#include "libcli/security/security.h"
#include "passdb/lookup_sid.h"
#include "auth.h"
+#include "../auth/auth_util.h"
+#include "lib/util/time_basic.h"
+
+struct smbd_impersonate_debug_state {
+ int dbg_lvl;
+ const char *name;
+};
+
+static bool smbd_impersonate_debug_before_use(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev, location));
+
+ return true;
+}
+
+static void smbd_impersonate_debug_after_use(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev, location));
+}
+
+static void smbd_impersonate_debug_before_fd_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_fd *fde,
+ uint16_t flags,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "fde[%p] flags[0x%X] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ fde, flags, handler_name, location));
+}
+
+static void smbd_impersonate_debug_after_fd_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_fd *fde,
+ uint16_t flags,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "fde[%p] flags[0x%X] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ fde, flags, handler_name, location));
+}
+
+static void smbd_impersonate_debug_before_timer_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_timer *te,
+ struct timeval requested_time,
+ struct timeval trigger_time,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+ struct timeval_buf requested_buf;
+ struct timeval_buf trigger_buf;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "te[%p] requested_time[%s] trigger_time[%s] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev, te,
+ timeval_str_buf(&requested_time, true, true, &requested_buf),
+ timeval_str_buf(&trigger_time, true, true, &trigger_buf),
+ handler_name, location));
+}
+
+static void smbd_impersonate_debug_after_timer_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_timer *te,
+ struct timeval requested_time,
+ struct timeval trigger_time,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+ struct timeval_buf requested_buf;
+ struct timeval_buf trigger_buf;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "te[%p] requested_time[%s] trigger_time[%s] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev, te,
+ timeval_str_buf(&requested_time, true, true, &requested_buf),
+ timeval_str_buf(&trigger_time, true, true, &trigger_buf),
+ handler_name, location));
+}
+
+static void smbd_impersonate_debug_before_immediate_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_immediate *im,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "im[%p] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ im, handler_name, location));
+}
+
+static void smbd_impersonate_debug_after_immediate_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_immediate *im,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "im[%p] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ im, handler_name, location));
+}
+
+static void smbd_impersonate_debug_before_signal_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "se[%p] signum[%d] count[%d] siginfo[%p] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ se, signum, count, siginfo, handler_name, location));
+}
+
+static void smbd_impersonate_debug_after_signal_handler(struct tevent_context *wrap_ev,
+ void *private_data,
+ struct tevent_context *main_ev,
+ struct tevent_signal *se,
+ int signum,
+ int count,
+ void *siginfo,
+ const char *handler_name,
+ const char *location)
+{
+ struct smbd_impersonate_debug_state *state =
+ (struct smbd_impersonate_debug_state *)private_data;
+
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] "
+ "se[%p] signum[%d] count[%d] siginfo[%p] handler_name[%s] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev,
+ se, signum, count, siginfo, handler_name, location));
+}
+
+static const struct tevent_wrapper_ops smbd_impersonate_debug_ops = {
+ .name = "smbd_impersonate_debug",
+ .before_use = smbd_impersonate_debug_before_use,
+ .after_use = smbd_impersonate_debug_after_use,
+ .before_fd_handler = smbd_impersonate_debug_before_fd_handler,
+ .after_fd_handler = smbd_impersonate_debug_after_fd_handler,
+ .before_timer_handler = smbd_impersonate_debug_before_timer_handler,
+ .after_timer_handler = smbd_impersonate_debug_after_timer_handler,
+ .before_immediate_handler = smbd_impersonate_debug_before_immediate_handler,
+ .after_immediate_handler = smbd_impersonate_debug_after_immediate_handler,
+ .before_signal_handler = smbd_impersonate_debug_before_signal_handler,
+ .after_signal_handler = smbd_impersonate_debug_after_signal_handler,
+};
+
+struct tevent_context *_smbd_impersonate_debug_create(struct tevent_context *main_ev,
+ const char *name,
+ int dbg_lvl,
+ const char *location)
+{
+ struct tevent_context *wrap_ev = NULL;
+ struct smbd_impersonate_debug_state *state = NULL;
+
+ wrap_ev = tevent_context_wrapper_create(main_ev,
+ main_ev,
+ &smbd_impersonate_debug_ops,
+ &state,
+ struct smbd_impersonate_debug_state);
+ if (wrap_ev == NULL) {
+ return NULL;
+ }
+ state->name = name;
+ state->dbg_lvl = dbg_lvl;
+ DEBUG(state->dbg_lvl, (
+ "%s: name[%s] wrap_ev[%p] state[%p] main_ev[%p] location[%s]\n",
+ __func__, state->name, wrap_ev, state, main_ev, location));
+
+ return wrap_ev;
+}
/* what user is current? */
extern struct current_user current_user;
{
struct passwd *pass;
- pass = Get_Pwnam_alloc(talloc_tos(), lp_guestaccount());
+ pass = Get_Pwnam_alloc(talloc_tos(), lp_guest_account());
if (!pass) {
return false;
}
current_user.conn = NULL;
current_user.vuid = UID_FIELD_INVALID;
+ current_user.need_chdir = false;
+ current_user.done_chdir = false;
TALLOC_FREE(pass);
}
}
/* Not used, safe to free. */
+ TALLOC_FREE(conn->user_ev_ctx);
TALLOC_FREE(conn->session_info);
}
+/****************************************************************************
+ Setup the share access mask for a connection.
