summaryrefslogtreecommitdiffstats
path: root/source4/ntvfs/unixuid
Commit message (Collapse)AuthorAgeFilesLines
* s4:ntvfs/unixuid: explicitly use allow_warnings=TrueStefan Metzmacher2014-04-021-0/+1
| | | | | Signed-off-by: Stefan Metzmacher <metze@samba.org> Reviewed-by: Andrew Bartlett <abartlet@samba.org>
* ntvfs_unixuid: No wbc_context requiredVolker Lendecke2014-03-051-8/+0
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Change-Id: I46f5d719005f3ac940482773404702368bbcfa4f Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* unixuid: Use the tevent_context from the ntvfs_contextVolker Lendecke2014-03-051-3/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Change-Id: I4edb0ee4cefdc2f1b309202c9ec70c7c7bbac0b8 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* auth4: security_token_to_unix_token only needs a tevent_contextVolker Lendecke2014-03-051-1/+1
| | | | | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Change-Id: I27e5b38fcd3ac899c55c0632ea5d92fad686d9b1 Reviewed-by: Andrew Bartlett <abartlet@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Revert "auth4: security_token_to_unix_token only needs a tevent_context"Volker Lendecke2014-02-181-1/+1
| | | | | | | This reverts commit 1de725c2926b526200032c4f46132c17533986c7. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Revert "unixuid: Use the tevent_context from the ntvfs_context"Volker Lendecke2014-02-181-1/+3
| | | | | | | This reverts commit 25e83a9b3e72cdb84c09ef8ada4784efd110f09a. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* Revert "ntvfs_unixuid: No wbc_context required"Volker Lendecke2014-02-181-0/+8
| | | | | | | This reverts commit f35f88d741f1f896268649238d4ddbda4abb1585. Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Andreas Schneider <asn@samba.org>
* ntvfs_unixuid: No wbc_context requiredVolker Lendecke2014-02-101-8/+0
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Kai Blin <kai@samba.org>
* unixuid: Use the tevent_context from the ntvfs_contextVolker Lendecke2014-02-101-3/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Kai Blin <kai@samba.org>
* auth4: security_token_to_unix_token only needs a tevent_contextVolker Lendecke2014-02-101-1/+1
| | | | | Signed-off-by: Volker Lendecke <vl@samba.org> Reviewed-by: Kai Blin <kai@samba.org>
* Replace all uses of setXX[ug]id() and setgroups with samba_setXX[ug]id() calls.Jeremy Allison2012-06-281-5/+6
| | | | | | Will allow thread-specific credentials to be added by modifying the central definitions. Deliberately left the setXX[ug]id() call in popt as this is not used in Samba.
* s4:ntvfs: add '_fn' suffix to all ntvfs_ops function pointersStefan Metzmacher2012-06-131-31/+31
| | | | | | | | | | | This hopefully fixes the build on systems where _LARGE_FILES triggers defines of syscalls e.g. '#define lseek lseek64' on AIX. metze Autobuild-User(master): Stefan Metzmacher <metze@samba.org> Autobuild-Date(master): Wed Jun 13 11:03:15 CEST 2012 on sn-devel-104
* s3-waf: add dependency on talloc or it won't build if talloc.h is not in the ↵Matthieu Patou2012-02-101-1/+1
| | | | | | | | | | default include path The problem occurs only if talloc, tdb and ldb are used as system libraries and talloc is not installed in a default. Autobuild-User: Matthieu Patou <mat@samba.org> Autobuild-Date: Fri Feb 10 23:27:29 CET 2012 on sn-devel-104
* Include uid_wrapper correctly.Andreas Schneider2011-10-271-10/+0
|
* s4-auth Move conversion of security_token to unix_token to authAndrew Bartlett2011-07-292-54/+4
| | | | | | | | This allows us to honour the AUTH_SESSION_INFO_UNIX_TOKEN flag. Andrew Bartlett Signed-off-by: Andrew Tridgell <tridge@samba.org>
* ntvfs: Use security_unix_token from auth.idlAndrew Bartlett2011-07-291-24/+16
| | | | Signed-off-by: Andrew Tridgell <tridge@samba.org>
* source4/ntvfs: Fix prototypes for all functions.Jelmer Vernooij2011-03-191-0/+2
|
* samdb: Lowercase library name.Jelmer Vernooij2010-11-071-1/+1
|
* s4: Remove the old perl/m4/make/mk-based build system.Jelmer Vernooij2010-10-312-11/+0
| | | | | | | | The new waf-based build system now has all the same functionality, and the old build system has been broken for quite some time. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sun Oct 31 02:01:44 UTC 2010 on sn-devel-104
* s4: Rename NSS_WRAPPER to nss_wrapper.Jelmer Vernooij2010-10-231-1/+1
| | | | | | | Only link to nss_wrapper when it is enabled. Autobuild-User: Jelmer Vernooij <jelmer@samba.org> Autobuild-Date: Sat Oct 23 23:05:44 UTC 2010 on sn-devel-104
* s4: Rename UID_WRAPPER to uid_wrapper.Jelmer Vernooij2010-10-231-1/+1
| | | | Only link to uid_wrapper when it is enabled.
