Proposal for changes in become root

Ralph Boehme slow at samba.org
Mon Apr 22 11:51:55 UTC 2024


On 4/22/24 12:46, Xavi Hernandez wrote:
> I've just started to take a look, but if I understand it correctly, the 
> user credentials will be set just before doing the system call.

exactly.

> I've not 
> seen any reference to become_root() (I may have missed something, 
> though),

that part is not implemented yet, so far there's only the root 
impersonation object in the struct samba_impersonation. This still needs 
to be fleshed out in samba_impersonation_create().

Iirc we'd then have a new function like samba_root_impersonation() then 
checks imp->is_become_root and either returns imp or imp->become_root.

In places were we currently call become_root(), we'd then call root_imp 
= samba_root_impersonation() and pass root_imp to the function we want 
to execute as root.

Note that we'll likely also have to bite the bullet and properly handle 
capabilities instead of using [set|drop]_effective_capability(). To do 
this we somehow need to track the current and modified set of 
capabilities in the impersonation objects.

> but I guess it needs to integrate with that and, in this case, 
> it won't issue any syscalls to change the current process owner, right ?
> 
> That approach could be very useful for what I really wanted to do. If I 
> see it correctly, the credentials switch happens in vfs_default, so 
> modules are free to implement the credentials as they want.

yes.

In the end you would cache your own impersonation tokens in a cache 
associated with the main impersonation object cache id 
(samba_impersonation_cache_id()), using a talloc destructor on an object 
that is a talloc child of the impersonation object and removes the VFS 
module token from the VFS module cache.

Makes sense?

Cheers!
-slow
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20240422/9f786817/OpenPGP_signature.sig>


More information about the samba-technical mailing list