From: Ralph Boehme Date: Thu, 11 Mar 2021 10:20:52 +0000 (+0100) Subject: smbd: call set_current_user_info() in smbd_become_authenticated_pipe_user() X-Git-Tag: tevent-0.11.0~1557 X-Git-Url: http://git.ipfire.org/gitweb.cgi?a=commitdiff_plain;h=16a1aefb72f3cf2093f2cffe1bd0e2483b761e6f;p=thirdparty%2Fsamba.git smbd: call set_current_user_info() in smbd_become_authenticated_pipe_user() The current_user_info is updated at the SMB level, but currently not at the RPC level in the RPC impersonation function smbd_become_authenticated_pipe_user(). For RPC services running embedded this is not an issue as the SMB level impersonation has already taken care of current_user_info, but for RPC services running as external daemons, eg spoolssd, the omission of updating current_user_info results in variable expansion of eg %U (username) to be broken. BUG: https://bugzilla.samba.org/show_bug.cgi?id=14668 MR: https://gitlab.com/samba-team/samba/-/merge_requests/1834 RN: %U variable expansion not working in spoolsd Signed-off-by: Ralph Boehme Reviewed-by: Björn Baumbach Reviewed-by: Jeremy Allison Autobuild-User(master): Jeremy Allison Autobuild-Date(master): Fri Mar 12 00:54:01 UTC 2021 on sn-devel-184 --- diff --git a/selftest/knownfail.d/samba3.blackbox.printing_var_exp b/selftest/knownfail.d/samba3.blackbox.printing_var_exp deleted file mode 100644 index 5312a586514..00000000000 --- a/selftest/knownfail.d/samba3.blackbox.printing_var_exp +++ /dev/null @@ -1 +0,0 @@ -^samba3.blackbox.printing_var_exp.Test variable expansion.* diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c index 11e5efb6cf1..b0d7f21c200 100644 --- a/source3/smbd/uid.c +++ b/source3/smbd/uid.c @@ -510,6 +510,10 @@ bool smbd_become_authenticated_pipe_user(struct auth_session_info *session_info) if (!push_sec_ctx()) return False; + set_current_user_info(session_info->unix_info->sanitized_username, + session_info->unix_info->unix_name, + session_info->info->domain_name); + set_sec_ctx(session_info->unix_token->uid, session_info->unix_token->gid, session_info->unix_token->ngroups, session_info->unix_token->groups, session_info->security_token);