+****************************************************************************/
+
+static uint32_t create_share_access_mask(int snum,
+ bool readonly_share,
+ const struct security_token *token)
+{
+ uint32_t share_access = 0;
+
+ share_access_check(token,
+ lp_const_servicename(snum),
+ MAXIMUM_ALLOWED_ACCESS,
+ &share_access);
+
+ if (readonly_share) {
+ share_access &=
+ ~(SEC_FILE_WRITE_DATA | SEC_FILE_APPEND_DATA |
+ SEC_FILE_WRITE_EA | SEC_FILE_WRITE_ATTRIBUTE |
+ SEC_DIR_DELETE_CHILD );
+ }
+
+ if (security_token_has_privilege(token, SEC_PRIV_SECURITY)) {
+ share_access |= SEC_FLAG_SYSTEM_SECURITY;
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_RESTORE)) {
+ share_access |= SEC_RIGHTS_PRIV_RESTORE;
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_BACKUP)) {
+ share_access |= SEC_RIGHTS_PRIV_BACKUP;
+ }
+ if (security_token_has_privilege(token, SEC_PRIV_TAKE_OWNERSHIP)) {
+ share_access |= SEC_STD_WRITE_OWNER;
+ }
+
+ return share_access;
+}
+
/*******************************************************************
Calculate access mask and if this user can access this share.
********************************************************************/
readonly_share,
session_info->security_token);
- if ((share_access & FILE_WRITE_DATA) == 0) {
- if ((share_access & FILE_READ_DATA) == 0) {
- /* No access, read or write. */
- DEBUG(0,("user %s connection to %s "
- "denied due to share security "
- "descriptor.\n",
- session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
- return NT_STATUS_ACCESS_DENIED;
- }
+ if ((share_access & (FILE_READ_DATA|FILE_WRITE_DATA)) == 0) {
+ /* No access, read or write. */
+ DBG_NOTICE("user %s connection to %s denied due to share "
+ "security descriptor.\n",
+ session_info->unix_info->unix_name,
+ lp_const_servicename(snum));
+ return NT_STATUS_ACCESS_DENIED;
}
if (!readonly_share &&
!(share_access & FILE_WRITE_DATA)) {
/* smb.conf allows r/w, but the security descriptor denies
* write. Fall back to looking at readonly. */
- readonly_share = True;
- DEBUG(5,("falling back to read-only access-evaluation due to "
- "security descriptor\n"));
+ readonly_share = true;
+ DBG_INFO("falling back to read-only access-evaluation due to "
+ "security descriptor\n");
}
*p_share_access = share_access;
bool admin_user = false;
struct vuid_cache_entry *ent = NULL;
uint32_t share_access = 0;
+ NTSTATUS status;
for (i=0; i<VUID_CACHE_SIZE; i++) {
ent = &conn->vuid_cache->array[i];
if (ent->vuid == vuid) {
+ if (vuid == UID_FIELD_INVALID) {
+ /*
+ * Slow path, we don't care
+ * about the array traversal.
