diff options
| author | Jeremy Allison <jra@samba.org> | 1997-10-15 21:53:59 +0000 |
|---|---|---|
| committer | Jeremy Allison <jra@samba.org> | 1997-10-15 21:53:59 +0000 |
| commit | 16fd4337f79ce33f91050c96c4a566221c5d9126 (patch) | |
| tree | 35f06822ded7d84e504e664e2d83d902a9730ac5 /source/smbd/uid.c | |
| parent | ed606bc7d4e6fb1091e527ea70a3e950d50a1db4 (diff) | |
| download | samba-16fd4337f79ce33f91050c96c4a566221c5d9126.tar.gz | |
ipc.c: Adding Andrews become_root code to the main branch.
locking.c: Adding Andrews become_root code to the main branch.
pipes.c: Fixing the close_file issue.
proto.h: The usual.
reply.c: Move smb_pass into NTDOMAIN defined code. Fixing the close_file issue.
server.c: Fixing the close_file issue.
trans2.c: Fixing the close_file issue.
uid.c: Adding Andrews become_root code to the main branch.
Jeremy (jallison@whistle.com)
Diffstat (limited to 'source/smbd/uid.c')
| -rw-r--r-- | source/smbd/uid.c | 74 |
1 files changed, 74 insertions, 0 deletions
diff --git a/source/smbd/uid.c b/source/smbd/uid.c index 78614a5b5c4..42ade7e4da1 100644 --- a/source/smbd/uid.c +++ b/source/smbd/uid.c @@ -481,3 +481,77 @@ int smbrun(char *cmd,char *outfile,BOOL shared) #endif return 1; } + +static struct current_user current_user_saved; +static int become_root_depth; +static pstring become_root_dir; + +/**************************************************************************** +This is used when we need to do a privilaged operation (such as mucking +with share mode files) and temporarily need root access to do it. This +call should always be paired with an unbecome_root() call immediately +after the operation + +Set save_dir if you also need to save/restore the CWD +****************************************************************************/ +void become_root(BOOL save_dir) +{ + if (become_root_depth) { + DEBUG(0,("ERROR: become root depth is non zero\n")); + } + if (save_dir) + GetWd(become_root_dir); + + current_user_saved = current_user; + become_root_depth = 1; + + become_gid(0); + become_uid(0); +} + +/**************************************************************************** +When the privilaged operation is over call this + +Set save_dir if you also need to save/restore the CWD +****************************************************************************/ +void unbecome_root(BOOL restore_dir) +{ + if (become_root_depth != 1) { + DEBUG(0,("ERROR: unbecome root depth is %d\n", + become_root_depth)); + } + + /* we might have done a become_user() while running as root, + if we have then become root again in order to become + non root! */ + if (current_user.uid != 0) { + become_uid(0); + } + + /* restore our gid first */ + if (!become_gid(current_user_saved.gid)) { + DEBUG(0,("ERROR: Failed to restore gid\n")); + exit_server("Failed to restore gid"); + } + +#ifndef NO_SETGROUPS + if (current_user_saved.ngroups > 0) { + if (setgroups(current_user_saved.ngroups, + current_user_saved.groups)<0) + DEBUG(0,("ERROR: setgroups call failed!\n")); + } +#endif + + /* now restore our uid */ + if (!become_uid(current_user_saved.uid)) { + DEBUG(0,("ERROR: Failed to restore uid\n")); + exit_server("Failed to restore uid"); + } + + if (restore_dir) + ChDir(become_root_dir); + + current_user = current_user_saved; + + become_root_depth = 0; +} |