[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Mon Jul 9 22:13:05 UTC 2018
The branch, master has been updated
via 3796bb0 Revert "s3/service: convert lp_force_group() to const"
via 3e5e775 Revert "s3/service: convert lp_force_user() to const"
from fe25bc7 libsmbclient: Initialize written in cli_splice_fallback()
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 3796bb0048a276259e30e44f7e0e071c1516727a
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jul 9 01:40:58 2018 +0200
Revert "s3/service: convert lp_force_group() to const"
This reverts commit c53646bccd87ef3b3133d3f7526ef85591909528.
As mentioned by Andrew, we shouldn't break environments where
"force group" has been configured to use substituted variables.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Tue Jul 10 00:12:19 CEST 2018 on sn-devel-144
commit 3e5e775321e6c432d92d459219ecebbb9713890d
Author: David Disseldorp <ddiss at samba.org>
Date: Mon Jul 9 01:36:11 2018 +0200
Revert "s3/service: convert lp_force_user() to const"
This reverts commit c58194e3d296f4e14e7689bdf192c561635ae161.
As mentioned by Andrew, we shouldn't break environments where
"force user" has been configured to use substituted variables.
Signed-off-by: David Disseldorp <ddiss at samba.org>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
docs-xml/smbdotconf/security/forcegroup.xml | 1 -
docs-xml/smbdotconf/security/forceuser.xml | 1 -
source3/smbd/service.c | 23 ++++++++++++++---------
source3/smbd/uid.c | 3 +--
4 files changed, 15 insertions(+), 13 deletions(-)
Changeset truncated at 500 lines:
diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml
index b6e729b..d101f1c 100644
--- a/docs-xml/smbdotconf/security/forcegroup.xml
+++ b/docs-xml/smbdotconf/security/forcegroup.xml
@@ -1,7 +1,6 @@
<samba:parameter name="force group"
context="S"
type="string"
- constant="1"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<synonym>group</synonym>
<description>
diff --git a/docs-xml/smbdotconf/security/forceuser.xml b/docs-xml/smbdotconf/security/forceuser.xml
index 3316afe..ff5c7a2 100644
--- a/docs-xml/smbdotconf/security/forceuser.xml
+++ b/docs-xml/smbdotconf/security/forceuser.xml
@@ -1,6 +1,5 @@
<samba:parameter name="force user"
type="string"
- constant="1"
context="S"
xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
<description>
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index 2fa7c60..2e4a113 100644
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -243,18 +243,23 @@ static NTSTATUS find_forced_group(bool force_user,
TALLOC_CTX *frame = talloc_stackframe();
struct dom_sid group_sid;
enum lsa_SidType type;
- const char *force_group;
char *groupname;
bool user_must_be_member = False;
gid_t gid;
- force_group = lp_force_group(snum);
- if (force_group[0] == '+') {
- user_must_be_member = true;
- force_group += 1;
+ groupname = lp_force_group(talloc_tos(), snum);
+ if (groupname == NULL) {
+ DEBUG(1, ("talloc_strdup failed\n"));
+ result = NT_STATUS_NO_MEMORY;
+ goto done;
+ }
+
+ if (groupname[0] == '+') {
+ user_must_be_member = True;
+ groupname += 1;
}
- groupname = talloc_string_sub(talloc_tos(), force_group,
+ groupname = talloc_string_sub(talloc_tos(), groupname,
"%S", lp_const_servicename(snum));
if (groupname == NULL) {
DEBUG(1, ("talloc_string_sub failed\n"));
@@ -372,7 +377,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
{
NTSTATUS status;
- if (*lp_force_user(snum)) {
+ if (*lp_force_user(talloc_tos(), snum)) {
/*
* Replace conn->session_info with a completely faked up one
@@ -384,7 +389,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
struct auth_session_info *forced_serverinfo;
bool guest;
- fuser = talloc_string_sub(conn, lp_force_user(snum), "%S",
+ fuser = talloc_string_sub(conn, lp_force_user(talloc_tos(), snum), "%S",
lp_const_servicename(snum));
if (fuser == NULL) {
return NT_STATUS_NO_MEMORY;
@@ -422,7 +427,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
* any groupid stored for the connecting user.
*/
- if (*lp_force_group(snum)) {
+ if (*lp_force_group(talloc_tos(), snum)) {
status = find_forced_group(
conn->force_user, snum, conn->session_info->unix_info->unix_name,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b6a754b..9d5321c 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -335,8 +335,7 @@ static bool change_to_user_internal(connection_struct *conn,
* See if we should force group for this service. If so this overrides
* any group set in the force user code.
*/
- group_c = *lp_force_group(snum);
- if (group_c != '\0') {
+ if((group_c = *lp_force_group(talloc_tos(), snum))) {
SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
--
Samba Shared Repository
More information about the samba-cvs
mailing list