search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
Got very strict about the differences and uses of
[Samba/gebeck_regimport.git] / source / smbd / uid.c
blob7cd8c8673cbad1a0d2a63d83dc4e0fea303741dc
1 /*
2 Unix SMB/Netbios implementation.
3 Version 1.9.
4 uid/user handling
5 Copyright (C) Andrew Tridgell 1992-1998
6
7 This program is free software; you can redistribute it and/or modify
8 it under the terms of the GNU General Public License as published by
9 the Free Software Foundation; either version 2 of the License, or
10 (at your option) any later version.
11
12 This program is distributed in the hope that it will be useful,
13 but WITHOUT ANY WARRANTY; without even the implied warranty of
14 MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
15 GNU General Public License for more details.
16
17 You should have received a copy of the GNU General Public License
18 along with this program; if not, write to the Free Software
19 Foundation, Inc., 675 Mass Ave, Cambridge, MA 02139, USA.
20 */
21
22 #include "includes.h"
23
24 extern int DEBUGLEVEL;
25
26 static uid_t initial_uid;
27 static gid_t initial_gid;
28
29 /* what user is current? */
30 extern struct current_user current_user;
31
32 pstring OriginalDir;
33
34 /****************************************************************************
35 initialise the uid routines
36 ****************************************************************************/
37 void init_uid(void)
38 {
39 initial_uid = current_user.uid = geteuid();
40 initial_gid = current_user.gid = getegid();
41
42 if (initial_gid != 0 && initial_uid == 0) {
43 #ifdef HAVE_SETRESUID
44 setresgid(0,0,0);
45 #else
46 setgid(0);
47 setegid(0);
48 #endif
49 }
50
51 initial_uid = geteuid();
52 initial_gid = getegid();
53
54 current_user.conn = NULL;
55 current_user.vuid = UID_FIELD_INVALID;
56
57 ChDir(OriginalDir);
58 }
59
60
61 /****************************************************************************
62 become the specified uid
63 ****************************************************************************/
64 static BOOL become_uid(uid_t uid)
65 {
66 if (initial_uid != 0) {
67 return(True);
68 }
69
70 if (uid == (uid_t)-1 || ((sizeof(uid_t) == 2) && (uid == (uid_t)65535))) {
71 static int done;
72 if (!done) {
73 DEBUG(1,("WARNING: using uid %d is a security risk\n",(int)uid));
74 done=1;
75 }
76 }
77
78 #ifdef HAVE_TRAPDOOR_UID
79 #ifdef HAVE_SETUIDX
80 /* AIX3 has setuidx which is NOT a trapoor function (tridge) */
81 if (setuidx(ID_EFFECTIVE, uid) != 0) {
82 if (seteuid(uid) != 0) {
83 DEBUG(1,("Can't set uid %d (setuidx)\n", (int)uid));
84 return False;
85 }
86 }
87 #endif
88 #endif
89
90 #ifdef HAVE_SETRESUID
91 if (setresuid(-1,uid,-1) != 0)
92 #else
93 if ((seteuid(uid) != 0) &&
94 (setuid(uid) != 0))
95 #endif
96 {
97 DEBUG(0,("Couldn't set uid %d currently set to (%d,%d)\n",
98 (int)uid,(int)getuid(), (int)geteuid()));
99 if (uid > (uid_t)32000) {
100 DEBUG(0,("Looks like your OS doesn't like high uid values - try using a different account\n"));
101 }
102 return(False);
103 }
104
105 if (((uid == (uid_t)-1) || ((sizeof(uid_t) == 2) && (uid == 65535))) && (geteuid() != uid)) {
106 DEBUG(0,("Invalid uid -1. perhaps you have a account with uid 65535?\n"));
107 return(False);
108 }
109
110 current_user.uid = uid;
111
112 return(True);
113 }
114
115
116 /****************************************************************************
117 become the specified gid
118 ****************************************************************************/
119 static BOOL become_gid(gid_t gid)
120 {
121 if (initial_uid != 0)
122 return(True);
123
124 if (gid == (gid_t)-1 || ((sizeof(gid_t) == 2) && (gid == (gid_t)65535))) {
125 DEBUG(1,("WARNING: using gid %d is a security risk\n",(int)gid));
126 }
127
128 #ifdef HAVE_SETRESUID
129 if (setresgid(-1,gid,-1) != 0)
130 #else
131 if (setgid(gid) != 0)
132 #endif
133 {
134 DEBUG(0,("Couldn't set gid %d currently set to (%d,%d)\n",
135 (int)gid,(int)getgid(),(int)getegid()));
136 if (gid > 32000) {
