]> git.ipfire.org Git - thirdparty/samba.git/commitdiff
projects / thirdparty / samba.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 62464bd)
vfs_posix_eadb.c: prefer capabilities over become_root
authorBjörn Jacke <bj@sernet.de>
Fri, 17 Jun 2022 05:26:30 +0000 (07:26 +0200)
committerBjoern Jacke <bjacke@samba.org>
Thu, 16 Nov 2023 21:38:38 +0000 (21:38 +0000)
Signed-off-by: Bjoern Jacke <bjacke@samba.org>
Reviewed-by: Christof Schmitt <cs@samba.org>
source3/modules/vfs_posix_eadb.c patch | blob | blame | history

diff --git a/source3/modules/vfs_posix_eadb.c b/source3/modules/vfs_posix_eadb.c
index b3e21b09b8c3647e7c01dce27bce3b4d6f6ca1b9..34769f58a69e8ad22c84185af3de83f036347672 100644 (file)
--- a/source3/modules/vfs_posix_eadb.c
+++ b/source3/modules/vfs_posix_eadb.c
@@ -213,12 +213,12 @@ static bool posix_eadb_init(int snum, struct tdb_wrap **p_db)
 
        lp_ctx = loadparm_init_s3(NULL, loadparm_s3_helpers());
 
-       become_root();
+       set_effective_capability(DAC_OVERRIDE_CAPABILITY);
        db = tdb_wrap_open(NULL, eadb, 50000,
                           lpcfg_tdb_flags(lp_ctx, TDB_DEFAULT),
                           O_RDWR|O_CREAT, 0600);
 
-       unbecome_root();
+       drop_effective_capability(DAC_OVERRIDE_CAPABILITY);
        talloc_unlink(NULL, lp_ctx);
        /* now we know dbname is not NULL */
 
Mirror of https://github.com/samba-team/samba.git