summaryrefslogtreecommitdiffstats
path: root/source3/smbd/uid.c
Commit message (Collapse)AuthorAgeFilesLines
* param: rename lp function and variable from 'guestaccount' to 'guest_account'Garming Sam2014-02-071-1/+1
| | | | | | Signed-off-by: Garming Sam <garming@catalyst.net.nz> Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Jeremy Allison <jra@samba.org>
* s3-smbd: Log user change information.Andreas Schneider2014-01-171-0/+6
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Günther Deschner <gd@samba.org>
* s3-smbd_shim: Add become_authenticated_pipe_user().Andreas Schneider2013-10-291-2/+2
| | | | | Signed-off-by: Andreas Schneider <asn@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Fixup the change_to_user_by_session() case as called from ↵Jeremy Allison2013-01-091-0/+22
| | | | | | | | | | | | | become_user_by_session() Use inside source3/printing/nt_printing.c:get_correct_cversion(). Allow check_user_ok() to be called with vuid==UID_FIELD_INVALID. All this should do is throw away one entry in the vuid cache. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* smbd: Remove some ()Volker Lendecke2013-01-091-3/+3
| | | | | | Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* smbd: Simplify an if-expressionVolker Lendecke2013-01-091-10/+7
| | | | | | Reviewed-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Move create_share_access_mask() from smbd/service.c to smbd/uid.c.Jeremy Allison2013-01-091-0/+38
| | | | | | | | Make it static. Only called from uid.c now. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Factor code out of check_user_ok() into a call to check_user_share_access().Jeremy Allison2013-01-091-34/+7
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Initialize stack variables. Prelude to factoring out calls to ↵Jeremy Allison2013-01-091-2/+2
| | | | | | | | check_user_share_access(). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Add check_user_share_access() which factors out the share security and ↵Jeremy Allison2013-01-091-0/+56
| | | | | | | | | | | read_only flag setting code. Allows this to be called from both make_connection_snum() as well as check_user_ok(). Gives a consistent share security check function. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Correctly setup the conn->share_access based on the current user token.Jeremy Allison2013-01-091-12/+22
| | | | | | | | | | Also use this to set conn->read_only. Cache the share_access in the struct vuid_cache_entry struct so we only evaluate this once per new user access on this share. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Clean up struct connection_struct, make struct vuid_cache a pointer not inline.Jeremy Allison2013-01-091-5/+5
| | | | | | | | Change VFS ABI to 31 for 4.1.0. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Remove unneeded variable "const struct auth_session_info *session_info"Jeremy Allison2013-01-091-3/+1
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Remove dead code now vuser can no longer be NULL.Jeremy Allison2013-01-091-8/+0
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Remove the second set of {} braces, no longer needed.Jeremy Allison2013-01-091-20/+18
| | | | | Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org>
* Remove one set of enclosing {} braces, no longer needed.Jeremy Allison2013-01-091-9/+7
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Move the definition of struct vuid_cache_entry *ent outside blocks.Jeremy Allison2013-01-091-4/+2
| | | | | | Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Start to tidy-up check_user_ok().Jeremy Allison2013-01-091-3/+2
| | | | | | | | | Now we have removed "security=share" we cannot be called with vuid == UID_FIELD_INVALID. Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* Fix bug #9329 - Directory listing with SeBackup can crash smbd.Jeremy Allison2012-10-291-1/+11
| | | | | | | | | | | | | | | | | | When we do a become_root()/unbecome_root() pair to temporarily raise privilege, this NULLs out the NT token. If we're within a become_root()/unbecome_root() pair then return the previous token on the stack as our NT token. This is what we should be using to check against NT ACLs in the file server. This copes with security context changing when removing a file on close under the context of another user (when 2 users have a file open, one sets delete on close and then the other user has to actually do the delete). Signed-off-by: Jeremy Allison <jra@samba.org> Reviewed-by: Michael Adam <obnox@samba.org> Autobuild-User(master): Michael Adam <obnox@samba.org> Autobuild-Date(master): Mon Oct 29 16:26:20 CET 2012 on sn-devel-104
