The branch, master has been updated via 3796bb0 Revert "s3/service: convert lp_force_group() to const" via 3e5e775 Revert "s3/service: convert lp_force_user() to const" from fe25bc7 libsmbclient: Initialize written in cli_splice_fallback()
https://git.samba.org/?p=samba.git;a=shortlog;h=master - Log ----------------------------------------------------------------- commit 3796bb0048a276259e30e44f7e0e071c1516727a Author: David Disseldorp <dd...@samba.org> Date: Mon Jul 9 01:40:58 2018 +0200 Revert "s3/service: convert lp_force_group() to const" This reverts commit c53646bccd87ef3b3133d3f7526ef85591909528. As mentioned by Andrew, we shouldn't break environments where "force group" has been configured to use substituted variables. Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> Autobuild-User(master): Jeremy Allison <j...@samba.org> Autobuild-Date(master): Tue Jul 10 00:12:19 CEST 2018 on sn-devel-144 commit 3e5e775321e6c432d92d459219ecebbb9713890d Author: David Disseldorp <dd...@samba.org> Date: Mon Jul 9 01:36:11 2018 +0200 Revert "s3/service: convert lp_force_user() to const" This reverts commit c58194e3d296f4e14e7689bdf192c561635ae161. As mentioned by Andrew, we shouldn't break environments where "force user" has been configured to use substituted variables. Signed-off-by: David Disseldorp <dd...@samba.org> Reviewed-by: Jeremy Allison <j...@samba.org> ----------------------------------------------------------------------- Summary of changes: docs-xml/smbdotconf/security/forcegroup.xml | 1 - docs-xml/smbdotconf/security/forceuser.xml | 1 - source3/smbd/service.c | 23 ++++++++++++++--------- source3/smbd/uid.c | 3 +-- 4 files changed, 15 insertions(+), 13 deletions(-) Changeset truncated at 500 lines: diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml index b6e729b..d101f1c 100644 --- a/docs-xml/smbdotconf/security/forcegroup.xml +++ b/docs-xml/smbdotconf/security/forcegroup.xml @@ -1,7 +1,6 @@ <samba:parameter name="force group" context="S" type="string" - constant="1" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <synonym>group</synonym> <description> diff --git a/docs-xml/smbdotconf/security/forceuser.xml b/docs-xml/smbdotconf/security/forceuser.xml index 3316afe..ff5c7a2 100644 --- a/docs-xml/smbdotconf/security/forceuser.xml +++ b/docs-xml/smbdotconf/security/forceuser.xml @@ -1,6 +1,5 @@ <samba:parameter name="force user" type="string" - constant="1" context="S" xmlns:samba="http://www.samba.org/samba/DTD/samba-doc"> <description> diff --git a/source3/smbd/service.c b/source3/smbd/service.c index 2fa7c60..2e4a113 100644 --- a/source3/smbd/service.c +++ b/source3/smbd/service.c @@ -243,18 +243,23 @@ static NTSTATUS find_forced_group(bool force_user, TALLOC_CTX *frame = talloc_stackframe(); struct dom_sid group_sid; enum lsa_SidType type; - const char *force_group; char *groupname; bool user_must_be_member = False; gid_t gid; - force_group = lp_force_group(snum); - if (force_group[0] == '+') { - user_must_be_member = true; - force_group += 1; + groupname = lp_force_group(talloc_tos(), snum); + if (groupname == NULL) { + DEBUG(1, ("talloc_strdup failed\n")); + result = NT_STATUS_NO_MEMORY; + goto done; + } + + if (groupname[0] == '+') { + user_must_be_member = True; + groupname += 1; } - groupname = talloc_string_sub(talloc_tos(), force_group, + groupname = talloc_string_sub(talloc_tos(), groupname, "%S", lp_const_servicename(snum)); if (groupname == NULL) { DEBUG(1, ("talloc_string_sub failed\n")); @@ -372,7 +377,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) { NTSTATUS status; - if (*lp_force_user(snum)) { + if (*lp_force_user(talloc_tos(), snum)) { /* * Replace conn->session_info with a completely faked up one @@ -384,7 +389,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) struct auth_session_info *forced_serverinfo; bool guest; - fuser = talloc_string_sub(conn, lp_force_user(snum), "%S", + fuser = talloc_string_sub(conn, lp_force_user(talloc_tos(), snum), "%S", lp_const_servicename(snum)); if (fuser == NULL) { return NT_STATUS_NO_MEMORY; @@ -422,7 +427,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum) * any groupid stored for the connecting user. */ - if (*lp_force_group(snum)) { + if (*lp_force_group(talloc_tos(), snum)) { status = find_forced_group( conn->force_user, snum, conn->session_info->unix_info->unix_name, diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index b6a754b..9d5321c 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -335,8 +335,7 @@ static bool change_to_user_internal(connection_struct *conn, * See if we should force group for this service. If so this overrides * any group set in the force user code. */ - group_c = *lp_force_group(snum); - if (group_c != '\0') { + if((group_c = *lp_force_group(talloc_tos(), snum))) { SMB_ASSERT(conn->force_group_gid != (gid_t)-1); -- Samba Shared Repository