+ */
+ continue;
+ }
free_conn_session_info_if_unused(conn);
conn->session_info = ent->session_info;
+ conn->user_ev_ctx = ent->user_ev_ctx;
conn->read_only = ent->read_only;
conn->share_access = ent->share_access;
+ conn->vuid = ent->vuid;
return(True);
}
}
- if (!user_ok_token(session_info->unix_info->unix_name,
- session_info->info->domain_name,
- session_info->security_token, snum))
- return(False);
-
- readonly_share = is_share_read_only_for_token(
- session_info->unix_info->unix_name,
- session_info->info->domain_name,
- session_info->security_token,
- conn);
-
- share_access = create_share_access_mask(snum,
- readonly_share,
- session_info->security_token);
-
- if ((share_access & FILE_WRITE_DATA) == 0) {
- if ((share_access & FILE_READ_DATA) == 0) {
- /* No access, read or write. */
- DEBUG(0,("user %s connection to %s "
- "denied due to share security "
- "descriptor.\n",
- session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
- return false;
- }
- }
-
- if (!readonly_share &&
- !(share_access & FILE_WRITE_DATA)) {
- /* smb.conf allows r/w, but the security descriptor denies
- * write. Fall back to looking at readonly. */
- readonly_share = True;
- DEBUG(5,("falling back to read-only access-evaluation due to "
- "security descriptor\n"));
+ status = check_user_share_access(conn,
+ session_info,
+ &share_access,
+ &readonly_share);
+ if (!NT_STATUS_IS_OK(status)) {
+ return false;
}
admin_user = token_contains_name_in_list(
return false;
}
+ if (admin_user) {
+ DEBUG(2,("check_user_ok: user %s is an admin user. "
+ "Setting uid as %d\n",
+ ent->session_info->unix_info->unix_name,
+ sec_initial_uid() ));
+ ent->session_info->unix_token->uid = sec_initial_uid();
+ }
+
+ if (vuid == UID_FIELD_INVALID) {
+ ent->user_ev_ctx = smbd_impersonate_conn_sess_create(
+ conn->sconn->raw_ev_ctx, conn, ent->session_info);
+ if (ent->user_ev_ctx == NULL) {
+ TALLOC_FREE(ent->session_info);
+ ent->vuid = UID_FIELD_INVALID;
+ return false;
+ }
+ } else {
+ ent->user_ev_ctx = smbd_impersonate_conn_vuid_create(
+ conn->sconn->raw_ev_ctx, conn, vuid);
+ if (ent->user_ev_ctx == NULL) {
+ TALLOC_FREE(ent->session_info);
+ ent->vuid = UID_FIELD_INVALID;
+ return false;
+ }
+ }
+
+ /*
+ * It's actually OK to call check_user_ok() with
+ * vuid == UID_FIELD_INVALID as called from change_to_user_by_session().
+ * All this will do is throw away one entry in the cache.
+ */
+
ent->vuid = vuid;
ent->read_only = readonly_share;
ent->share_access = share_access;
free_conn_session_info_if_unused(conn);
conn->session_info = ent->session_info;
+ conn->vuid = ent->vuid;
+ conn->user_ev_ctx = ent->user_ev_ctx;
+ if (vuid == UID_FIELD_INVALID) {
+ /*
+ * Not strictly needed, just make it really
+ * clear this entry is actually an unused one.
