Author: jra Date: 2007-06-08 19:58:32 +0000 (Fri, 08 Jun 2007) New Revision: 23391
WebSVN: http://websvn.samba.org/cgi-bin/viewcvs.cgi?view=rev&root=samba&rev=23391 Log: Second part of the patch for Apple. Change the sequence : gain_root(); sys_setgroups(ngroups, groups); become_id(uid, gid); to a function call : set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups) James - should be safe for you to create a Darwin-specific version of this function now. Jeremy. Modified: branches/SAMBA_3_0/source/smbd/sec_ctx.c branches/SAMBA_3_0_26/source/smbd/sec_ctx.c Changeset: Modified: branches/SAMBA_3_0/source/smbd/sec_ctx.c =================================================================== --- branches/SAMBA_3_0/source/smbd/sec_ctx.c 2007-06-08 19:52:18 UTC (rev 23390) +++ branches/SAMBA_3_0/source/smbd/sec_ctx.c 2007-06-08 19:58:32 UTC (rev 23391) @@ -228,6 +228,21 @@ } /**************************************************************************** + Change UNIX security context. Calls panic if not successful so no return value. +****************************************************************************/ + +static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups) +{ + /* Start context switch */ + gain_root(); +#ifdef HAVE_SETGROUPS + sys_setgroups(ngroups, groups); +#endif + become_id(uid, gid); + /* end context switch */ +} + +/**************************************************************************** Set the current security context to a given user. ****************************************************************************/ @@ -243,13 +258,8 @@ debug_nt_user_token(DBGC_CLASS, 5, token); debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups); - /* Start context switch */ - gain_root(); -#ifdef HAVE_SETGROUPS - sys_setgroups(ngroups, groups); -#endif - become_id(uid, gid); - /* end context switch */ + /* Change uid, gid and supplementary group list. */ + set_unix_security_ctx(uid, gid, ngroups, groups); ctx_p->ut.ngroups = ngroups; @@ -336,13 +346,11 @@ prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx]; - /* Start context switch */ - gain_root(); -#ifdef HAVE_SETGROUPS - sys_setgroups(prev_ctx_p->ut.ngroups, prev_ctx_p->ut.groups); -#endif - become_id(prev_ctx_p->ut.uid, prev_ctx_p->ut.gid); - /* end context switch */ + /* Change uid, gid and supplementary group list. */ + set_unix_security_ctx(prev_ctx_p->ut.uid, + prev_ctx_p->ut.gid, + prev_ctx_p->ut.ngroups, + prev_ctx_p->ut.groups); /* Update current_user stuff */ Modified: branches/SAMBA_3_0_26/source/smbd/sec_ctx.c =================================================================== --- branches/SAMBA_3_0_26/source/smbd/sec_ctx.c 2007-06-08 19:52:18 UTC (rev 23390) +++ branches/SAMBA_3_0_26/source/smbd/sec_ctx.c 2007-06-08 19:58:32 UTC (rev 23391) @@ -228,6 +228,21 @@ } /**************************************************************************** + Change UNIX security context. Calls panic if not successful so no return value. +****************************************************************************/ + +static void set_unix_security_ctx(uid_t uid, gid_t gid, int ngroups, gid_t *groups) +{ + /* Start context switch */ + gain_root(); +#ifdef HAVE_SETGROUPS + sys_setgroups(ngroups, groups); +#endif + become_id(uid, gid); + /* end context switch */ +} + +/**************************************************************************** Set the current security context to a given user. ****************************************************************************/ @@ -243,13 +258,8 @@ debug_nt_user_token(DBGC_CLASS, 5, token); debug_unix_user_token(DBGC_CLASS, 5, uid, gid, ngroups, groups); - /* Start context switch */ - gain_root(); -#ifdef HAVE_SETGROUPS - sys_setgroups(ngroups, groups); -#endif - become_id(uid, gid); - /* end context switch */ + /* Change uid, gid and supplementary group list. */ + set_unix_security_ctx(uid, gid, ngroups, groups); ctx_p->ut.ngroups = ngroups; @@ -336,13 +346,11 @@ prev_ctx_p = &sec_ctx_stack[sec_ctx_stack_ndx]; - /* Start context switch */ - gain_root(); -#ifdef HAVE_SETGROUPS - sys_setgroups(prev_ctx_p->ut.ngroups, prev_ctx_p->ut.groups); -#endif - become_id(prev_ctx_p->ut.uid, prev_ctx_p->ut.gid); - /* end context switch */ + /* Change uid, gid and supplementary group list. */ + set_unix_security_ctx(prev_ctx_p->ut.uid, + prev_ctx_p->ut.gid, + prev_ctx_p->ut.ngroups, + prev_ctx_p->ut.groups); /* Update current_user stuff */
