2 Unix SMB/Netbios implementation.
5 Copyright (C) Andrew Tridgell 1992-1998
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
24 extern int DEBUGLEVEL
;
26 static uid_t initial_uid
;
27 static gid_t initial_gid
;
29 /* what user is current? */
30 extern struct current_user current_user
;
34 /****************************************************************************
35 initialise the uid routines
36 ****************************************************************************/
39 initial_uid
= current_user
.uid
= geteuid();
40 initial_gid
= current_user
.gid
= getegid();
42 if (initial_gid
!= 0 && initial_uid
== 0) {
51 initial_uid
= geteuid();
52 initial_gid
= getegid();
54 current_user
.conn
= NULL
;
55 current_user
.vuid
= UID_FIELD_INVALID
;
61 /****************************************************************************
62 become the specified uid
63 ****************************************************************************/
64 static BOOL
become_uid(uid_t uid
)
66 if (initial_uid
!= 0) {
70 if (uid
== (uid_t
)-1 || ((sizeof(uid_t
) == 2) && (uid
== (uid_t
)65535))) {
73 DEBUG(1,("WARNING: using uid %d is a security risk\n",(int)uid
));
78 #ifdef HAVE_TRAPDOOR_UID
80 /* AIX3 has setuidx which is NOT a trapoor function (tridge) */
81 if (setuidx(ID_EFFECTIVE
, uid
) != 0) {
82 if (seteuid(uid
) != 0) {
83 DEBUG(1,("Can't set uid %d (setuidx)\n", (int)uid
));
91 if (setresuid(-1,uid
,-1) != 0)
93 if ((seteuid(uid
) != 0) &&
97 DEBUG(0,("Couldn't set uid %d currently set to (%d,%d)\n",
98 (int)uid
,(int)getuid(), (int)geteuid()));
99 if (uid
> (uid_t
)32000) {
100 DEBUG(0,("Looks like your OS doesn't like high uid values - try using a different account\n"));
105 if (((uid
== (uid_t
)-1) || ((sizeof(uid_t
) == 2) && (uid
== 65535))) && (geteuid() != uid
)) {
106 DEBUG(0,("Invalid uid -1. perhaps you have a account with uid 65535?\n"));
110 current_user
.uid
= uid
;
116 /****************************************************************************
117 become the specified gid
118 ****************************************************************************/
119 static BOOL
become_gid(gid_t gid
)
121 if (initial_uid
!= 0)
124 if (gid
== (gid_t
)-1 || ((sizeof(gid_t
) == 2) && (gid
== (gid_t
)65535))) {
125 DEBUG(1,("WARNING: using gid %d is a security risk\n",(int)gid
));
128 #ifdef HAVE_SETRESUID
129 if (setresgid(-1,gid
,-1) != 0)
131 if (setgid(gid
) != 0)
134 DEBUG(0,("Couldn't set gid %d currently set to (%d,%d)\n",
135 (int)gid
,(int)getgid(),(int)getegid()));
137 DEBUG(0,("Looks like your OS doesn't like high gid values - try using a different account\n"));
142 current_user
.gid
= gid
;
148 /****************************************************************************
149 become the specified uid and gid
150 ****************************************************************************/
151 static BOOL
become_id(uid_t uid
,gid_t gid
)
153 return(become_gid(gid
) && become_uid(uid
));
156 /****************************************************************************
157 become the guest user
158 ****************************************************************************/
159 BOOL
become_guest(void)
162 static struct passwd
*pass
=NULL
;
164 if (initial_uid
!= 0)
168 pass
= Get_Pwnam(lp_guestaccount(-1),True
);
169 if (!pass
) return(False
);
172 /* MWW: From AIX FAQ patch to WU-ftpd: call initgroups before setting IDs */
173 initgroups(pass
->pw_name
, (gid_t
)pass
->pw_gid
);
176 ret
= become_id(pass
->pw_uid
,pass
->pw_gid
);
179 DEBUG(1,("Failed to become guest. Invalid guest account?\n"));
182 current_user
.conn
= NULL
;
183 current_user
.vuid
= UID_FIELD_INVALID
;
188 /*******************************************************************
189 check if a username is OK
190 ********************************************************************/
191 static BOOL
check_user_ok(connection_struct
*conn
, user_struct
*vuser
,int snum
)
194 for (i
=0;i
<conn
->uid_cache
.entries
;i
++)
195 if (conn
->uid_cache
.list
[i
] == vuser
->uid
) return(True
);
197 if (!user_ok(vuser
->name
,snum
)) return(False
);
199 i
= conn
->uid_cache
.entries
% UID_CACHE_SIZE
;
200 conn
->uid_cache
.list
[i
] = vuser
->uid
;
202 if (conn
->uid_cache
.entries
< UID_CACHE_SIZE
)
203 conn
->uid_cache
.entries
++;
209 /****************************************************************************
210 become the user of a connection number
211 ****************************************************************************/
212 BOOL
become_user(connection_struct
*conn
, uint16 vuid
)
214 user_struct
*vuser
= get_valid_user_struct(vuid
);
220 * We need a separate check in security=share mode due to vuid
221 * always being UID_FIELD_INVALID. If we don't do this then
222 * in share mode security we are *always* changing uid's between
223 * SMB's - this hurts performance - Badly.