137 DEBUG(0,("Looks like your OS doesn't like high gid values - try using a different account\n"));
138 }
139 return(False);
140 }
141
142 current_user.gid = gid;
143
144 return(True);
145 }
146
147
148 /****************************************************************************
149 become the specified uid and gid
150 ****************************************************************************/
151 static BOOL become_id(uid_t uid,gid_t gid)
152 {
153 return(become_gid(gid) && become_uid(uid));
154 }
155
156 /****************************************************************************
157 become the guest user
158 ****************************************************************************/
159 BOOL become_guest(void)
160 {
161 BOOL ret;
162 static struct passwd *pass=NULL;
163
164 if (initial_uid != 0)
165 return(True);
166
167 if (!pass)
168 pass = Get_Pwnam(lp_guestaccount(-1),True);
169 if (!pass) return(False);
170
171 #ifdef AIX
172 /* MWW: From AIX FAQ patch to WU-ftpd: call initgroups before setting IDs */
173 initgroups(pass->pw_name, (gid_t)pass->pw_gid);
174 #endif
175
176 ret = become_id(pass->pw_uid,pass->pw_gid);
177
178 if (!ret) {
179 DEBUG(1,("Failed to become guest. Invalid guest account?\n"));
180 }
181
182 current_user.conn = NULL;
183 current_user.vuid = UID_FIELD_INVALID;
184
185 return(ret);
186 }
187
188 /*******************************************************************
189 check if a username is OK
190 ********************************************************************/
191 static BOOL check_user_ok(connection_struct *conn, user_struct *vuser,int snum)
192 {
193 int i;
194 for (i=0;i<conn->uid_cache.entries;i++)
195 if (conn->uid_cache.list[i] == vuser->uid) return(True);
196
197 if (!user_ok(vuser->name,snum)) return(False);
198
199 i = conn->uid_cache.entries % UID_CACHE_SIZE;
200 conn->uid_cache.list[i] = vuser->uid;
201
202 if (conn->uid_cache.entries < UID_CACHE_SIZE)
203 conn->uid_cache.entries++;
204
205 return(True);
206 }
207
208
209 /****************************************************************************
210 become the user of a connection number
211 ****************************************************************************/
212 BOOL become_user(connection_struct *conn, uint16 vuid)
213 {
214 user_struct *vuser = get_valid_user_struct(vuid);
215 int snum;
216 gid_t gid;
217 uid_t uid;
218
219 /*
220 * We need a separate check in security=share mode due to vuid
221 * always being UID_FIELD_INVALID. If we don't do this then
222 * in share mode security we are *always* changing uid's between
223 * SMB's - this hurts performance - Badly.
224 */
225
226 if((lp_security() == SEC_SHARE) && (current_user.conn == conn) &&
227 (current_user.uid == conn->uid)) {
228 DEBUG(4,("Skipping become_user - already user\n"));
229 return(True);
230 } else if ((current_user.conn == conn) &&
231 (vuser != 0) && (current_user.vuid == vuid) &&
232 (current_user.uid == vuser->uid)) {
233 DEBUG(4,("Skipping become_user - already user\n"));
234 return(True);
235 }
236
237 unbecome_user();
238
239 if (!conn) {
240 DEBUG(2,("Connection not open\n"));
241 return(False);
242 }
243
244 snum = SNUM(conn);
245
246 if((vuser != NULL) && !check_user_ok(conn, vuser, snum))
247 return False;
248
249 if (conn->force_user ||
250 lp_security() == SEC_SHARE ||
251 !(vuser) || (vuser->guest)) {
252 uid = conn->uid;
253 gid = conn->gid;
254 current_user.groups = conn->groups;
255 current_user.ngroups = conn->ngroups;
256 } else {
257 if (!vuser) {
258 DEBUG(2,("Invalid vuid used %d\n",vuid));
259 return(False);
260 }
261 uid = vuser->uid;
262 if(!*lp_force_group(snum)) {
263 gid = vuser->gid;
264 } else {
265 gid = conn->gid;
266 }
267 current_user.ngroups = vuser->n_groups;
268 current_user.groups = vuser->groups;
269 }
270
271 if (initial_uid == 0) {
272 if (!become_gid(gid)) return(False);
273
274 #ifdef HAVE_SETGROUPS
275 if (!(conn && conn->ipc)) {
276 /* groups stuff added by ih/wreu */
277 if (current_user.ngroups > 0)
278 if (setgroups(current_user.ngroups,
279 current_user.groups)<0) {