* s4:security Change struct security_token->sids from struct dom_sid * to ↵Andrew Bartlett2010-08-231-1/+1
| | | | | | | | | struct dom_sid This makes the structure much more like NT_USER_TOKEN in the source3/ code. (The remaining changes are that privilages still need to be merged) Andrew Bartlett
* s4:ntvfs Don't treat the user SID and primary group SID special for idmapAndrew Bartlett2010-08-181-12/+4
| | | | | | | This simply askes IDMAP about all the user SIDs, rather than the user and group sid, followed by all but the first two sids from the token. Andrew Bartlett
* s4:idmap Adjust code to new idmap structure names and layout.Andrew Bartlett2010-05-241-12/+12
| | | | Andrew Bartlett
* s4-waf: removed the AUTOGENERATED markersAndrew Tridgell2010-04-061-4/+0
| | | | we won't be using the mk -> wscript generator again
* s4-waf: mark the wscript files as python so vim/emacs knows how to highlight ↵Andrew Tridgell2010-04-061-0/+2
| | | | them
* build: commit all the waf build files in the treeAndrew Tridgell2010-04-061-0/+11
|
* s4: Switch to S3-style id mapping data types.Kai Blin2010-02-111-5/+5
|
* s4:UID wrapper - Fix includesMatthias Dieter Wallnöfer2010-02-051-0/+10
| | | | | | | The includes of the UID wrapper headers werent't really efficient according to metze's post on the technical mailing list (http://lists.samba.org/archive/samba-technical/2010-February/069165.html). To achieve this move the "uid_wrapper.h" includes into "lib/util/unix_privs.c", "lib/util/util.c", "ntvfs/posix/pvfs_acl.c" and "ntvfs/unixuid/vfs_unixuid.c".
* Change uint_t to unsigned int in source4Matt Kraai2010-02-021-1/+1
| | | | Signed-off-by: Stefan Metzmacher <metze@samba.org>
* s4:ntvfs Don't attempt to follow NULL in unixuid_setup_security()Andrew Bartlett2009-10-021-1/+4
| | | | | | | | This segfault occoured in cases where we rejected (or never attempted) the tree connect, so had an invalid private pointer for the logoff codepath. Andrew Bartlett
* added a uid_wrapper libraryAndrew Tridgell2009-08-051-1/+1
| | | | | | | | | | | | | | | | | | | | This library intercepts seteuid and related calls, and simulates them in a manner similar to the nss_wrapper and socket_wrapper libraries. This allows us to enable the vfs_unixuid NTVFS module in the build farm, which means we are more likely to catch errors in the token manipulation. The simulation is not complete, but it is enough for Samba4 for now. The major areas of incompleteness are: - no emulation of setreuid, setresuid or saved uids. These would be needed for use in Samba3 - no emulation of ruid changing. That would also be needed for Samba3 - no attempt to emulate file ownership changing, so code that (for example) tests whether st.st_uid matches geteuid() needs special handling
* Cosmetic correctionMatthias Dieter Wallnöfer2009-07-191-1/+1
| | | | | Changes the order of two commands. First set up the "priv" structure, then assign it to the "ntvfs" structure.
* Have ntvfs_connect() accept union smb_tcon *tcon instead of char* sharenameSam Liddicott2009-05-201-2/+2
| | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | This change brings ntvfs_connect into compliance with other ntvfs functions which take an ntvfs module, an ntvfs request and an smb io union. It now becomes the responsibility of ntvfs modules to examine tcon->generic.level themselves and derive the share name and any other options directly; e.g. const char *sharename; switch (tcon->generic.level) { case RAW_TCON_TCON: sharename = tcon->tcon.in.service; break; case RAW_TCON_TCONX: sharename = tcon->tconx.in.path; break; case RAW_TCON_SMB2: default: return NT_STATUS_INVALID_LEVEL; } if (strncmp(sharename, "\\\\", 2) == 0) { char *p = strchr(sharename+2, '\\'); if (p) { sharename = p + 1; } } service.c smbsrv_tcon_backend() is called before ntvfs_connect and fills in some of the tcon->..out values. For the case of RAW_TCON_TCONX, it filles out tcon->tconx.out.tid and tcon->tconx.out.options For the case of RAW_TCON_TCON it fills out tcon->tcon.out.tid and tcon->tcon.out.max_xmit Thus the ntvfs_connect function for vfs modules may override these values if desired, but are not required to. ntvfs_connect functions are required to fill in the tcon->tconx.out.*_type fields, for RAW_TCON_TCONX, perhaps something like: if (tcon->generic.level == RAW_TCON_TCONX) { tcon->tconx.out.fs_type = ntvfs->ctx->fs_type; tcon->tconx.out.dev_type = ntvfs->ctx->dev_type; } Signed-off-by: Sam Liddicott <sam@liddicott.com> (I fixed the ntvfs_connect() in the smb_server/smb2/ and the RAW_TCON_SMB2 switch case in the modules) Signed-off-by: Stefan Metzmacher <metze@samba.org>
* use the tevent nesting code to avoid the uid problem in the VFSAndrew Tridgell2009-03-191-0/+66
| | | | | | | | | | | backend The vfs_unixuid module changes the uid of the process when executing operations on behalf of the user. Within the VFS backend we may rely on semi-async calls, such as winbind calls, which will call the event loop again. To cope with this we need to ensure that while inside those calls we revert the uid to root, then revert back to the connected user when we have finished with the semi-async calls.