+ */
+ ent->read_only = false;
+ ent->share_access = 0;
+ ent->session_info = NULL;
+ ent->user_ev_ctx = NULL;
+ }
conn->read_only = readonly_share;
conn->share_access = share_access;
- if (admin_user) {
- DEBUG(2,("check_user_ok: user %s is an admin user. "
- "Setting uid as %d\n",
- conn->session_info->unix_info->unix_name,
- sec_initial_uid() ));
- conn->session_info->unix_token->uid = sec_initial_uid();
- }
-
return(True);
}
gid_t *group_list = NULL;
bool ok;
+ if ((current_user.conn == conn) &&
+ (current_user.vuid == vuid) &&
+ (current_user.need_chdir == conn->tcon_done) &&
+ (current_user.ut.uid == session_info->unix_token->uid))
+ {
+ DBG_INFO("Skipping user change - already user\n");
+ return true;
+ }
+
+ set_current_user_info(session_info->unix_info->sanitized_username,
+ session_info->unix_info->unix_name,
+ session_info->info->domain_name);
+
snum = SNUM(conn);
ok = check_user_ok(conn, vuid, session_info, snum);
if (!ok) {
- DEBUG(2,("SMB user %s (unix user %s) "
+ DBG_WARNING("SMB user %s (unix user %s) "
"not permitted access to share %s.\n",
session_info->unix_info->sanitized_username,
session_info->unix_info->unix_name,
- lp_servicename(talloc_tos(), snum)));
+ lp_const_servicename(snum));
return false;
}
current_user.conn = conn;
current_user.vuid = vuid;
+ current_user.need_chdir = conn->tcon_done;
- DEBUG(5, ("Impersonated user: uid=(%d,%d), gid=(%d,%d)\n",
- (int)getuid(),
- (int)geteuid(),
- (int)getgid(),
- (int)getegid()));
+ if (current_user.need_chdir) {
+ ok = chdir_current_service(conn);
+ if (!ok) {
+ DBG_ERR("chdir_current_service() failed!\n");
+ return false;
+ }
+ current_user.done_chdir = true;
+ }
+
+ if (CHECK_DEBUGLVL(DBGLVL_INFO)) {
+ struct smb_filename *cwdfname = vfs_GetWd(talloc_tos(), conn);
+ if (cwdfname == NULL) {
+ return false;
+ }
+ DBG_INFO("Impersonated user: uid=(%d,%d), gid=(%d,%d), cwd=[%s]\n",
+ (int)getuid(),
+ (int)geteuid(),
+ (int)getgid(),
+ (int)getegid(),
+ cwdfname->base_name);
+ TALLOC_FREE(cwdfname);
+ }
return true;
}
}
vuser = get_valid_user_struct(conn->sconn, vuid);
-
- if ((current_user.conn == conn) &&
- (vuser != NULL) && (current_user.vuid == vuid) &&
- (current_user.ut.uid == vuser->session_info->unix_token->uid)) {
- DEBUG(4,("Skipping user change - already "
- "user\n"));
- return(True);
- }
-
if (vuser == NULL) {
/* Invalid vuid sent */
- DEBUG(2,("Invalid vuid %llu used on share %s.\n",
- (unsigned long long)vuid, lp_servicename(talloc_tos(),
- snum)));
+ DBG_WARNING("Invalid vuid %llu used on share %s.\n",
+ (unsigned long long)vuid,
+ lp_const_servicename(snum));
return false;
}
return change_to_user_internal(conn, vuser->session_info, vuid);
}
+bool change_to_user_by_fsp(struct files_struct *fsp)
+{
+ return change_to_user(fsp->conn, fsp->vuid);
+}
+
static bool change_to_user_by_session(connection_struct *conn,
const struct auth_session_info *session_info)
{
SMB_ASSERT(conn != NULL);
SMB_ASSERT(session_info != NULL);
- if ((current_user.conn == conn) &&
- (current_user.ut.uid == session_info->unix_token->uid)) {
- DEBUG(7, ("Skipping user change - already user\n"));
-
- return true;
- }
-
return change_to_user_internal(conn, session_info, UID_FIELD_INVALID);
}
current_user.conn = NULL;
current_user.vuid = UID_FIELD_INVALID;
+ current_user.need_chdir = false;
+ current_user.done_chdir = false;
return(True);
}
user. Doesn't modify current_user.
****************************************************************************/
-bool become_authenticated_pipe_user(struct auth_session_info *session_info)
+bool smbd_become_authenticated_pipe_user(struct auth_session_info *session_info)
{
if (!push_sec_ctx())
return False;
session_info->unix_token->ngroups, session_info->unix_token->groups,
session_info->security_token);
+ DEBUG(5, ("Impersonated user: uid=(%d,%d), gid=(%d,%d)\n",
+ (int)getuid(),
+ (int)geteuid(),
+ (int)getgid(),
+ (int)getegid()));
+
return True;
}
current_user.
