svn commit: samba r17294 - in branches/SAMBA_3_0/source: lib smbd
jra at samba.org
jra at samba.org
Fri Jul 28 22:56:41 GMT 2006
Author: jra
Date: 2006-07-28 22:56:41 +0000 (Fri, 28 Jul 2006)
New Revision: 17294
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=17294
Log:
Make the code a little cleaner. Instead of using the two
calls make it :
become_root_uid_only()
operation
unbecome_root_uid_only()
saving errno across the second call. Most of our internal
change calls can be replaced with these simple calls.
Jeremy
Modified:
branches/SAMBA_3_0/source/lib/messages.c
branches/SAMBA_3_0/source/lib/util_sec.c
branches/SAMBA_3_0/source/smbd/posix_acls.c
Changeset:
Modified: branches/SAMBA_3_0/source/lib/messages.c
===================================================================
--- branches/SAMBA_3_0/source/lib/messages.c 2006-07-28 22:42:39 UTC (rev 17293)
+++ branches/SAMBA_3_0/source/lib/messages.c 2006-07-28 22:56:41 UTC (rev 17294)
@@ -167,7 +167,6 @@
static BOOL message_notify(struct process_id procid)
{
pid_t pid = procid.pid;
- int saved_errno;
int ret;
uid_t euid = geteuid();
@@ -179,23 +178,21 @@
SMB_ASSERT(pid > 0);
if (euid != 0) {
- save_re_uid();
- set_effective_uid(0);
+ become_root_uid_only();
}
ret = kill(pid, SIGUSR1);
- saved_errno = errno;
if (euid != 0) {
- restore_re_uid();
+ unbecome_root_uid_only();
}
if (ret == -1) {
- if (saved_errno == ESRCH) {
+ if (errno == ESRCH) {
DEBUG(2,("pid %d doesn't exist - deleting messages record\n", (int)pid));
tdb_delete(tdb, message_key_pid(procid));
} else {
- DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(saved_errno)));
+ DEBUG(2,("message to process %d failed - %s\n", (int)pid, strerror(errno)));
}
return False;
}
Modified: branches/SAMBA_3_0/source/lib/util_sec.c
===================================================================
--- branches/SAMBA_3_0/source/lib/util_sec.c 2006-07-28 22:42:39 UTC (rev 17293)
+++ branches/SAMBA_3_0/source/lib/util_sec.c 2006-07-28 22:56:41 UTC (rev 17294)
@@ -258,10 +258,9 @@
/****************************************************************************
and restore them!
****************************************************************************/
-void restore_re_uid(void)
+
+static void restore_re_uid_fromroot(void)
{
- set_effective_uid(0);
-
#if USE_SETRESUID
setresuid(saved_ruid, saved_euid, -1);
#elif USE_SETREUID
@@ -280,8 +279,35 @@
assert_uid(saved_ruid, saved_euid);
}
+void restore_re_uid(void)
+{
+ set_effective_uid(0);
+ restore_re_uid_fromroot();
+}
/****************************************************************************
+ Lightweight become root - no group change.
+****************************************************************************/
+
+void become_root_uid_only(void)
+{
+ save_re_uid();
+ set_effective_uid(0);
+}
+
+/****************************************************************************
+ Lightweight unbecome root - no group change. Expects we are root already,
+ saves errno across call boundary.
+****************************************************************************/
+
+void unbecome_root_uid_only(void)
+{
+ int saved_errno = errno;
+ restore_re_uid_fromroot();
+ errno = saved_errno;
+}
+
+/****************************************************************************
save the real and effective gid for later restoration. Used by the
getgroups code
****************************************************************************/
Modified: branches/SAMBA_3_0/source/smbd/posix_acls.c
===================================================================
--- branches/SAMBA_3_0/source/smbd/posix_acls.c 2006-07-28 22:42:39 UTC (rev 17293)
+++ branches/SAMBA_3_0/source/smbd/posix_acls.c 2006-07-28 22:56:41 UTC (rev 17294)
@@ -2458,9 +2458,9 @@
DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
fsp->fsp_name ));
- become_root();
+ become_root_uid_only();
sret = SMB_VFS_SYS_ACL_SET_FILE(conn, fsp->fsp_name, the_acl_type, the_acl);
- unbecome_root();
+ unbecome_root_uid_only();
if (sret == 0) {
ret = True;
}
@@ -2489,9 +2489,9 @@
DEBUG(5,("set_canon_ace_list: acl group control on and current user in file %s primary group.\n",
fsp->fsp_name ));
- become_root();
+ become_root_uid_only();
sret = SMB_VFS_SYS_ACL_SET_FD(fsp, fsp->fh->fd, the_acl);
- unbecome_root();
+ unbecome_root_uid_only();
if (sret == 0) {
ret = True;
}
@@ -3018,10 +3018,10 @@
/* Case (3) */
( has_restore_priv ) ) {
- become_root();
+ become_root_uid_only();
/* Keep the current file gid the same - take ownership doesn't imply group change. */
ret = SMB_VFS_CHOWN(conn, fname, uid, (gid_t)-1);
- unbecome_root();
+ unbecome_root_uid_only();
return ret;
}
}
@@ -3045,10 +3045,10 @@
*/
uid = current_user.ut.uid;
- become_root();
+ become_root_uid_only();
/* Keep the current file gid the same. */
ret = SMB_VFS_FCHOWN(fsp, fsp->fh->fd, uid, (gid_t)-1);
- unbecome_root();
+ unbecome_root_uid_only();
close_file_fchmod(fsp);
@@ -3226,9 +3226,9 @@
"current user in file %s primary group. Override delete_def_acl\n",
fsp->fsp_name ));
- become_root();
+ become_root_uid_only();
sret = SMB_VFS_SYS_ACL_DELETE_DEF_FILE(conn, fsp->fsp_name);
- unbecome_root();
+ unbecome_root_uid_only();
}
if (sret == -1) {
@@ -3273,9 +3273,9 @@
"current user in file %s primary group. Override chmod\n",
fsp->fsp_name ));
- become_root();
+ become_root_uid_only();
sret = SMB_VFS_CHMOD(conn,fsp->fsp_name, posix_perms);
- unbecome_root();
+ unbecome_root_uid_only();
}
if (sret == -1) {
More information about the samba-cvs
mailing list