[SCM] Samba Shared Repository - branch master updated

Sat Feb 13 02:51:03 UTC 2016

The branch, master has been updated
       via  92afa1b smbd: Simplify chroot option in smbd
      from  b504918 s3-waf: Install smbspool_krb5_wrapper in LIBEXECDIR

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 92afa1b165841356d6a3fb2ac44d9a5460bffea5
Author: Andreas Schneider <asn at samba.org>
Date:   Wed Feb 10 16:19:56 2016 +0100

    smbd: Simplify chroot option in smbd
    
    rpmlint has a check for this and prefers to call chdir() before
    chroot(). If not it will complain with
    missing-call-to-chdir-with-chroot. The old code equivalent secure. See
    
        http://unixwiz.net/techtips/chroot-practices.html
    
    This removes several unneeded talloc_tos() calls.
    
    Signed-off-by: Andreas Schneider <asn at samba.org>
    Reviewed-by: Jeremy Allison <jra at samba.org>
    
    Autobuild-User(master): Jeremy Allison <jra at samba.org>
    Autobuild-Date(master): Sat Feb 13 03:50:54 CET 2016 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/process.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 25c6d05..34939f0 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -3903,6 +3903,8 @@ void smbd_process(struct tevent_context *ev_ctx,
 	NTSTATUS status;
 	struct timeval tv = timeval_current();
 	NTTIME now = timeval_to_nttime(&tv);
+	char *chroot_dir = NULL;
+	int rc;
 
 	status = smbXsrv_client_create(ev_ctx, ev_ctx, msg_ctx, now, &client);
 	if (!NT_STATUS_IS_OK(status)) {
@@ -4024,17 +4026,22 @@ void smbd_process(struct tevent_context *ev_ctx,
 		exit_server("Could not open account policy tdb.\n");
 	}
 
-	if (*lp_root_directory(talloc_tos())) {
-		if (chroot(lp_root_directory(talloc_tos())) != 0) {
-			DEBUG(0,("Failed to change root to %s\n",
-				 lp_root_directory(talloc_tos())));
-			exit_server("Failed to chroot()");
+	chroot_dir = lp_root_directory(talloc_tos());
+	if (chroot_dir[0] != '\0') {
+		rc = chdir(chroot_dir);
+		if (rc != 0) {
+			DBG_ERR("Failed to chdir to %s\n", chroot_dir);
+			exit_server("Failed to chdir()");
 		}
-		if (chdir("/") == -1) {
-			DEBUG(0,("Failed to chdir to / on chroot to %s\n", lp_root_directory(talloc_tos())));
+
+		rc = chroot(chroot_dir);
+		if (rc != 0) {
+			DBG_ERR("Failed to change root to %s\n", chroot_dir);
 			exit_server("Failed to chroot()");
 		}
-		DEBUG(0,("Changed root to %s\n", lp_root_directory(talloc_tos())));
+		DBG_WARNING("Changed root to %s\n", chroot_dir);
+
+		TALLOC_FREE(chroot_dir);
 	}
 
 	if (!file_init(sconn)) {


-- 
Samba Shared Repository

