Author: jra Date: 2006-05-11 23:04:38 +0000 (Thu, 11 May 2006) New Revision: 15540
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=15540 Log: Use portable wrapper functions instead of seteuid directly in winbindd. Jeremy. Modified: trunk/source/nsswitch/winbindd_cred_cache.c trunk/source/nsswitch/winbindd_pam.c Changeset: Modified: trunk/source/nsswitch/winbindd_cred_cache.c =================================================================== --- trunk/source/nsswitch/winbindd_cred_cache.c 2006-05-11 22:47:28 UTC (rev 15539) +++ trunk/source/nsswitch/winbindd_cred_cache.c 2006-05-11 23:04:38 UTC (rev 15540) @@ -105,7 +105,7 @@ if ((entry->renew_until < time(NULL)) && (entry->pass != NULL)) { - seteuid(entry->uid); + set_effective_uid(entry->uid); ret = kerberos_kinit_password_ext(entry->principal_name, entry->pass, @@ -116,7 +116,7 @@ False, /* no PAC required anymore */ True, WINBINDD_PAM_AUTH_KRB5_RENEW_TIME); - seteuid(0); + gain_root_privilege(); if (ret) { DEBUG(3,("could not re-kinit: %s\n", error_message(ret))); @@ -132,13 +132,13 @@ goto done; } - seteuid(entry->uid); + set_effective_uid(entry->uid); ret = smb_krb5_renew_ticket(entry->ccname, entry->principal_name, entry->service, &new_start); - seteuid(0); + gain_root_privilege(); if (ret) { DEBUG(3,("could not renew tickets: %s\n", error_message(ret))); Modified: trunk/source/nsswitch/winbindd_pam.c =================================================================== --- trunk/source/nsswitch/winbindd_pam.c 2006-05-11 22:47:28 UTC (rev 15539) +++ trunk/source/nsswitch/winbindd_pam.c 2006-05-11 23:04:38 UTC (rev 15540) @@ -478,7 +478,7 @@ if (!internal_ccache) { - seteuid(uid); + set_effective_uid(uid); DEBUG(10,("winbindd_raw_kerberos_login: uid is %d\n", uid)); } @@ -533,7 +533,7 @@ } if (!internal_ccache) { - seteuid(0); + gain_root_privilege(); } /************************ NON-ROOT **********************/ @@ -631,7 +631,7 @@ SAFE_FREE(client_princ_out); if (!internal_ccache) { - seteuid(0); + gain_root_privilege(); } return result;