From 5b5b696c1e36dc7f81da24158e0853290084dec8 Mon Sep 17 00:00:00 2001 From: Jeremy Allison Date: Fri, 20 Apr 2012 17:52:57 -0700 Subject: Fix bug #8882 - Broken processing of %U with vfs_full_audit when force user is set. When doing a "force user" we need to remember what the "sanitized_username" was from the original connect. Autobuild-User: Jeremy Allison Autobuild-Date: Mon Apr 23 19:52:19 CEST 2012 on sn-devel-104 --- source3/smbd/service.c | 11 +++++++++++ 1 file changed, 11 insertions(+) (limited to 'source3') diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 914cec86d8..6a2df18ce0 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -439,6 +439,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) */ char *fuser; + char *sanitized_username; struct auth_session_info *forced_serverinfo; bool guest; @@ -458,6 +459,16 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) return status; } + /* We don't want to replace the original sanitized_username + as it is the original user given in the connect attempt. + This is used in '%U' substitutions. */ + sanitized_username = discard_const_p(char, + forced_serverinfo->unix_info->sanitized_username); + TALLOC_FREE(sanitized_username); + forced_serverinfo->unix_info->sanitized_username = + talloc_move(forced_serverinfo->unix_info, + &conn->session_info->unix_info->sanitized_username); + TALLOC_FREE(conn->session_info); conn->session_info = forced_serverinfo; -- cgit