Fix bug #5900 reported by monyo@samba.gr.jp - vfs_readonly.so does not work.

Jeremy.

diff --git a/source3/include/proto.h b/source3/include/proto.h
index 5f9203a21f83ba94faa2c18851a38613a02ff54e..33425849d1fc94063646a6b283b459e194171451 100644 (file)
--- a/source3/include/proto.h
+++ b/source3/include/proto.h
@@ -8459,7 +8459,8 @@ bool user_ok_token(const char *username, const char *domain,
                   struct nt_user_token *token, int snum);
 bool is_share_read_only_for_token(const char *username,
                                  const char *domain,
-                                 struct nt_user_token *token, int snum);
+                                 struct nt_user_token *token,
+                                 connection_struct *conn);
 
 /* The following definitions come from smbd/srvstr.c  */
 

diff --git a/source3/modules/vfs_readonly.c b/source3/modules/vfs_readonly.c
index d4ddf32e3ac9f29e6990011ceb86791bfda615f1..58c83e5e1be224ba268d00a5f4944b4a2c4f775f 100644 (file)
--- a/source3/modules/vfs_readonly.c
+++ b/source3/modules/vfs_readonly.c
@@ -64,12 +64,25 @@ static int readonly_connect(vfs_handle_struct *handle,
                                             "period", period_def); 
 
   if (period && period[0] && period[1]) {
+    int i;
     time_t current_time = time(NULL);
     time_t begin_period = get_date(period[0], &current_time);
     time_t end_period   = get_date(period[1], &current_time);
 
     if ((current_time >= begin_period) && (current_time <= end_period)) {
+      connection_struct *conn = handle->conn;
+
       handle->conn->read_only = True;
+
+      /* Wipe out the VUID cache. */
+      for (i=0; i< VUID_CACHE_SIZE; i++) {
+        struct vuid_cache_entry *ent = ent = &conn->vuid_cache.array[i];
+        ent->vuid = UID_FIELD_INVALID;
+        TALLOC_FREE(ent->server_info);
+        ent->read_only = false;
+        ent->admin_user = false;
+      }
+      conn->vuid_cache.next_entry = 0;
     }
 
     return SMB_VFS_NEXT_CONNECT(handle, service, user);

diff --git a/source3/smbd/share_access.c b/source3/smbd/share_access.c
index f5f79c86e571177d358cf3d02f06b2aacc7b72b4..9dbacc2998366f3756188d54d67ffa8e93c71b2f 100644 (file)
--- a/source3/smbd/share_access.c
+++ b/source3/smbd/share_access.c
@@ -252,9 +252,11 @@ bool user_ok_token(const char *username, const char *domain,
 
 bool is_share_read_only_for_token(const char *username,
                                  const char *domain,
-                                 struct nt_user_token *token, int snum)
+                                 struct nt_user_token *token,
+                                 connection_struct *conn)
 {
-       bool result = lp_readonly(snum);
+       int snum = SNUM(conn);
+       bool result = conn->read_only;
 
        if (lp_readlist(snum) != NULL) {
                if (token_contains_name_in_list(username, domain,

diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index 045de6f2d32a8cb850ec05213bc6385d75ff1953..c238f40cfdb97b3ab49000448e8279aaf897e181 100644 (file)
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -88,7 +88,8 @@ static bool check_user_ok(connection_struct *conn, uint16_t vuid,
        readonly_share = is_share_read_only_for_token(
                server_info->unix_name,
                pdb_get_domain(server_info->sam_account),
-               server_info->ptok, snum);
+               server_info->ptok,
+               conn);
 
        if (!readonly_share &&
            !share_access_check(server_info->ptok, lp_servicename(snum),