[SCM] Samba Shared Repository - branch master updated
Jeremy Allison
jra at samba.org
Fri Mar 12 00:55:01 UTC 2021
The branch, master has been updated
via 16a1aefb72f smbd: call set_current_user_info() in smbd_become_authenticated_pipe_user()
via 7662a77c4cb selftest: add a test for %U variable expansion in spoolssd
from 11f3c852c75 s4:libnet_rpc: avoid reusing the assoc_group_id of the lsa connection
https://git.samba.org/?p=samba.git;a=shortlog;h=master
- Log -----------------------------------------------------------------
commit 16a1aefb72f3cf2093f2cffe1bd0e2483b761e6f
Author: Ralph Boehme <slow at samba.org>
Date: Thu Mar 11 11:20:52 2021 +0100
smbd: call set_current_user_info() in smbd_become_authenticated_pipe_user()
The current_user_info is updated at the SMB level, but currently not at the RPC
level in the RPC impersonation function smbd_become_authenticated_pipe_user().
For RPC services running embedded this is not an issue as the SMB level
impersonation has already taken care of current_user_info, but for RPC services
running as external daemons, eg spoolssd, the omission of updating
current_user_info results in variable expansion of eg %U (username) to be
broken.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14668
MR: https://gitlab.com/samba-team/samba/-/merge_requests/1834
RN: %U variable expansion not working in spoolsd
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Jeremy Allison <jra at samba.org>
Autobuild-User(master): Jeremy Allison <jra at samba.org>
Autobuild-Date(master): Fri Mar 12 00:54:01 UTC 2021 on sn-devel-184
commit 7662a77c4cb473c431386c9b8014e846bc5e5882
Author: Ralph Boehme <slow at samba.org>
Date: Thu Mar 11 14:46:28 2021 +0100
selftest: add a test for %U variable expansion in spoolssd
This targets the nt4_dc testenv which luckily already runs with spoolssd
enabled.
BUG: https://bugzilla.samba.org/show_bug.cgi?id=14668
MR: https://gitlab.com/samba-team/samba/-/merge_requests/1834
Signed-off-by: Ralph Boehme <slow at samba.org>
Reviewed-by: Björn Baumbach <bb at sernet.de>
Reviewed-by: Jeremy Allison <jra at samba.org>
-----------------------------------------------------------------------
Summary of changes:
selftest/target/Samba3.pm | 5 +++
.../tests/printing/printing_var_exp_lpr_cmd.sh | 7 ++++
source3/script/tests/test_printing_var_exp.sh | 40 ++++++++++++++++++++++
source3/selftest/tests.py | 2 ++
source3/smbd/uid.c | 4 +++
5 files changed, 58 insertions(+)
create mode 100755 source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
create mode 100755 source3/script/tests/test_printing_var_exp.sh
Changeset truncated at 500 lines:
diff --git a/selftest/target/Samba3.pm b/selftest/target/Samba3.pm
index a0c43aa842e..48ca3bf4688 100755
--- a/selftest/target/Samba3.pm
+++ b/selftest/target/Samba3.pm
@@ -2490,6 +2490,11 @@ sub provision($$)
[print3]
copy = print1
default devmode = no
+
+[print_var_exp]
+ copy = print1
+ print command = $self->{srcdir}/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh \"Windows user: %U\" \"UNIX user: %u\" \"Domain: %D\"
+
[lp]
copy = print1
diff --git a/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh b/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
new file mode 100755
index 00000000000..4a56a15eb94
--- /dev/null
+++ b/source3/script/tests/printing/printing_var_exp_lpr_cmd.sh
@@ -0,0 +1,7 @@
+#!/bin/bash
+
+rm -f /tmp/printing_var_exp.log
+
+for i in $(seq 1 $#) ; do
+ eval echo "arg $i: \$$i" >> /tmp/printing_var_exp.log
+done
diff --git a/source3/script/tests/test_printing_var_exp.sh b/source3/script/tests/test_printing_var_exp.sh
new file mode 100755
index 00000000000..6cfd6c00f29
--- /dev/null
+++ b/source3/script/tests/test_printing_var_exp.sh
@@ -0,0 +1,40 @@
+#!/bin/sh
+
+if [ $# -lt 4 ]; then
+cat <<EOF
+Usage: test_smbspool.sh SERVER SERVER_IP DOMAIN USERNAME PASSWORD
+EOF
+exit 1;
+fi
+
+SERVER="$1"
+SERVER_IP="$2"
+DOMAIN="$3"
+USERNAME="$4"
+PASSWORD="$5"
+shift 5
+ADDARGS="$@"
+
+incdir=`dirname $0`/../../../testprogs/blackbox
+. $incdir/subunit.sh
+. $incdir/common_test_fns.inc
+
+smbclient="$BINDIR/smbclient"
+
+test_var_expansion() {
+ $smbclient -U $DOMAIN/$USERNAME%$PASSWORD \
+ //$SERVER_IP/print_var_exp \
+ -c "print $SRCDIR/testdata/printing/example.ps" || return 1
+
+ cat /tmp/printing_var_exp.log
+
+ grep "Windows user: $USERNAME" /tmp/printing_var_exp.log || return 1
+ grep "UNIX user: $USERNAME" /tmp/printing_var_exp.log || return 1
+ grep "Domain: $DOMAIN" /tmp/printing_var_exp.log || return 1
+}
+
+testit "Test variable expansion for '%U', '%u' and '%D'" \
+ test_var_expansion \
+ || failed=$(expr $failed + 1)
+
+exit $failed
diff --git a/source3/selftest/tests.py b/source3/selftest/tests.py
index fe2fee610e5..01542d964a1 100755
--- a/source3/selftest/tests.py
+++ b/source3/selftest/tests.py
@@ -353,6 +353,8 @@ for env in ["nt4_member", "ad_member"]:
env = "ad_dc_smb1"
plantestsuite("samba3.blackbox.smbspool", env, [os.path.join(samba3srcdir, "script/tests/test_smbspool.sh"), '$SERVER', '$SERVER_IP', '$DC_USERNAME', '$DC_PASSWORD', env])
+plantestsuite("samba3.blackbox.printing_var_exp", "nt4_dc", [os.path.join(samba3srcdir, "script/tests/test_printing_var_exp.sh"), '$SERVER', '$SERVER_IP', '$DOMAIN', '$DC_USERNAME', '$DC_PASSWORD'])
+
for env in ["ad_member:local", "nt4_dc:local"]:
plantestsuite("samba3.blackbox.smbpasswd", env, [os.path.join(samba3srcdir, "script/tests/test_smbpasswd.sh"), '$SERVER', '$SERVER_IP', '$DC_USERNAME', '$DC_PASSWORD'])
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 11e5efb6cf1..b0d7f21c200 100644
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -510,6 +510,10 @@ bool smbd_become_authenticated_pipe_user(struct auth_session_info *session_info)
if (!push_sec_ctx())
return False;
+ set_current_user_info(session_info->unix_info->sanitized_username,
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name);
+
set_sec_ctx(session_info->unix_token->uid, session_info->unix_token->gid,
session_info->unix_token->ngroups, session_info->unix_token->groups,
session_info->security_token);
--
Samba Shared Repository
More information about the samba-cvs
mailing list