From: Gerald Carter <jerry@samba.org>
Date: Wed, 19 Oct 2005 02:50:45 +0000 (+0000)
Subject: r11170: root free pass on eventlog open access check
X-Git-Tag: samba-misc-tags/initial-v3-0-unstable~4196
X-Git-Url: http://git.samba.org/samba.git/?p=ira%2Fwip.git;a=commitdiff_plain;h=4e3ff41e1ee2e3c323814fd8c6aa44ecab412257;hp=0e60813ed0d5c56c44a371d84275d1944bade770

r11170: root free pass on eventlog open access check
---

diff --git a/packaging/RedHat/samba.spec.tmpl b/packaging/RedHat/samba.spec.tmpl
index f9c4fcfbfa9..004f57cf522 100644
--- a/packaging/RedHat/samba.spec.tmpl
+++ b/packaging/RedHat/samba.spec.tmpl
@@ -437,6 +437,7 @@ fi
 %{prefix}/bin/smbtree
 %attr(755,root,root) /lib/libnss_wins.s*
 %attr(755,root,root) %{prefix}/lib/samba/vfs/*.so
+%attr(755,root,root) %{prefix}/lib/samba/auth/*.so
 %attr(755,root,root) %{prefix}/lib/samba/charset/*.so
 %attr(755,root,root) %{prefix}/lib/samba/idmap/*.so
 #%attr(755,root,root) %{prefix}/lib/samba/pdb/*.so
diff --git a/source/rpc_server/srv_eventlog_nt.c b/source/rpc_server/srv_eventlog_nt.c
index 577ec48482a..5901f68f521 100644
--- a/source/rpc_server/srv_eventlog_nt.c
+++ b/source/rpc_server/srv_eventlog_nt.c
@@ -88,6 +88,13 @@ static BOOL elog_check_access( EVENTLOG_INFO *info, NT_USER_TOKEN *token )
 		return False;
 	}
 	
+	/* root free pass */
+
+	if ( geteuid() == sec_initial_uid() ) {
+		DEBUG(5,("elog_check_access: using root's token\n"));
+		token = get_root_nt_token();
+	}
+
 	/* run the check, try for the max allowed */
 	
 	ret = se_access_check( sec_desc, token, MAXIMUM_ALLOWED_ACCESS,