****************************************************************************/
-bool unbecome_authenticated_pipe_user(void)
+bool smbd_unbecome_authenticated_pipe_user(void)
{
return pop_sec_ctx();
}
static void push_conn_ctx(void)
{
struct conn_ctx *ctx_p;
+ extern userdom_struct current_user_info;
/* Check we don't overflow our stack */
ctx_p->conn = current_user.conn;
ctx_p->vuid = current_user.vuid;
+ ctx_p->need_chdir = current_user.need_chdir;
+ ctx_p->done_chdir = current_user.done_chdir;
+ ctx_p->user_info = current_user_info;
DEBUG(4, ("push_conn_ctx(%llu) : conn_ctx_stack_ndx = %d\n",
(unsigned long long)ctx_p->vuid, conn_ctx_stack_ndx));
conn_ctx_stack_ndx--;
ctx_p = &conn_ctx_stack[conn_ctx_stack_ndx];
+ set_current_user_info(ctx_p->user_info.smb_name,
+ ctx_p->user_info.unix_name,
+ ctx_p->user_info.domain);
+
+ /*
+ * Check if the current context did a chdir_current_service()
+ * and restore the cwd_fname of the previous context
+ * if needed.
+ */
+ if (current_user.done_chdir && ctx_p->need_chdir) {
+ int ret;
+
+ ret = vfs_ChDir(ctx_p->conn, ctx_p->conn->cwd_fname);
+ if (ret != 0) {
+ DBG_ERR("vfs_ChDir() failed!\n");
+ smb_panic("vfs_ChDir() failed!\n");
+ }
+ }
+
current_user.conn = ctx_p->conn;
current_user.vuid = ctx_p->vuid;
+ current_user.need_chdir = ctx_p->need_chdir;
+ current_user.done_chdir = ctx_p->done_chdir;
- ctx_p->conn = NULL;
- ctx_p->vuid = UID_FIELD_INVALID;
+ *ctx_p = (struct conn_ctx) {
+ .vuid = UID_FIELD_INVALID,
+ };
}
/****************************************************************************
pop_conn_ctx();
}
+bool become_guest(void)
+{
+ bool ok;
+
+ ok = push_sec_ctx();
+ if (!ok) {
+ return false;
+ }
+
+ push_conn_ctx();
+
+ ok = change_to_guest();
+ if (!ok) {
+ pop_sec_ctx();
+ pop_conn_ctx();
+ return false;
+ }
+
+ return true;
+}
+
+void unbecome_guest(void)
+{
+ pop_sec_ctx();
+ pop_conn_ctx();
+ return;
+}
+
/****************************************************************************
Push the current security context then force a change via change_to_user().
Saves and restores the connection context.
return True;
}
+bool become_user_by_fsp(struct files_struct *fsp)
+{
+ return become_user(fsp->conn, fsp->vuid);
+}
+
bool become_user_by_session(connection_struct *conn,
const struct auth_session_info *session_info)
{
{
return current_user.vuid;
}
+
+struct tevent_context *smbd_impersonate_conn_vuid_create(
+ struct tevent_context *main_ev,
+ struct connection_struct *conn,
+ uint64_t vuid)
+{
+ struct tevent_context *wrap_ev = NULL;
+
+ wrap_ev = smbd_impersonate_debug_create(main_ev,
+ "conn_vuid",
+ DBGLVL_DEBUG);
+
+ return wrap_ev;
+}
+
+struct tevent_context *smbd_impersonate_conn_sess_create(
+ struct tevent_context *main_ev,
+ struct connection_struct *conn,
+ struct auth_session_info *session_info)
+{
+ struct tevent_context *wrap_ev = NULL;
+
+ wrap_ev = smbd_impersonate_debug_create(main_ev,
+ "conn_sess",
+ DBGLVL_DEBUG);
+
+ return wrap_ev;
+}
+
+struct tevent_context *smbd_impersonate_root_create(struct tevent_context *main_ev)
+{
+ struct tevent_context *wrap_ev = NULL;
+
+ wrap_ev = smbd_impersonate_debug_create(main_ev,
+ "root",
+ DBGLVL_DEBUG);
+
+ return wrap_ev;
+}
+
+struct tevent_context *smbd_impersonate_guest_create(struct tevent_context *main_ev)
+{
+ struct tevent_context *wrap_ev = NULL;
+
+ wrap_ev = smbd_impersonate_debug_create(main_ev,
+ "guest",
+ DBGLVL_DEBUG);
+
+ return wrap_ev;
+}