* loadparm: make the source3/ lp_ functions take an explicit TALLOC_CTX *.Rusty Russell2012-07-181-6/+9
| | | | | | | | | | They use talloc_tos() internally: hoist that up to the callers, some of whom don't want to us talloc_tos(). A simple patch, but hits a lot of files. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
* s3:smbd: change vuid to uint64_t in uid.cStefan Metzmacher2012-06-061-11/+11
| | | | metze
* s3:smbd: use 'struct user_struct' instead of typedef'ed 'user_struct'Stefan Metzmacher2012-06-061-1/+1
| | | | metze
* s3-smbd make change_to_user_by_session staticAndrew Bartlett2012-03-071-2/+2
|
* s3-auth: Remove security=share (depricated since 3.6).Andrew Bartlett2012-03-041-18/+5
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This patch removes security=share, which Samba implemented by matching the per-share password provided by the client in the Tree Connect with a selection of usernames supplied by the client, the smb.conf or guessed from the environment. The rationale for the removal is that for the bulk of security=share users, we just we need a very simple way to run a 'trust the network' Samba server, where users mark shares as guest ok. This is still supported, and the smb.conf options are documented at https://wiki.samba.org/index.php/Public_Samba_Server At the same time, this closes the door on one of the most arcane areas of Samba authentication. Naturally, full user-name/password authentication remain available in security=user and above. This includes documentation updates for username and only user, which now only do a small amount of what they used to do. Andrew Bartlett -------------- / \ / REST \ / IN \ / PEACE \ / \ | SEC_SHARE | | security=share | | | | | | 5 March | | | | 2012 | *| * * * | * _________)/\\_//(\/(/\)/\//\/\///|_)_______
* s3-auth Use the common auth_session_infoAndrew Bartlett2011-07-201-6/+6
| | | | | | | | | | | This patch finally has the same structure being used to describe the authorization data of a user across the whole codebase. This will allow of our session handling to be accomplished with common code. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth use auth_user_info not netr_SamInfo3 in auth3_session_infoAndrew Bartlett2011-07-201-3/+3
| | | | | | | | | | | | This makes auth3_session_info identical to auth_session_info The logic to convert the info3 to a struct auth_user_info is essentially moved up the stack from the named pipe proxy in source3/rpc_server to create_local_token(). Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use struct auth_user_info_unix for unix_name and sanitized_usernameAndrew Bartlett2011-07-201-6/+6
| | | | | | | | This is closer to the layout of struct auth_session_info in auth.idl Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use *unix_token rather than utok in struct auth3_session_infoAndrew Bartlett2011-07-201-15/+15
| | | | | | | | | | | | | | | | This brings this structure one step closer to the struct auth_session_info. A few SMB_ASSERT calls are added in some key places to ensure that this pointer is initialised, to make tracing any bugs here easier in future. NOTE: Many of the users of this structure should be reviewed, as unix and NT access checks are mixed in a way that should just be done using the NT ACL. This patch has not changed this behaviour however. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Use struct auth3_session_info outside the auth subsystemAndrew Bartlett2011-07-201-7/+7
| | | | | | | | | | | | | | | This seperation between the structure used inside the auth modules and in the wider codebase allows for a gradual migration from struct auth_serversupplied_info -> struct auth_session_info (from auth.idl) The idea here is that we keep a clear seperation between the structure before and after the local groups, local user lookup and the session key modifications have been processed, as the lack of this seperation has caused issues in the past. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3: Return "granted" from share_access_checkVolker Lendecke2011-07-051-4/+7
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-build: Provide a run-time shim to work around duplicate symbolsAndrew Bartlett2011-06-211-3/+3
| | | | | | | | | | | | | | | | The become_root() and similar 'smbd' functions that are used widely in Samba libraries had 'dummy' copies in dummysmbd.c and dummyroot.c. These have been replaced by a runtime plugin mechanim, which ensures that standlone binaries still do nothing, while in smbd the correct function is used. This avoids having these as duplicate symbols in the smbd binary, which can cause unpredictable behaviour. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-smbd Split conn.c into 3 filesAndrew Bartlett2011-05-311-44/+0
