From d2a6ae254a7c6afd2c58d1a9a2c9fd4c074b0afb Mon Sep 17 00:00:00 2001 From: Andrew Bartlett Date: Thu, 21 Jul 2011 15:37:41 +1000 Subject: [PATCH] ntvfs: Use security_unix_token from auth.idl Signed-off-by: Andrew Tridgell --- source4/ntvfs/unixuid/vfs_unixuid.c | 40 +++++++++++++++---------------------- 1 file changed, 16 insertions(+), 24 deletions(-) diff --git a/source4/ntvfs/unixuid/vfs_unixuid.c b/source4/ntvfs/unixuid/vfs_unixuid.c index a8a4a98dd07..02b7cb8db52 100644 --- a/source4/ntvfs/unixuid/vfs_unixuid.c +++ b/source4/ntvfs/unixuid/vfs_unixuid.c @@ -43,25 +43,17 @@ NTSTATUS ntvfs_unixuid_init(void); struct unixuid_private { struct wbc_context *wbc_ctx; - struct unix_sec_ctx *last_sec_ctx; + struct security_unix_token *last_sec_ctx; struct security_token *last_token; }; - -struct unix_sec_ctx { - uid_t uid; - gid_t gid; - unsigned int ngroups; - gid_t *groups; -}; - /* - pull the current security context into a unix_sec_ctx + pull the current security context into a security_unix_token */ -static struct unix_sec_ctx *save_unix_security(TALLOC_CTX *mem_ctx) +static struct security_unix_token *save_unix_security(TALLOC_CTX *mem_ctx) { - struct unix_sec_ctx *sec = talloc(mem_ctx, struct unix_sec_ctx); + struct security_unix_token *sec = talloc(mem_ctx, struct security_unix_token); if (sec == NULL) { return NULL; } @@ -87,9 +79,9 @@ static struct unix_sec_ctx *save_unix_security(TALLOC_CTX *mem_ctx) } /* - set the current security context from a unix_sec_ctx + set the current security context from a security_unix_token */ -static NTSTATUS set_unix_security(struct unix_sec_ctx *sec) +static NTSTATUS set_unix_security(struct security_unix_token *sec) { seteuid(0); @@ -118,7 +110,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, void *stack_ptr, const char *location) { - struct unix_sec_ctx *sec_ctx; + struct security_unix_token *sec_ctx; if (unixuid_nesting_level == 0) { /* we don't need to do anything unless we are nested @@ -132,7 +124,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, DEBUG(0,("%s: Failed to save security context\n", location)); return -1; } - *(struct unix_sec_ctx **)stack_ptr = sec_ctx; + *(struct security_unix_token **)stack_ptr = sec_ctx; if (seteuid(0) != 0 || setegid(0) != 0) { DEBUG(0,("%s: Failed to change to root\n", location)); return -1; @@ -141,7 +133,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, /* called when we come out of a nesting level */ NTSTATUS status; - sec_ctx = *(struct unix_sec_ctx **)stack_ptr; + sec_ctx = *(struct security_unix_token **)stack_ptr; if (sec_ctx == NULL) { /* this happens the first time this function is called, as we install the hook while @@ -149,7 +141,7 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, return 0; } - sec_ctx = talloc_get_type_abort(sec_ctx, struct unix_sec_ctx); + sec_ctx = talloc_get_type_abort(sec_ctx, struct security_unix_token); status = set_unix_security(sec_ctx); talloc_free(sec_ctx); if (!NT_STATUS_IS_OK(status)) { @@ -164,19 +156,19 @@ static int unixuid_event_nesting_hook(struct tevent_context *ev, /* - form a unix_sec_ctx from the current security_token + form a security_unix_token from the current security_token */ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs, struct ntvfs_request *req, struct security_token *token, - struct unix_sec_ctx **sec) + struct security_unix_token **sec) { struct unixuid_private *priv = ntvfs->private_data; int i; NTSTATUS status; struct id_map *ids; struct composite_context *ctx; - *sec = talloc(req, struct unix_sec_ctx); + *sec = talloc(req, struct security_unix_token); /* we can't do unix security without a user and group */ if (token->num_sids < 2) { @@ -232,11 +224,11 @@ static NTSTATUS nt_token_to_unix_security(struct ntvfs_module_context *ntvfs, setup our unix security context according to the session authentication info */ static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs, - struct ntvfs_request *req, struct unix_sec_ctx **sec) + struct ntvfs_request *req, struct security_unix_token **sec) { struct unixuid_private *priv = ntvfs->private_data; struct security_token *token; - struct unix_sec_ctx *newsec; + struct security_unix_token *newsec; NTSTATUS status; /* If we are asked to set up, but have not had a successful @@ -283,7 +275,7 @@ static NTSTATUS unixuid_setup_security(struct ntvfs_module_context *ntvfs, */ #define PASS_THRU_REQ(ntvfs, req, op, args) do { \ NTSTATUS status2; \ - struct unix_sec_ctx *sec; \ + struct security_unix_token *sec; \ status = unixuid_setup_security(ntvfs, req, &sec); \ NT_STATUS_NOT_OK_RETURN(status); \ unixuid_nesting_level++; \ -- 2.11.4.GIT