svn commit: samba r15539 - in branches/SAMBA_3_0/source/nsswitch: .

jra at samba.org jra at samba.org
Thu May 11 22:47:30 GMT 2006 

Author: jra
Date: 2006-05-11 22:47:28 +0000 (Thu, 11 May 2006)
New Revision: 15539

WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15539

Log:
Use portable wrapper functions instead of seteuid
directly in winbindd.
Jeremy.

Modified:
   branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c
   branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c


Changeset:
Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c	2006-05-11 21:21:36 UTC (rev 15538)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_cred_cache.c	2006-05-11 22:47:28 UTC (rev 15539)
@@ -105,7 +105,7 @@
 
 	if ((entry->renew_until < time(NULL)) && (entry->pass != NULL)) {
 	     
-		seteuid(entry->uid);
+		set_effective_uid(entry->uid);
 
 		ret = kerberos_kinit_password_ext(entry->principal_name,
 						  entry->pass,
@@ -116,7 +116,7 @@
 						  False, /* no PAC required anymore */
 						  True,
 						  WINBINDD_PAM_AUTH_KRB5_RENEW_TIME);
-		seteuid(0);
+		gain_root_privilege();
 
 		if (ret) {
 			DEBUG(3,("could not re-kinit: %s\n", error_message(ret)));
@@ -132,13 +132,13 @@
 		goto done;
 	}
 
-	seteuid(entry->uid);
+	set_effective_uid(entry->uid);
 
 	ret = smb_krb5_renew_ticket(entry->ccname, 
 				    entry->principal_name,
 				    entry->service,
 				    &new_start);
-	seteuid(0);
+	gain_root_privilege();
 
 	if (ret) {
 		DEBUG(3,("could not renew tickets: %s\n", error_message(ret)));

Modified: branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c
===================================================================
--- branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c	2006-05-11 21:21:36 UTC (rev 15538)
+++ branches/SAMBA_3_0/source/nsswitch/winbindd_pam.c	2006-05-11 22:47:28 UTC (rev 15539)
@@ -478,7 +478,7 @@
 
 	if (!internal_ccache) {
 
-		seteuid(uid);
+		set_effective_uid(uid);
 		DEBUG(10,("winbindd_raw_kerberos_login: uid is %d\n", uid));
 	}
 
@@ -533,7 +533,7 @@
 	}
 
 	if (!internal_ccache) {
-		seteuid(0);
+		gain_root_privilege();
 	}
 
 	/************************ NON-ROOT **********************/
@@ -631,7 +631,7 @@
 	SAFE_FREE(client_princ_out);
 
 	if (!internal_ccache) {
-		seteuid(0);
+		gain_root_privilege();
 	}
 
 	return result;

More information about the samba-cvs mailing list