How does impersonation work in Samba?

Krishna Ganugapati krishnag at
Tue Oct 25 20:51:17 GMT 2005

Hello, I've been grepping through the source code and I'm trying to understand how the client impersonation works on the server side.  Typically after whatever authentication has been done (NTLMv2 or Kerberos) - the server must impersonate the client.  I find a bunch of references to become_root() and unbecome_root() - which I'm assuming to mean that since (atleast on my box) Samba runs as root - when an authenticated server request comes in, the appropriate call within the server is now run as the client that on whose behalf the request is being serviced. At times there is the need to become_root()  perform some appropriate house-keeping etc etc  that only root can and then unbecome_root(). 

Can someone explain/point me to understanding how the client impersonation is done...

Thanks so much


More information about the samba-technical mailing list