dns_server: Attempt to SET and UNSET the sessionInfo to match the incoming user

This avoids re-opening the DB as the correct user, but applies all the right ACLs
and resulting owner.

This needs a bit more testing...

Andrew Bartlett

Signed-off-by: Stefan Metzmacher <metze@samba.org>
Signed-off-by: Kai Blin <kai@samba.org>

diff --git a/source4/dns_server/dns_update.c b/source4/dns_server/dns_update.c
index aa80b52bdd70847ece89839e00dd4b5f9994daf2..76d263b63d966ee25731626bba0c4e19a417ae5f 100644 (file)
--- a/source4/dns_server/dns_update.c
+++ b/source4/dns_server/dns_update.c
@@ -664,12 +664,22 @@ static WERROR handle_updates(struct dns_server *dns,
        uint16_t ri;
        TALLOC_CTX *tmp_ctx = talloc_new(mem_ctx);
 
+       if (tkey != NULL) {
+               ret = ldb_set_opaque(dns->samdb, "sessionInfo", tkey->session_info);
+               if (ret != LDB_SUCCESS) {
+                       DEBUG(1, ("unable to set session info\n"));
+                       werror = DNS_ERR(SERVER_FAILURE);
+                       goto failed;
+               }
+       }
+
        werror = dns_name2dn(dns, tmp_ctx, zone->name, &zone_dn);
-       W_ERROR_NOT_OK_RETURN(werror);
+       W_ERROR_NOT_OK_GOTO(werror, failed);
 
        ret = ldb_transaction_start(dns->samdb);
        if (ret != LDB_SUCCESS) {
-               return DNS_ERR(SERVER_FAILURE);
+               werror = DNS_ERR(SERVER_FAILURE);
+               goto failed;
        }
 
        werror = check_prerequisites(dns, tmp_ctx, zone, prereqs, pcount);
@@ -685,10 +695,22 @@ static WERROR handle_updates(struct dns_server *dns,
 
        ldb_transaction_commit(dns->samdb);
        TALLOC_FREE(tmp_ctx);
+
+       if (tkey != NULL) {
+               ldb_set_opaque(dns->samdb, "sessionInfo",
+                              system_session(dns->task->lp_ctx));
+       }
+
        return WERR_OK;
 
 failed:
        ldb_transaction_cancel(dns->samdb);
+
+       if (tkey != NULL) {
+               ldb_set_opaque(dns->samdb, "sessionInfo",
+                              system_session(dns->task->lp_ctx));
+       }
+
        TALLOC_FREE(tmp_ctx);
        return werror;