enable-developer is given metze (This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
2007-10-10r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij1-2/+2
(This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
2007-10-10r23792: convert Samba4 to GPLv3Andrew Tridgell1-3/+2
There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
2007-10-10r23067: use 'const union smb_search_data *file' also in the server code to ↵Stefan Metzmacher1-2/+2
get rid of compiler warnings in the cifs backend metze (This used to be commit 34ef07b1f5acdad27edd80de8de4c6de7f879f9b)
2007-10-10r22406: this dependencies should also be privateStefan Metzmacher1-1/+1
metze (This used to be commit 7f07895cac3e933b39f81bf67812834352184af0)
2007-10-10r21214: fixed a valgrind error that can be caused by a semi-async call insideAndrew Tridgell1-1/+4
a nested ntvfs call. The req structure can go away while processing a ntvfs request (This used to be commit f62b3c505f71f37a86a76d152d643926e19eb148)
2007-10-10r16980: - make struct smb_notify a union and add levels ↵Stefan Metzmacher1-1/+1
RAW_NOTIFY_NTTRANS,RAW_NOTIFY_SMB2 - parse SMB2 Notify reponse metze (This used to be commit de50e0ccddfad16ad7b254770f4c52c1abe707b9)
2007-10-10r15826: ensure we don't dereference sec when NULLAndrew Tridgell1-1/+2
(This used to be commit b6bf6b17cd92a3869c49209bc8ea8ef8c6c25cdd)
2007-10-10r15572: Trim build/m4/rewrite.m4 a bit more, remove unused tests.Jelmer Vernooij1-0/+1
(This used to be commit d72c5c8f755277eb22e1f6834d98202f00c09934)
2007-10-10r15207: Introduce PRIVATE_DEPENDENCIES and PUBLIC_DEPENDENCIES as replacementJelmer Vernooij1-1/+1
for REQUIRED_SUBSYSTEMS. (This used to be commit adc8a019b6da256f104abed1b82bfde6998a2ac9)
2007-10-10r15188: Restore svn rev. 15183, 15184 and 15185, which I inadvertantly clobberedJames Peach1-3/+4
in r15186. I don't think I should be allowed to use quilt and svn at the same time any more :( (This used to be commit e0ca5ead27743c84f5d9310a05d6d718862ead1d)
2007-10-10r15186: Introduce ISDOT and ISDOTDOT macros for testing whether a filename isJames Peach1-4/+3
"." for "..". These express the intention better that strcmp or strequal and improve searchability via cscope/ctags. (This used to be commit 7e4ad7e8e5ec266b969e3075c4ad7f021571f24e)
2007-10-10r15185: Force all NTVFS modules to provide a critical sizes structure soJames Peach1-3/+4
the version information can be checked when modules are registered. (This used to be commit 95eb55806339fc5409c0adf137ebd5bffd7098ac)
2007-10-10r14964: - move sidmap code from ntvfs_common to SAMDBStefan Metzmacher2-1/+2
- make ntvfs_common a library - create sys_notify library metze (This used to be commit a3e1d56cf7b688c515f5d6d4d43e0b24c2261d15)
2007-10-10r14838: fix the build. Looks like I still haven't quite got the hang of theAndrew Tridgell1-0/+1
new dependency/proto system :-) (This used to be commit 63ae3f21e3471895ba83df1c2fdc4147090f7fdb)
2007-10-10r14736: - the ntvfs subsystem should not know about smb_server.hStefan Metzmacher1-1/+0
- the process module subsystem should not know about smb_server.h - the smb_server module should not know about process models metze (This used to be commit bac95bb8f4ad35a31ee666f5916ff9b2f292d964)
2007-10-10r14615: add notify to unixuid ntvfs moduleAndrew Tridgell1-0/+14
(This used to be commit 79af976d189798bb92f5909237202ca18db1789f)
generated by cgit (git 2.34.1) at 2024-05-23 11:21:19 +0000