226 if((lp_security() == SEC_SHARE
) && (current_user
.conn
== conn
) &&
227 (current_user
.uid
== conn
->uid
)) {
228 DEBUG(4,("Skipping become_user - already user\n"));
230 } else if ((current_user
.conn
== conn
) &&
231 (vuser
!= 0) && (current_user
.vuid
== vuid
) &&
232 (current_user
.uid
== vuser
->uid
)) {
233 DEBUG(4,("Skipping become_user - already user\n"));
240 DEBUG(2,("Connection not open\n"));
246 if((vuser
!= NULL
) && !check_user_ok(conn
, vuser
, snum
))
249 if (conn
->force_user
||
250 lp_security() == SEC_SHARE
||
251 !(vuser
) || (vuser
->guest
)) {
254 current_user
.groups
= conn
->groups
;
255 current_user
.ngroups
= conn
->ngroups
;
258 DEBUG(2,("Invalid vuid used %d\n",vuid
));
262 if(!*lp_force_group(snum
)) {
267 current_user
.ngroups
= vuser
->n_groups
;
268 current_user
.groups
= vuser
->groups
;
271 if (initial_uid
== 0) {
272 if (!become_gid(gid
)) return(False
);
274 #ifdef HAVE_SETGROUPS
275 if (!(conn
&& conn
->ipc
)) {
276 /* groups stuff added by ih/wreu */
277 if (current_user
.ngroups
> 0)
278 if (setgroups(current_user
.ngroups
,
279 current_user
.groups
)<0) {
280 DEBUG(0,("setgroups call failed!\n"));
285 if (!conn
->admin_user
&& !become_uid(uid
))
289 current_user
.conn
= conn
;
290 current_user
.vuid
= vuid
;
292 DEBUG(5,("become_user uid=(%d,%d) gid=(%d,%d)\n",
293 (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
298 /****************************************************************************
299 unbecome the user of a connection number
300 ****************************************************************************/
301 BOOL
unbecome_user(void )
303 if (!current_user
.conn
)
308 if (initial_uid
== 0)
310 #ifdef HAVE_SETRESUID
311 setresuid(-1,getuid(),-1);
312 setresgid(-1,getgid(),-1);
314 if (seteuid(initial_uid
) != 0)
321 if (initial_uid
== 0)
322 DEBUG(2,("Running with no EID\n"));
323 initial_uid
= getuid();
324 initial_gid
= getgid();
326 if (geteuid() != initial_uid
) {
327 DEBUG(0,("Warning: You appear to have a trapdoor uid system\n"));
328 initial_uid
= geteuid();
330 if (getegid() != initial_gid
) {
331 DEBUG(0,("Warning: You appear to have a trapdoor gid system\n"));
332 initial_gid
= getegid();
336 current_user
.uid
= initial_uid
;
337 current_user
.gid
= initial_gid
;
339 if (ChDir(OriginalDir
) != 0)
340 DEBUG( 0, ( "chdir(%s) failed in unbecome_user\n", OriginalDir
) );
342 DEBUG(5,("unbecome_user now uid=(%d,%d) gid=(%d,%d)\n",
343 (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
345 current_user
.conn
= NULL
;
346 current_user
.vuid
= UID_FIELD_INVALID
;
351 static struct current_user current_user_saved
;
352 static int become_root_depth
;
353 static pstring become_root_dir
;
355 /****************************************************************************
356 This is used when we need to do a privilaged operation (such as mucking
357 with share mode files) and temporarily need root access to do it. This
358 call should always be paired with an unbecome_root() call immediately
361 Set save_dir if you also need to save/restore the CWD
362 ****************************************************************************/
363 void become_root(BOOL save_dir
)
365 if (become_root_depth
) {
366 DEBUG(0,("ERROR: become root depth is non zero\n"));
369 GetWd(become_root_dir
);
371 current_user_saved
= current_user
;
372 become_root_depth
= 1;
378 /****************************************************************************
379 When the privilaged operation is over call this
381 Set save_dir if you also need to save/restore the CWD
382 ****************************************************************************/
383 void unbecome_root(BOOL restore_dir
)
385 if (become_root_depth
!= 1) {
386 DEBUG(0,("ERROR: unbecome root depth is %d\n",
390 /* we might have done a become_user() while running as root,
391 if we have then become root again in order to become
393 if (current_user
.uid
!= 0) {
397 /* restore our gid first */
398 if (!become_gid(current_user_saved
.gid
)) {
399 DEBUG(0,("ERROR: Failed to restore gid\n"));
400 exit_server("Failed to restore gid");
403 #ifdef HAVE_SETGROUPS
404 if (current_user_saved
.ngroups
> 0) {
405 if (setgroups(current_user_saved
.ngroups
,
406 current_user_saved
.groups
)<0)
407 DEBUG(0,("ERROR: setgroups call failed!\n"));
411 /* now restore our uid */
412 if (!become_uid(current_user_saved
.uid
)) {
413 DEBUG(0,("ERROR: Failed to restore uid\n"));
414 exit_server("Failed to restore uid");
418 ChDir(become_root_dir
);
420 current_user
= current_user_saved
;
422 become_root_depth
= 0;