backup intent and dptr_create failure because of become_root() (was Re: Samba4 panic action)

Michael Adam obnox at samba.org
Mon Oct 29 07:18:54 MDT 2012 

Just for the record:

Am I right in that this is the patch that has been superseded by
the patch that walks the sec-ctx stack to find the first non-NULL token?

Thanks - Michael

On 2012-10-24 at 14:59 -0700, Jeremy Allison wrote:
> On Wed, Oct 24, 2012 at 11:43:54AM -0700, Jeremy Allison wrote:
> > On Sat, Oct 20, 2012 at 09:39:46PM +1100, Andrew Bartlett wrote:
> > > 
> > > Because we are in a become_root(), the token is NULL, and so we
> > > segfault.
> > > 
> > > Jeremy,
> > > 
> > > I think you can probably handle it from here.  We don't call
> > > get_current_nttok() in many places, perhaps we might be able to replace
> > > it with a call that doesn't need to inspect the unix security stack, but
> > > instead directly de-references conn or something similar?
> > 
> > Now tracking as :
> > 
> > [Bug 9329] New: Directory listing with SeBackup can crash smbd.
> 
> Ok, here's the patch - fixes the problem here. Steve, can
> you test and confirm you don't see the problem any more ?
> 
> I'll continue to develop this for master (as it has shown
> we really shouldn't push/pop the NtToken in the security
> context stack so can remove quite a bit of code here).
> 
> Once you've confirmed it fixes the issue I'll add a
> scripted test that reproduces and prepare the final
> patchset for 4.0.0 (and get the larger patchset
> pushed to master).
> 
> Thanks !
> 
> Jeremy.

> diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
> index eac5d9d..1835507 100644
> --- a/source3/smbd/uid.c
> +++ b/source3/smbd/uid.c
> @@ -533,9 +533,19 @@ const struct security_unix_token *get_current_utok(connection_struct *conn)
>  	return &current_user.ut;
>  }
>  
> +/****************************************************************************
> + Return the Windows token we are running effectively as on this connection.
> + Note that this ignores the NULL token imposed by become_root(), as that is
> + used for temporary UNIX security override, not to change the attached Windows
> + token for the user.
> +
> + After this change we can change 'struct sec_ctx' to 'struct security_unix_token'
> + as there is no need to push/pop Windows tokens.
> +****************************************************************************/
> +
>  const struct security_token *get_current_nttok(connection_struct *conn)
>  {
> -	return current_user.nt_user_token;
> +	return conn->session_info->security_token;
>  }
>  
>  uint64_t get_current_vuid(connection_struct *conn)

-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 206 bytes
Desc: not available
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20121029/6d7f9c99/attachment.pgp>

More information about the samba-technical mailing list