/* Version 42 - Move SMB_VFS_READLINK -> SMB_VFS_READLINKAT. */
/* Version 42 - Move SMB_VFS_SYMLINK -> SMB_VFS_SYMLINKAT. */
/* Version 42 - Move SMB_VFS_MKDIR -> SMB_VFS_MKDIRAT. */
+/* Version 42 - Move change_to_user() -> change_to_user_and_service() */
#define SMB_VFS_INTERFACE_VERSION 42
/*
* Make sure we run as the user again
*/
- ok = change_to_user(opd->conn, opd->conn->vuid);
+ ok = change_to_user_and_service(opd->conn, opd->conn->vuid);
if (!ok) {
smb_panic("Can't change to user");
return;
* change_to_user() implies set_current_user_info()
* and chdir_connect_service().
*/
- if (!change_to_user(conn,session_tag)) {
+ if (!change_to_user_and_service(conn,session_tag)) {
DEBUG(0, ("Error: Could not change to user. Removing "
"deferred open, mid=%llu.\n",
(unsigned long long)req->mid));
const struct auth_session_info *session_info,
uint32_t *p_share_access,
bool *p_readonly_share);
-bool change_to_user(connection_struct *conn, uint64_t vuid);
+bool change_to_user_and_service(connection_struct *conn, uint64_t vuid);
bool change_to_user_by_fsp(struct files_struct *fsp);
bool smbd_change_to_root_user(void);
bool smbd_become_authenticated_pipe_user(struct auth_session_info *session_info);
}
/* USER Activites: */
- if (!change_to_user(conn, conn->vuid)) {
+ if (!change_to_user_and_service(conn, conn->vuid)) {
/* No point continuing if they fail the basic checks */
DEBUG(0,("Can't become connected user!\n"));
status = NT_STATUS_LOGON_FAILURE;
/* execute any "postexec = " line */
if (*lp_postexec(talloc_tos(), SNUM(conn)) &&
- change_to_user(conn, vuid)) {
+ change_to_user_and_service(conn, vuid)) {
char *cmd = talloc_sub_advanced(talloc_tos(),
lp_const_servicename(SNUM(conn)),
conn->session_info->unix_info->unix_name,
return status;
}
- if (!change_to_user(tcon->compat, req->session->compat->vuid)) {
+ if (!change_to_user_and_service(tcon->compat, req->session->compat->vuid)) {
return NT_STATUS_ACCESS_DENIED;
}
/*
* Make sure we run as the user again
*/
- ok = change_to_user(state->smb2req->tcon->compat,
- state->smb2req->session->compat->vuid);
+ ok = change_to_user_and_service(state->smb2req->tcon->compat,
+ state->smb2req->session->compat->vuid);
if (!ok) {
tevent_req_nterror(state->req, NT_STATUS_ACCESS_DENIED);
return;
return true;
}
-bool change_to_user(connection_struct *conn, uint64_t vuid)
+/**
+ * Impersonate user and change directory to service
+ *
+ * change_to_user_and_service() is used to impersonate the user associated with
+ * the given vuid and to change the working directory of the process to the
+ * service base directory.
+ **/
+bool change_to_user_and_service(connection_struct *conn, uint64_t vuid)
{
struct user_struct *vuser;
int snum = SNUM(conn);
bool change_to_user_by_fsp(struct files_struct *fsp)
{
- return change_to_user(fsp->conn, fsp->vuid);
+ return change_to_user_and_service(fsp->conn, fsp->vuid);
}
static bool change_to_user_by_session(connection_struct *conn,
push_conn_ctx();
- if (!change_to_user(conn, vuid)) {
+ if (!change_to_user_and_service(conn, vuid)) {
pop_sec_ctx();
pop_conn_ctx();
return False;
projects / thirdparty / samba.git / commitdiff
