git.samba.org / gd / samba-autobuild / .git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 3e5e775)
Revert "s3/service: convert lp_force_group() to const"
authorDavid Disseldorp <ddiss@samba.org>
Sun, 8 Jul 2018 23:40:58 +0000 (01:40 +0200)
committerJeremy Allison <jra@samba.org>
Mon, 9 Jul 2018 22:12:19 +0000 (00:12 +0200)
This reverts commit c53646bccd87ef3b3133d3f7526ef85591909528.
As mentioned by Andrew, we shouldn't break environments where
"force group" has been configured to use substituted variables.

Signed-off-by: David Disseldorp <ddiss@samba.org>
Reviewed-by: Jeremy Allison <jra@samba.org>
Autobuild-User(master): Jeremy Allison <jra@samba.org>
Autobuild-Date(master): Tue Jul 10 00:12:19 CEST 2018 on sn-devel-144

docs-xml/smbdotconf/security/forcegroup.xml patch | blob | history
source3/smbd/service.c patch | blob | history
source3/smbd/uid.c patch | blob | history

diff --git a/docs-xml/smbdotconf/security/forcegroup.xml b/docs-xml/smbdotconf/security/forcegroup.xml
index b6e729be927b52b276ae0eeccb431b62f4b96aeb..d101f1c1b86ac1a1838e0277f72d08e0584ef354 100644 (file)
--- a/docs-xml/smbdotconf/security/forcegroup.xml
+++ b/docs-xml/smbdotconf/security/forcegroup.xml
@@ -1,7 +1,6 @@
 <samba:parameter name="force group"
                  context="S"
                  type="string"
-                 constant="1"
                  xmlns:samba="http://www.samba.org/samba/DTD/samba-doc">
 <synonym>group</synonym>
 <description>
diff --git a/source3/smbd/service.c b/source3/smbd/service.c
index df72172d9b015d1a295daa71073e8bcc6a2448a6..2e4a1136254b56941dd1dfd1374560ec94f21181 100644 (file)
--- a/source3/smbd/service.c
+++ b/source3/smbd/service.c
@@ -243,18 +243,23 @@ static NTSTATUS find_forced_group(bool force_user,
        TALLOC_CTX *frame = talloc_stackframe();
        struct dom_sid group_sid;
        enum lsa_SidType type;
-       const char *force_group;
        char *groupname;
        bool user_must_be_member = False;
        gid_t gid;
 
-       force_group = lp_force_group(snum);
-       if (force_group[0] == '+') {
-               user_must_be_member = true;
-               force_group += 1;
+       groupname = lp_force_group(talloc_tos(), snum);
+       if (groupname == NULL) {
+               DEBUG(1, ("talloc_strdup failed\n"));
+               result = NT_STATUS_NO_MEMORY;
+               goto done;
+       }
+
+       if (groupname[0] == '+') {
+               user_must_be_member = True;
+               groupname += 1;
        }
 
-       groupname = talloc_string_sub(talloc_tos(), force_group,
+       groupname = talloc_string_sub(talloc_tos(), groupname,
                                      "%S", lp_const_servicename(snum));
        if (groupname == NULL) {
                DEBUG(1, ("talloc_string_sub failed\n"));
@@ -422,7 +427,7 @@ NTSTATUS set_conn_force_user_group(connection_struct *conn, int snum)
         * any groupid stored for the connecting user.
         */
 
-       if (*lp_force_group(snum)) {
+       if (*lp_force_group(talloc_tos(), snum)) {
 
                status = find_forced_group(
                        conn->force_user, snum, conn->session_info->unix_info->unix_name,
diff --git a/source3/smbd/uid.c b/source3/smbd/uid.c
index b6a754b8cfd4c64bd6618d1425a780f092c4379d..9d5321cf4ccc7772f81158a3356e6a8c0bd7c41d 100644 (file)
--- a/source3/smbd/uid.c
+++ b/source3/smbd/uid.c
@@ -335,8 +335,7 @@ static bool change_to_user_internal(connection_struct *conn,
         * See if we should force group for this service. If so this overrides
         * any group set in the force user code.
         */
-       group_c = *lp_force_group(snum);
-       if (group_c != '\0') {
+       if((group_c = *lp_force_group(talloc_tos(), snum))) {
 
                SMB_ASSERT(conn->force_group_gid != (gid_t)-1);
 
Unnamed repository; edit this file 'description' to name the repository.