From 5a872512b0d6ed09c515f7f85c29add5934361d3 Mon Sep 17 00:00:00 2001 From: Andrew Tridgell Date: Sun, 3 Oct 2004 06:46:29 +0000 Subject: r2794: a very simple version of the unixuid NTVFS pass-thru module. In conjunction with the posix backend this gives us a way to correctly setup the unix security context in Samba4. I chose the following method to determine the unix uid's and gid's to use given the list of SIDs from the login process - look for a "UnixID" field in the sam record. If present, then use it (check if the record is of the right type as well) - if UnixID is not present, then look for the "UnixName" sam field. If it is present then use getpwnam() or getgrnam() to find the unix id. - if UnixID and UnixName are not present, then look for a unix account of the right type called by the same name as the sAMAccountName field. - if none of the above work then fail the operation with NT_STATUS_ACCESS_DENIED obviously these steps only work well with a local SAM. It will need to be more sophisticated in future. I did not put any cache in place at all. That will need to be added for decent performance. (This used to be commit 78b67d19b9766131f0270e451089ee5bb1aa8bd9) --- source4/ntvfs/unixuid/config.m4 | 58 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 58 insertions(+) create mode 100644 source4/ntvfs/unixuid/config.m4 (limited to 'source4/ntvfs/unixuid/config.m4') diff --git a/source4/ntvfs/unixuid/config.m4 b/source4/ntvfs/unixuid/config.m4 new file mode 100644 index 0000000000..61e7db3d91 --- /dev/null +++ b/source4/ntvfs/unixuid/config.m4 @@ -0,0 +1,58 @@ +SMB_MODULE_MK(ntvfs_unixuid, NTVFS, STATIC, ntvfs/config.mk) + + +################################################ +# look for a method of setting the effective uid +seteuid=no; +if test $seteuid = no; then +AC_CACHE_CHECK([for setresuid],samba_cv_USE_SETRESUID,[ +AC_TRY_RUN([ +#define AUTOCONF_TEST 1 +#define USE_SETRESUID 1 +#include "confdefs.h" +#include "${srcdir-.}/lib/util_sec.c"], + samba_cv_USE_SETRESUID=yes,samba_cv_USE_SETRESUID=no,samba_cv_USE_SETRESUID=cross)]) +if test x"$samba_cv_USE_SETRESUID" = x"yes"; then + seteuid=yes;AC_DEFINE(USE_SETRESUID,1,[Whether setresuid() is available]) +fi +fi + + +if test $seteuid = no; then +AC_CACHE_CHECK([for setreuid],samba_cv_USE_SETREUID,[ +AC_TRY_RUN([ +#define AUTOCONF_TEST 1 +#define USE_SETREUID 1 +#include "confdefs.h" +#include "${srcdir-.}/lib/util_sec.c"], + samba_cv_USE_SETREUID=yes,samba_cv_USE_SETREUID=no,samba_cv_USE_SETREUID=cross)]) +if test x"$samba_cv_USE_SETREUID" = x"yes"; then + seteuid=yes;AC_DEFINE(USE_SETREUID,1,[Whether setreuid() is available]) +fi +fi + +if test $seteuid = no; then +AC_CACHE_CHECK([for seteuid],samba_cv_USE_SETEUID,[ +AC_TRY_RUN([ +#define AUTOCONF_TEST 1 +#define USE_SETEUID 1 +#include "confdefs.h" +#include "${srcdir-.}/lib/util_sec.c"], + samba_cv_USE_SETEUID=yes,samba_cv_USE_SETEUID=no,samba_cv_USE_SETEUID=cross)]) +if test x"$samba_cv_USE_SETEUID" = x"yes"; then + seteuid=yes;AC_DEFINE(USE_SETEUID,1,[Whether seteuid() is available]) +fi +fi + +if test $seteuid = no; then +AC_CACHE_CHECK([for setuidx],samba_cv_USE_SETUIDX,[ +AC_TRY_RUN([ +#define AUTOCONF_TEST 1 +#define USE_SETUIDX 1 +#include "confdefs.h" +#include "${srcdir-.}/lib/util_sec.c"], + samba_cv_USE_SETUIDX=yes,samba_cv_USE_SETUIDX=no,samba_cv_USE_SETUIDX=cross)]) +if test x"$samba_cv_USE_SETUIDX" = x"yes"; then + seteuid=yes;AC_DEFINE(USE_SETUIDX,1,[Whether setuidx() is available]) +fi +fi -- cgit