uid_wrapper: Add uwrap_setresuid().

Andrew Bartlett abartlet at samba.org
Sat Oct 8 14:37:36 MDT 2011 

On Sat, 2011-10-08 at 10:00 -0400, simo wrote:
> On Sat, 2011-10-08 at 10:30 +0200, Stefan (metze) Metzmacher wrote: 
> > Am 08.10.2011 10:01, schrieb Andrew Bartlett:
> > > On Sat, 2011-10-08 at 09:44 +0200, Andreas Schneider wrote:
> > >> On Saturday 08 October 2011 10:42:45 Andrew Bartlett wrote:
> > >>> On Fri, 2011-10-07 at 12:05 +0200, Andreas Schneider wrote:
> > >>>> - Log -----------------------------------------------------------------
> > >>>> commit 4493c578b0da44ae2100cc0d4d6acc714bf39a3f
> > >>>> Author: Andreas Schneider <asn at samba.org>
> > >>>> Date:   Fri Oct 7 10:30:23 2011 +0200
> > >>>>
> > >>>>     uid_wrapper: Add uwrap_setresuid().
> > >>>>     
> > >>>>     Autobuild-User: Andreas Schneider <asn at cryptomilk.org>
> > >>>>     Autobuild-Date: Fri Oct  7 12:04:05 CEST 2011 on sn-devel-104
> > >>>
> > >>> Andreas,
> > >>
> > >> Andrew, 
> > >>
> > >>> It's really great to see UID wrapper being ported into the source3 code,
> > >>> but I just wanted to mention that this seems to have broken the Solaris
> > >>> build.
> > >>>
> > >>> http://build.samba.org/build.cgi/build/2830602b39d10d5637469a8039ab51ee7329f
> > >>> ad5
> > >>>
> > >>> I'm sure the fix is pretty simple, I just wanted to bring it to your
> > >>> attention.
> > >>
> > >> there is more stuff broken than I thought, and I think I've fixed it now.
> > >>
> > >> http://git.samba.org/?p=asn/samba.git;a=shortlog;h=refs/heads/s3-uid-wrapper
> > >>
> > >> I just wanted that someone looks over it before I push it.
> > >>
> > > 
> > > Thanks.  I'm OK with these patches, except for 
> > > http://git.samba.org/?p=asn/samba.git;a=commitdiff;h=17890a7e46b5227f4fa24c8326a4a13421d0edaa
> > > 
> > > The problem I have this this patch is if overriding the get/set uid
> > > functions requires that we include a particular header, but the build
> > > can continue without that header specified, we can get in a lot of
> > > trouble quickly.  We should ensure that we do not obtain the system
> > > prototypes for the replaced functions except via the header that has the
> > > uid_wrapper replacements.
> > > 
> > > If we don't, we risk subtle, painful to debug issues in our test
> > > environment (the same applies for socket_wrapper, and it is from that
> > > experience that I give this warning).
> > > 
> > > I do realise this is difficult with geteuid() being defined via
> > > unistd.h, but this is yet another reason why all Samba code should only
> > > include system/ headers, not system headers directly.
> > 
> > I think Andreas should push this changes to make it work at all.
> > Then we can think about a good generic strategie how to prevent such
> > problems
> > for all wrapper libraries.
> > 
> > Ok?
> 
> +1

Just to loop back to the list, Andreas and Metze caught me on IRC last
night and I ack-ed a revised patch that addressed my concerns (it wasn't
a large change in the end).

-- 
Andrew Bartlett                                http://samba.org/~abartlet/
Authentication Developer, Samba Team           http://samba.org

More information about the samba-technical mailing list