r11170: root free pass on eventlog open access check

(This used to be commit 4e3ff41e1ee2e3c323814fd8c6aa44ecab412257)

diff --git a/packaging/RedHat/samba.spec.tmpl b/packaging/RedHat/samba.spec.tmpl
index f9c4fcfbfa94e4ad2884217057ee77a8b5fa7ed4..004f57cf5227fb9a75412c4dc5f0663dd70ae6dd 100644 (file)
--- a/packaging/RedHat/samba.spec.tmpl
+++ b/packaging/RedHat/samba.spec.tmpl
@@ -437,6 +437,7 @@ fi
 %{prefix}/bin/smbtree
 %attr(755,root,root) /lib/libnss_wins.s*
 %attr(755,root,root) %{prefix}/lib/samba/vfs/*.so
+%attr(755,root,root) %{prefix}/lib/samba/auth/*.so
 %attr(755,root,root) %{prefix}/lib/samba/charset/*.so
 %attr(755,root,root) %{prefix}/lib/samba/idmap/*.so
 #%attr(755,root,root) %{prefix}/lib/samba/pdb/*.so

diff --git a/source3/rpc_server/srv_eventlog_nt.c b/source3/rpc_server/srv_eventlog_nt.c
index 577ec48482a2258b0cbe273ba5d267d2b318d2ef..5901f68f5210677ac44e58b3d5d6a346e6611d46 100644 (file)
--- a/source3/rpc_server/srv_eventlog_nt.c
+++ b/source3/rpc_server/srv_eventlog_nt.c
@@ -88,6 +88,13 @@ static BOOL elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
                return False;
        }
        
+       /* root free pass */
+
+       if ( geteuid() == sec_initial_uid() ) {
+               DEBUG(5,("elog_check_access: using root's token\n"));
+               token = get_root_nt_token();
+       }
+
        /* run the check, try for the max allowed */
        
        ret = se_access_check( sec_desc, token, MAXIMUM_ALLOWED_ACCESS,