Annoying Minor Bug In Winbind 2.2.x
Martin Pool
mbp at samba.org
Fri Feb 7 01:23:30 GMT 2003
On 6 Feb 2003, "Boyce, Nick" <nick.boyce at eds.com> wrote:
> As per my message an hour or so ago, I'm trying to get the winbind that
> comes with Debian 3.0 Samba 2.2.3a-12 configured to allow me to telnet into
> the box with authentication handed off to a real NT domain.
>
> Anyway, even before I really get started, I find what seems to be an
> obvious, simple and annoying buggette - if I stop and restart winbind (the
> sort of thing you do a lot at this stage) then it fails to restart, with
> this message in "/var/log/samba/log.winbindd" :
> "invalid permissions on socket directory /tmp/.winbindd"
>
> Here's the permissions :
> /etc# ls -ld /tmp/.w*
> drwxr-x--- 2 root root 4096 Feb 6 21:33 /tmp/.winbindd
The error is emitted from create_pipe_sock, which checks that the
permissions on the directory are exactly what winbind expects them to
be (0755). Obviously those permissions are not correct, which would
seem to be a problem because it might prevent non-root processes from
accessing winbindd. This looks very much like a umask problem.
I see the bug: create_pipe_sock tries to temporarily set its umask to
0 so as to give the right permissions, but it only does this after
creating the directory. So if you start winbindd with a umask
stronger than 022, it will fail in this way.
The bug apparently came in Andrew Bartlett's merge in 1.45; the
provenance of it I don't know. (TNG?) This patch ought to be applied
to 2.2, HEAD, 3.0, and APPL_HEAD.
Tim, how's this patch?
Index: util_sock.c
===================================================================
RCS file: /data/cvs/samba/source/lib/util_sock.c,v
retrieving revision 1.75
diff -u -u -p -r1.75 util_sock.c
--- util_sock.c 9 Jan 2003 06:58:07 -0000 1.75
+++ util_sock.c 7 Feb 2003 01:21:10 -0000
@@ -885,13 +885,18 @@ char *get_socket_addr(int fd)
}
-/*******************************************************************
- Create protected unix domain socket.
-
- some unixen cannot set permissions on a ux-dom-sock, so we
- have to make sure that the directory contains the protection
- permissions, instead.
- ******************************************************************/
+/**
+ * Create protected unix domain socket.
+ *
+ * Some unixen cannot set permissions on a ux-dom-sock, so we have to
+ * make sure that the directory contains the protection permissions,
+ * instead.
+ *
+ * It must be possible to access the socket from unprivileged
+ * programs, even if the daemon is started with a restrictive umask.
+ * Therefore is is temporarily removed while creating the directory
+ * and socket.
+ **/
int create_pipe_sock(const char *socket_dir,
const char *socket_name,
mode_t dir_perms)
@@ -903,56 +908,46 @@ int create_pipe_sock(const char *socket_
mode_t old_umask;
pstring path;
+ old_umask = umask(0);
+
/* Create the socket directory or reuse the existing one */
if (lstat(socket_dir, &st) == -1) {
-
if (errno == ENOENT) {
-
- /* Create directory */
-
if (mkdir(socket_dir, dir_perms) == -1) {
DEBUG(0, ("error creating socket directory "
"%s: %s\n", socket_dir,
strerror(errno)));
- return -1;
+ goto out_umask;
}
-
} else {
-
DEBUG(0, ("lstat failed on socket directory %s: %s\n",
socket_dir, strerror(errno)));
- return -1;
+ goto out_umask;
}
-
} else {
-
/* Check ownership and permission on existing directory */
-
if (!S_ISDIR(st.st_mode)) {
DEBUG(0, ("socket directory %s isn't a directory\n",
socket_dir));
- return -1;
+ goto out_umask;
}
if ((st.st_uid != sec_initial_uid()) ||
((st.st_mode & 0777) != dir_perms)) {
DEBUG(0, ("invalid permissions on socket directory "
"%s\n", socket_dir));
- return -1;
+ goto out_umask;
}
}
/* Create the socket file */
- old_umask = umask(0);
-
sock = socket(AF_UNIX, SOCK_STREAM, 0);
if (sock == -1) {
perror("socket");
- umask(old_umask);
- return -1;
+ goto out_umask;
}
snprintf(path, sizeof(path), "%s/%s", socket_dir, socket_name);
@@ -966,25 +961,26 @@ int create_pipe_sock(const char *socket_
DEBUG(0, ("bind failed on pipe socket %s: %s\n",
path,
strerror(errno)));
- close(sock);
- umask(old_umask);
- return -1;
+ goto out_close;
}
if (listen(sock, 5) == -1) {
DEBUG(0, ("listen failed on pipe socket %s: %s\n",
path,
strerror(errno)));
- close(sock);
- umask(old_umask);
- return -1;
+ goto out_close;
}
umask(old_umask);
-
- /* Success! */
-
- return sock;
+ return sock; /* success */
+
+out_close:
+ close(sock);
+
+out_umask:
+ umask(old_umask);
+ return -1;
+
#else
DEBUG(0, ("create_pipe_sock: No Unix sockets on this system\n"));
return -1;
--
Martin
"Crazy fuckers" can refer to so many people these days, so the
confusion is understandable.
-- John Goebel
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url : http://lists.samba.org/archive/samba-technical/attachments/20030207/8b00e9cc/attachment.bin
More information about the samba-technical
mailing list