[PATCH] Fix bug #9878 - force user does not work as expected.
Andreas Schneider
asn at samba.org
Wed Mar 19 09:16:16 MDT 2014
On Monday 17 March 2014 15:18:57 Jeremy Allison wrote:
> Michael,
>
> I finally tracked down the cause of bug
> #9878 - force user does not work as expected
>
> https://bugzilla.samba.org/show_bug.cgi?id=9878
>
> You were correct, my git check-in 86d1e1db8e2747e30c89627cda123fde1e84f579
> was the cause. In fixing that I used the wrong
> session_info pointer to call check_user_share_access()
> inside make_connection_snum().
>
> Now I understand the problem the fix is
> obvious (change the call to check_user_share_access()
> inside make_connection_snum() to use the same
> session_info pointer that is used
> inside change_to_user() to potentially
> check access on every packet). Now both
> calls check in *exactly* the same way,
> and in my testing the correct functionality
> from 3.6.x is restored.
>
> Please review and push if you're happy.
> I have versions prepared for 4.1.x and
> 4.0.x once it's in master.
>
> I'm picking you for the review as you
> wrote in the bug report:
>
> "Ok, great! I'll also happily work/collaborate on this."
>
> :-). Once this goes in we should really
>
> decide on some tests to ensure we can't
> regress on this again.
Houston, we have a problem!
I have a print$ share with force group which stops working after this patch!
[print$]
comment = Printer Drivers
path = /var/lib/samba/drivers
write list = @ntadmin root
force group = ntadmin
create mask = 0664
directory mask = 0775
I'm connecting as LEVEL1+Administrator who is a member of the group ntadmin.
I'm not able to upload printer drivers after the patch is applied. If I revert
the patch, I can upload printer drivers again.
-- andreas
--
Andreas Schneider GPG-ID: CC014E3D
Samba Team asn at samba.org
www.samba.org
More information about the samba-technical
mailing list