[SCM] Samba Shared Repository - branch master updated

Fri, 12 Feb 2016 18:52:27 -0800 

The branch, master has been updated
       via  92afa1b smbd: Simplify chroot option in smbd
      from  b504918 s3-waf: Install smbspool_krb5_wrapper in LIBEXECDIR

https://git.samba.org/?p=samba.git;a=shortlog;h=master


- Log -----------------------------------------------------------------
commit 92afa1b165841356d6a3fb2ac44d9a5460bffea5
Author: Andreas Schneider <[email protected]>
Date:   Wed Feb 10 16:19:56 2016 +0100

    smbd: Simplify chroot option in smbd
    
    rpmlint has a check for this and prefers to call chdir() before
    chroot(). If not it will complain with
    missing-call-to-chdir-with-chroot. The old code equivalent secure. See
    
        http://unixwiz.net/techtips/chroot-practices.html
    
    This removes several unneeded talloc_tos() calls.
    
    Signed-off-by: Andreas Schneider <[email protected]>
    Reviewed-by: Jeremy Allison <[email protected]>
    
    Autobuild-User(master): Jeremy Allison <[email protected]>
    Autobuild-Date(master): Sat Feb 13 03:50:54 CET 2016 on sn-devel-144

-----------------------------------------------------------------------

Summary of changes:
 source3/smbd/process.c | 23 +++++++++++++++--------
 1 file changed, 15 insertions(+), 8 deletions(-)


Changeset truncated at 500 lines:

diff --git a/source3/smbd/process.c b/source3/smbd/process.c
index 25c6d05..34939f0 100644
--- a/source3/smbd/process.c
+++ b/source3/smbd/process.c
@@ -3903,6 +3903,8 @@ void smbd_process(struct tevent_context *ev_ctx,
        NTSTATUS status;
        struct timeval tv = timeval_current();
        NTTIME now = timeval_to_nttime(&tv);
+       char *chroot_dir = NULL;
+       int rc;
 
        status = smbXsrv_client_create(ev_ctx, ev_ctx, msg_ctx, now, &client);
        if (!NT_STATUS_IS_OK(status)) {
@@ -4024,17 +4026,22 @@ void smbd_process(struct tevent_context *ev_ctx,
                exit_server("Could not open account policy tdb.\n");
        }
 
-       if (*lp_root_directory(talloc_tos())) {
-               if (chroot(lp_root_directory(talloc_tos())) != 0) {
-                       DEBUG(0,("Failed to change root to %s\n",
-                                lp_root_directory(talloc_tos())));
-                       exit_server("Failed to chroot()");
+       chroot_dir = lp_root_directory(talloc_tos());
+       if (chroot_dir[0] != '\0') {
+               rc = chdir(chroot_dir);
+               if (rc != 0) {
+                       DBG_ERR("Failed to chdir to %s\n", chroot_dir);
+                       exit_server("Failed to chdir()");
                }
-               if (chdir("/") == -1) {
-                       DEBUG(0,("Failed to chdir to / on chroot to %s\n", 
lp_root_directory(talloc_tos())));
+
+               rc = chroot(chroot_dir);
+               if (rc != 0) {
+                       DBG_ERR("Failed to change root to %s\n", chroot_dir);
                        exit_server("Failed to chroot()");
                }
-               DEBUG(0,("Changed root to %s\n", 
lp_root_directory(talloc_tos())));
+               DBG_WARNING("Changed root to %s\n", chroot_dir);
+
+               TALLOC_FREE(chroot_dir);
        }
 
        if (!file_init(sconn)) {


-- 
Samba Shared Repository

Reply via email to