-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Eamonn Hamilton wrote:
| I've tried using the MMC on a W2K system to edit the permissions. I was
| logged in as a domain admin account, which is mapped to a local user on
| the samba box and is entered in as an admin user on the share.
|
| The system itself is a member server in a resource domain, while the
| accounts I'm trying to add come from a trusted domain, if that makes a
| difference.
I looked at the code and the current behavior is by design.
Hpwever, try this patch.
cheers, jerry
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.1 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/fZ+UIR7qMdg1EfYRAu/tAKDrMifTl82B0+0FjB+pUwwxndUmFACfbu46
RjHENqnU3ctwfOwGeAiUnsQ=
=fTbv
-----END PGP SIGNATURE-----
? build-me
? pchdir
? update-samba
? intl/libgettext.h
Index: rpc_server/srv_srvsvc_nt.c
===================================================================
RCS file: /data/cvs/samba/source/rpc_server/srv_srvsvc_nt.c,v
retrieving revision 1.70.2.15
diff -u -r1.70.2.15 srv_srvsvc_nt.c
--- rpc_server/srv_srvsvc_nt.c 19 Sep 2003 21:57:43 -0000 1.70.2.15
+++ rpc_server/srv_srvsvc_nt.c 3 Oct 2003 16:09:28 -0000
@@ -1457,6 +1457,7 @@
int ret;
char *ptr;
SEC_DESC *psd = NULL;
+ struct passwd *pw = NULL;
DEBUG(5,("_srv_net_share_set_info: %d\n", __LINE__));
@@ -1479,8 +1480,15 @@
get_current_user(&user,p);
- if (user.uid != sec_initial_uid())
+ /* check the uid and then see if the user is in an
+ member of 'admin users'. Fail if all these checks fail */
+
+ pw = sys_getpwuid( user.uid);
+ if (! ( (user.uid == sec_initial_uid())
+ || ( pw && user_in_list(pw->pw_name, lp_admin_users(snum),
user.groups, user.ngroups))) )
+ {
return WERR_ACCESS_DENIED;
+ }
switch (q_u->info_level) {
case 1:
--
To unsubscribe from this list go to the following URL and read the
instructions: http://lists.samba.org/mailman/listinfo/samba