* s4:ntvfs/unixuid: s/private/privStefan Metzmacher2009-02-021-23/+23
| | | | metze
* Remove unused include param/param.h.Jelmer Vernooij2008-10-241-1/+0
|
* Use variables for source directory in a couple more places.Jelmer Vernooij2008-05-181-1/+1
| | | | (This used to be commit c41bd3005f5f0b9cfd3709fc9217b4a401d265b4)
* Merge branch 'v4-0-test' of ssh://git.samba.org/data/git/samba into v4-0-gmake3Jelmer Vernooij2008-04-081-22/+50
|\ | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | | Conflicts: source/auth/credentials/config.mk source/auth/gensec/config.mk source/build/smb_build/makefile.pm source/heimdal_build/config.mk source/lib/events/config.mk source/lib/nss_wrapper/config.mk source/lib/policy/config.mk source/lib/registry/config.mk source/lib/socket_wrapper/config.mk source/lib/tdb/config.mk source/lib/tls/config.mk source/lib/util/config.mk source/libcli/config.mk source/libcli/ldap/config.mk source/libnet/config.mk source/librpc/config.mk source/param/config.mk source/rpc_server/config.mk source/scripting/ejs/config.mk source/smbd/process_model.mk (This used to be commit 760378e0294dd0cd4523a83448328478632d7e3d)
| * ntvfs: Use wbclient in vsf_unixuid, not sidmapKai Blin2008-04-021-22/+50
| | | | | | | | (This used to be commit 2908a77fa5c32e92665775a5785345f704202f0a)
* | Move object file lists to the Makefile.Jelmer Vernooij2008-03-031-2/+2
|/ | | | (This used to be commit a7e6d2a1832db388fdafa1279f84c9a8bbfc87d6)
* r26353: Remove use of global_loadparm.Jelmer Vernooij2007-12-211-1/+1
| | | | (This used to be commit 17637e4490e42db6cdef619286c4d5a0982e9d1a)
* r26228: Store loadparm context in auth context, move more loadparm_contexts ↵Jelmer Vernooij2007-12-211-1/+2
| | | | | | up the call stack. (This used to be commit ba75f1613a9aac69dd5df94dd8a2b37820acd166)
* r25839: use nss_wrapper code in samba4 ifStefan Metzmacher2007-12-211-1/+1
| | | | | | | --enable-nss-wrapper or --enable-developer is given metze (This used to be commit f8bc6b9ad0eec60bff7fdc5653397efd9a044a29)
* r25554: Convert last instances of BOOL, True and False to the standard types.Jelmer Vernooij2007-10-101-2/+2
| | | | (This used to be commit 566aa14139510788548a874e9213d91317f83ca9)
* r23792: convert Samba4 to GPLv3Andrew Tridgell2007-10-101-3/+2
| | | | | | There are still a few tidyups of old FSF addresses to come (in both s3 and s4). More commits soon. (This used to be commit fcf38a38ac691abd0fa51b89dc951a08e89fdafa)
* r23067: use 'const union smb_search_data *file' also in the server code to ↵Stefan Metzmacher2007-10-101-2/+2
| | | | | | | | | get rid of compiler warnings in the cifs backend metze (This used to be commit 34ef07b1f5acdad27edd80de8de4c6de7f879f9b)
* r22406: this dependencies should also be privateStefan Metzmacher2007-10-101-1/+1
| | | | | metze (This used to be commit 7f07895cac3e933b39f81bf67812834352184af0)
* r21214: fixed a valgrind error that can be caused by a semi-async call insideAndrew Tridgell2007-10-101-1/+4
| | | | | | a nested ntvfs call. The req structure can go away while processing a ntvfs request (This used to be commit f62b3c505f71f37a86a76d152d643926e19eb148)
* r16980: - make struct smb_notify a union and add levels ↵Stefan Metzmacher2007-10-101-1/+1
| | | | | | | | | RAW_NOTIFY_NTTRANS,RAW_NOTIFY_SMB2 - parse SMB2 Notify reponse metze (This used to be commit de50e0ccddfad16ad7b254770f4c52c1abe707b9)
generated by cgit (git 2.34.1) at 2024-06-17 13:27:26 +0000