280 DEBUG(0,("setgroups call failed!\n"));
281 }
282 }
283 #endif
284
285 if (!conn->admin_user && !become_uid(uid))
286 return(False);
287 }
288
289 current_user.conn = conn;
290 current_user.vuid = vuid;
291
292 DEBUG(5,("become_user uid=(%d,%d) gid=(%d,%d)\n",
293 (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
294
295 return(True);
296 }
297
298 /****************************************************************************
299 unbecome the user of a connection number
300 ****************************************************************************/
301 BOOL unbecome_user(void )
302 {
303 if (!current_user.conn)
304 return(False);
305
306 ChDir(OriginalDir);
307
308 if (initial_uid == 0)
309 {
310 #ifdef HAVE_SETRESUID
311 setresuid(-1,getuid(),-1);
312 setresgid(-1,getgid(),-1);
313 #else
314 if (seteuid(initial_uid) != 0)
315 setuid(initial_uid);
316 setgid(initial_gid);
317 #endif
318 }
319
320 #ifdef NO_EID
321 if (initial_uid == 0)
322 DEBUG(2,("Running with no EID\n"));
323 initial_uid = getuid();
324 initial_gid = getgid();
325 #else
326 if (geteuid() != initial_uid) {
327 DEBUG(0,("Warning: You appear to have a trapdoor uid system\n"));
328 initial_uid = geteuid();
329 }
330 if (getegid() != initial_gid) {
331 DEBUG(0,("Warning: You appear to have a trapdoor gid system\n"));
332 initial_gid = getegid();
333 }
334 #endif
335
336 current_user.uid = initial_uid;
337 current_user.gid = initial_gid;
338
339 if (ChDir(OriginalDir) != 0)
340 DEBUG( 0, ( "chdir(%s) failed in unbecome_user\n", OriginalDir ) );
341
342 DEBUG(5,("unbecome_user now uid=(%d,%d) gid=(%d,%d)\n",
343 (int)getuid(),(int)geteuid(),(int)getgid(),(int)getegid()));
344
345 current_user.conn = NULL;
346 current_user.vuid = UID_FIELD_INVALID;
347
348 return(True);
349 }
350
351 static struct current_user current_user_saved;
352 static int become_root_depth;
353 static pstring become_root_dir;
354
355 /****************************************************************************
356 This is used when we need to do a privilaged operation (such as mucking
357 with share mode files) and temporarily need root access to do it. This
358 call should always be paired with an unbecome_root() call immediately
359 after the operation
360
361 Set save_dir if you also need to save/restore the CWD
362 ****************************************************************************/
363 void become_root(BOOL save_dir)
364 {
365 if (become_root_depth) {
366 DEBUG(0,("ERROR: become root depth is non zero\n"));
367 }
368 if (save_dir)
369 GetWd(become_root_dir);
370
371 current_user_saved = current_user;
372 become_root_depth = 1;
373
374 become_uid(0);
375 become_gid(0);
376 }
377
378 /****************************************************************************
379 When the privilaged operation is over call this
380
381 Set save_dir if you also need to save/restore the CWD
382 ****************************************************************************/
383 void unbecome_root(BOOL restore_dir)
384 {
385 if (become_root_depth != 1) {
386 DEBUG(0,("ERROR: unbecome root depth is %d\n",
387 become_root_depth));
388 }
389
390 /* we might have done a become_user() while running as root,
391 if we have then become root again in order to become
392 non root! */
393 if (current_user.uid != 0) {
394 become_uid(0);
395 }
396
397 /* restore our gid first */
398 if (!become_gid(current_user_saved.gid)) {
399 DEBUG(0,("ERROR: Failed to restore gid\n"));
400 exit_server("Failed to restore gid");
401 }
402
403 #ifdef HAVE_SETGROUPS
404 if (current_user_saved.ngroups > 0) {
405 if (setgroups(current_user_saved.ngroups,
406 current_user_saved.groups)<0)
407 DEBUG(0,("ERROR: setgroups call failed!\n"));
408 }
409 #endif
410
411 /* now restore our uid */
412 if (!become_uid(current_user_saved.uid)) {
413 DEBUG(0,("ERROR: Failed to restore uid\n"));
414 exit_server("Failed to restore uid");
415 }
416
417 if (restore_dir)
418 ChDir(become_root_dir);
419
420 current_user = current_user_saved;
421
422 become_root_depth = 0;
423 }
reg import