| | | | | | | | | | The idea with this split is to make it easier to handle dependencies, avoiding having the loadparm code depend on the global server variables, without resorting to dummy functions and linker tricks. conn_clear_vuid_cache() is brought in from uid.c to make it static Andrew Bartlett
* s3-smbd: avoid using pipes_struct when only session_info is needed.Günther Deschner2011-05-021-5/+4
| | | | Guenther
* s3-smbd: Added a become_user_by_session() function.Andreas Schneider2011-04-111-0/+17
| | | | | | | | This uses the provided session_info instead of searching the user via the vuid. This is useful to work with fake connnection you need to create if someone connects directly to a rpc service. Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-smbd: Added a change_to_user_by_session() function.Andreas Schneider2011-04-111-74/+96
| | | | Signed-off-by: Jeremy Allison <jra@samba.org>
* s3-includes: only include ntdomain.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-auth: smbd needs auth.hGünther Deschner2011-03-301-0/+1
| | | | Guenther
* s3: include smbd/smbd.h where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-passdb: use passdb headers where needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-includes: only include system/passwd.h when needed.Günther Deschner2011-03-301-0/+1
| | | | Guenther
* s3-smbd: Increase debug level von context messages.Andreas Schneider2011-03-091-1/+1
|
* s3-auth struct security_unix_token replaces UNIX_USER_TOKENAndrew Bartlett2011-03-011-1/+1
|
* s3-auth Rename auth_serversupplied_info varaiables: server_info -> session_infoAndrew Bartlett2011-02-221-60/+60
| | | | | | | | | | | | | | | | | | | | | These variables, of type struct auth_serversupplied_info were poorly named when added into 2001, and in good consistant practice, this has extended all over the codebase in the years since. The structure is also not ideal for it's current purpose. Originally intended to convey the results of the authentication modules, it really describes all the essential attributes of a session. This rename will reduce the volume of a future patch to replaced these with a struct auth_session_info, with auth_serversupplied_info confined to the lower levels of the auth subsystem, and then eliminated. (The new structure will be the output of create_local_token(), and the change in struct definition will ensure that this is always run, populating local groups and privileges). Andrew Bartlett Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s3-auth Rename cryptic 'ptok' to security_tokenAndrew Bartlett2011-02-101-9/+9
| | | | | | | | | This will allow the auth_serversupplied_info struct to be migrated to auth_session_info easier. Adnrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-smbd: Fixed a possible null pointer dereference.Andreas Schneider2011-01-191-1/+3
|
* Make getpwnam_alloc() static to lib/username.c, and ensure all username ↵Jeremy Allison2010-10-201-1/+1
| | | | | | | | | | | | lookups go through Get_Pwnam_alloc(), which is the correct wrapper function. We were using it *some* of the time anyway, so this just makes us properly consistent. Jeremy. Autobuild-User: Jeremy Allison <jra@samba.org> Autobuild-Date: Wed Oct 20 16:02:12 UTC 2010 on sn-devel-104
* libcli/security Provide a common, top level libcli/security/security.hAndrew Bartlett2010-10-121-0/+1
| | | | | | | | | | | | | | This will reduce the noise from merges of the rest of the libcli/security code, without this commit changing what code is actually used. This includes (along with other security headers) dom_sid.h and security_token.h Andrew Bartlett Autobuild-User: Andrew Bartlett <abartlet@samba.org> Autobuild-Date: Tue Oct 12 05:54:10 UTC 2010 on sn-devel-104
* s3: Remove talloc_autofree_context() from change_to_guest()Volker Lendecke2010-09-261-1/+1
| | | | pass is freed at the exit of this routine
* s3:auth Remove NT_USER_TOKENAndrew Bartlett2010-09-111-1/+1
| | | | | | | | | The all UPPER case typedef is no longer the preferred Samba style and this makes it easier to see that this is the IDL-derivied structure Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* s3-auth Rename NT_USER_TOKEN user_sids -> sidsAndrew Bartlett2010-08-311-2/+2
| | | | This is closer to the struct security_token from security.idl