From d57e67f9eb5a6a05f0e173d48e86dd1fe050635e Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Tue, 14 Jul 2009 11:25:45 -0700 Subject: Revert this commit : s3: Make smbd aware of permission change of usershare. Since usershare are relatively volatile and non-previledge users must disconnect from smbd and reconnect to it to make share permission in effect. For now. This is a feature request and I think we need to design it a little differently so as not to touch core change_to_user() code. Jeremy. --- source3/smbd/process.c | 58 ++------------------------------------------------ 1 file changed, 2 insertions(+), 56 deletions(-) (limited to 'source3/smbd/process.c') diff --git a/source3/smbd/process.c b/source3/smbd/process.c index 5b8a325d22..b26bc150db 100644 --- a/source3/smbd/process.c +++ b/source3/smbd/process.c @@ -1286,6 +1286,7 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in } } } + /* Does this call need to be run as the connected user? */ if (flags & AS_USER) { @@ -1302,67 +1303,12 @@ static connection_struct *switch_message(uint8 type, struct smb_request *req, in } return NULL; } -#ifdef HAVE_INOTIFY - if (conn->force_recheck_perm) { - int old; - int iService = -1; - const char *service = NULL; - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - conn->force_recheck_perm = false; - DEBUG(5, ("switch_message: rechecking permission for connection %x\n", - (unsigned int)conn)); - old = SNUM(conn); - service = lp_servicename(old); - conn->read_only = False; - if (lp_snum_ok(old) && am_usershare(old)) { - iService = load_usershare_service(service); - if (iService < 0 || old != iService) { - /* non-exist service */ - DEBUG(5, ("switch_message: deleting connection %x\n", - (unsigned int)conn)); - DEBUG(5, ("snum %d, sname %s\n", - old, service ? service : "NULL")); - delete_share_security(service); - set_current_service(NULL, 0, True); - close_cnum(smbd_server_conn, conn, conn->vuid); - lp_killservice(old); - reply_nterror(req, NT_STATUS_BAD_NETWORK_NAME); - return NULL; - } - - /* - * Don't have to reauthentication here, but - * need to check share permissions..... - * the vuid cache is a problem.. - */ - - if (!change_to_root_user()) { - smb_panic("cann't change to root user!\n"); - } - - if (!change_to_user_force_recheck(conn, session_tag, - True, &status)) { - reply_nterror(req, status); - remove_deferred_open_smb_message(req->mid); - return conn; - } - } - } else { - NTSTATUS status = NT_STATUS_UNSUCCESSFUL; - if (!change_to_user_force_recheck(conn, session_tag, - False, &status)) { - reply_nterror(req, status); - remove_deferred_open_smb_message(req->mid); - return conn; - } - } -#else + if (!change_to_user(conn,session_tag)) { reply_nterror(req, NT_STATUS_DOS(ERRSRV, ERRbaduid)); remove_deferred_open_smb_message(req->mid); return conn; } -#endif /* All NEED_WRITE and CAN_IPC flags must also have AS_USER. */ -- cgit