[Samba] unable to save share permissions changes with 3.0

Eamonn Hamilton EAMONN.HAMILTON at saic.com
Wed Nov 12 09:56:27 GMT 2003


Hi Gerry,

I can't remember if I replied to this ( I'm afraid real life got in the
way a bit ).

This patch works fine, I can now set the share permissions properly from
remote clients.

Many thanks for this !

Cheers,
Eamonn

On Fri, 2003-10-03 at 17:11, Gerald (Jerry) Carter wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Eamonn Hamilton wrote:
> | I've tried using the MMC on a W2K system to edit the permissions. I was
> | logged in as a domain admin account, which is mapped to a local user on
> | the samba box and is entered in as an admin user on the share.
> |
> | The system itself is a member server in a resource domain, while the
> | accounts I'm trying to add come from a trusted domain, if that makes a
> | difference.
> 
> I looked at the code and the current behavior is by design.
> Hpwever, try this patch.
> 
> 
> 
> 
> cheers, jerry
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.2.1 (GNU/Linux)
> Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
> 
> iD8DBQE/fZ+UIR7qMdg1EfYRAu/tAKDrMifTl82B0+0FjB+pUwwxndUmFACfbu46
> RjHENqnU3ctwfOwGeAiUnsQ=
> =fTbv
> -----END PGP SIGNATURE-----
> 
> 
> ______________________________________________________________________
> ? build-me
> ? pchdir
> ? update-samba
> ? intl/libgettext.h
> Index: rpc_server/srv_srvsvc_nt.c
> ===================================================================
> RCS file: /data/cvs/samba/source/rpc_server/srv_srvsvc_nt.c,v
> retrieving revision 1.70.2.15
> diff -u -r1.70.2.15 srv_srvsvc_nt.c
> --- rpc_server/srv_srvsvc_nt.c	19 Sep 2003 21:57:43 -0000	1.70.2.15
> +++ rpc_server/srv_srvsvc_nt.c	3 Oct 2003 16:09:28 -0000
> @@ -1457,6 +1457,7 @@
>  	int ret;
>  	char *ptr;
>  	SEC_DESC *psd = NULL;
> +	struct passwd *pw = NULL;
>  
>  	DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
>  
> @@ -1479,8 +1480,15 @@
>  
>  	get_current_user(&user,p);
>  
> -	if (user.uid != sec_initial_uid())
> +	/* check the uid and then see if the user is in an 
> +	   member of 'admin users'.  Fail if all these checks fail */
> +	   
> +	pw = sys_getpwuid( user.uid);
> +	if (! ( (user.uid == sec_initial_uid())
> +		|| ( pw && user_in_list(pw->pw_name, lp_admin_users(snum), user.groups, user.ngroups))) ) 
> +	{
>  		return WERR_ACCESS_DENIED;
> +	}
>  
>  	switch (q_u->info_level) {
>  	case 1:




More information about the samba mailing list