SAMBA_2_2 'admin users' feature broken

D Davies djdavies at home.com
Tue Oct 31 22:38:25 GMT 2000


Jeremy Allison wrote:

> D Davies wrote:
> >
> > Hi,
> >
> > Again, using SAMBA_2_2. If I use this on my [slash$]
> > service:
> > path = /
> > admin users = admin
> >
> > Then in the logfile I see my user 'admin' connecting to the
> > service as an 'admin' user with "root privelages".  But this
> > is not reflected in the behaviour.  For example if I use the
> > Windows Explorer on the Win9X client to create something
> > like:
>
> Ok - try the following bugfix (bug caused due to restructuring
> of code between 2.0.x and 2.2.x).
>
> Cheers,
>
>         Jeremy.
>
> Index: smbd/uid.c
> ===================================================================
> RCS file: /data/cvs/samba/source/smbd/uid.c,v
> retrieving revision 1.50.4.1
> diff -u -r1.50.4.1 uid.c
> --- smbd/uid.c  2000/10/13 01:59:32     1.50.4.1
> +++ smbd/uid.c  2000/10/31 01:27:09
> @@ -121,6 +121,7 @@
>                 return False;
>
>         if (conn->force_user ||
> +           conn->admin_user ||
>             lp_security() == SEC_SHARE ||
>             !(vuser) || (vuser->guest)) {
>                 uid = conn->uid;
>
> --

Hi,

This patch does seem to remedy the situation.  I can connect to the service as an admin user now,
and create new files/folders which are correctly owned by root.

I would note however that the GID permissions were not changed to root's group.  As it works
now, the 'admin user' who connects, does operations on the filesystem as UID:root and
GID:users.  Im not sure what the proper behaviour is supposed to be, you would be the
one to know.  To me it would make more sense to provide the 'admin user' with
UID:root and GID:root's group.  Not sure if this is a bug or not.

--
Cheers
D Davies






More information about the samba-technical mailing list