The Samba-Bugzilla – Attachment 5457 Details for
Bug 7125
net sam createbuiltingroup core dumped when used without root
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
Proposed patch against master
0001-s3-net_sam-Bug-7125-Do-not-segfault-when-called-as-n.patch (text/plain), 13.70 KB, created by
Karolin Seeger
on 2010-03-04 06:46:33 UTC
(
hide
)
Description:
Proposed patch against master
Filename:
MIME Type:
Creator:
Karolin Seeger
Created:
2010-03-04 06:46:33 UTC
Size:
13.70 KB
patch
obsolete
>From 6c768c909e82badcccf44c03fb522e5a72260b74 Mon Sep 17 00:00:00 2001 >From: Karolin Seeger <kseeger@samba.org> >Date: Thu, 4 Mar 2010 13:43:29 +0100 >Subject: [PATCH] s3-net_sam: Bug 7125: Do not segfault when called as non-privileged user. > >Karolin >--- > source3/utils/net_sam.c | 186 +++++++++++++++++++++++++++++++++++++++++++++- > 1 files changed, 181 insertions(+), 5 deletions(-) > >diff --git a/source3/utils/net_sam.c b/source3/utils/net_sam.c >index 6e3ccfe..dbc72a5 100644 >--- a/source3/utils/net_sam.c >+++ b/source3/utils/net_sam.c >@@ -43,6 +43,12 @@ static int net_sam_userset(struct net_context *c, int argc, const char **argv, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user settings.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -86,6 +92,12 @@ static int net_sam_userset(struct net_context *c, int argc, const char **argv, > static int net_sam_set_fullname(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "fullname", > pdb_set_fullname); > } >@@ -93,6 +105,12 @@ static int net_sam_set_fullname(struct net_context *c, int argc, > static int net_sam_set_logonscript(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "logonscript", > pdb_set_logon_script); > } >@@ -100,6 +118,12 @@ static int net_sam_set_logonscript(struct net_context *c, int argc, > static int net_sam_set_profilepath(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "profilepath", > pdb_set_profile_path); > } >@@ -107,6 +131,12 @@ static int net_sam_set_profilepath(struct net_context *c, int argc, > static int net_sam_set_homedrive(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "homedrive", > pdb_set_dir_drive); > } >@@ -114,6 +144,12 @@ static int net_sam_set_homedrive(struct net_context *c, int argc, > static int net_sam_set_homedir(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "homedir", > pdb_set_homedir); > } >@@ -121,6 +157,12 @@ static int net_sam_set_homedir(struct net_context *c, int argc, > static int net_sam_set_workstations(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to change user attributes.\n")); >+ return -1; >+ } >+ > return net_sam_userset(c, argc, argv, "workstations", > pdb_set_workstations); > } >@@ -149,6 +191,12 @@ static int net_sam_set_userflag(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to set user flags.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -241,6 +289,12 @@ static int net_sam_set_pwdmustchangenow(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to set pwdmustchangenow.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -305,6 +359,12 @@ static int net_sam_set_comment(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to set a comment.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -470,6 +530,12 @@ static int net_sam_policy_set(struct net_context *c, int argc, const char **argv > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to set account policy values.\n")); >+ return -1; >+ } >+ > account_policy = argv[0]; > field = account_policy_name_to_typenum(account_policy); > >@@ -537,6 +603,12 @@ static int net_sam_policy_show(struct net_context *c, int argc, const char **arg > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to show account policy values.\n")); >+ return -1; >+ } >+ > account_policy = argv[0]; > field = account_policy_name_to_typenum(account_policy); > >@@ -701,6 +773,12 @@ static int net_sam_rights_grant(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to grant rights.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -740,6 +818,12 @@ static int net_sam_rights_revoke(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to revoke rights.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -868,6 +952,12 @@ static int net_sam_mapunixgroup(struct net_context *c, int argc, const char **ar > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to map Unix groups.\n")); >+ return -1; >+ } >+ > grp = getgrnam(argv[0]); > if (grp == NULL) { > d_fprintf(stderr, _("Could not find group %s\n"), argv[0]); >@@ -932,6 +1022,12 @@ static int net_sam_unmapunixgroup(struct net_context *c, int argc, const char ** > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to unmap Unix groups.\n")); >+ return -1; >+ } >+ > grp = getgrnam(argv[0]); > if (grp == NULL) { > d_fprintf(stderr, _("Could not find mapping for group %s.\n"), >@@ -969,6 +1065,12 @@ static int net_sam_createdomaingroup(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to create domain groups.\n")); >+ return -1; >+ } >+ > status = pdb_create_dom_group(talloc_tos(), argv[0], &rid); > > if (!NT_STATUS_IS_OK(status)) { >@@ -1002,6 +1104,12 @@ static int net_sam_deletedomaingroup(struct net_context *c, int argc, > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to delete local groups.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find %s.\n"), argv[0]); >@@ -1045,6 +1153,12 @@ static int net_sam_createlocalgroup(struct net_context *c, int argc, const char > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to create local groups.\n")); >+ return -1; >+ } >+ > if (!winbind_ping()) { > d_fprintf(stderr, _("winbind seems not to run. " > "createlocalgroup only works when winbind runs.\n")); >@@ -1082,6 +1196,13 @@ static int net_sam_deletelocalgroup(struct net_context *c, int argc, const char > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to delete local groups.\n")); >+ return -1; >+ } >+ >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr,_("Could not find %s.\n"), argv[0]); >@@ -1126,6 +1247,12 @@ static int net_sam_createbuiltingroup(struct net_context *c, int argc, const cha > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to create builtin groups.\n")); >+ return -1; >+ } >+ > if (!winbind_ping()) { > d_fprintf(stderr, _("winbind seems not to run. " > "createbuiltingroup only works when winbind " >@@ -1180,6 +1307,12 @@ static int net_sam_addmem(struct net_context *c, int argc, const char **argv) > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to add members to groups.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &groupdomain, &groupname, &group, &grouptype)) { > d_fprintf(stderr, _("Could not find group %s\n"), argv[0]); >@@ -1269,6 +1402,12 @@ static int net_sam_delmem(struct net_context *c, int argc, const char **argv) > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to delete members from groups.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &groupdomain, &groupname, &group, &grouptype)) { > d_fprintf(stderr, _("Could not find group %s\n"), argv[0]); >@@ -1343,6 +1482,12 @@ static int net_sam_listmem(struct net_context *c, int argc, const char **argv) > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list group members.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &groupdomain, &groupname, &group, &grouptype)) { > d_fprintf(stderr, _("Could not find group %s\n"), argv[0]); >@@ -1445,6 +1590,12 @@ static int net_sam_do_list(struct net_context *c, int argc, const char **argv, > static int net_sam_list_users(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list users.\n")); >+ return -1; >+ } >+ > return net_sam_do_list(c, argc, argv, > pdb_search_users(talloc_tos(), ACB_NORMAL), > "users"); >@@ -1453,6 +1604,12 @@ static int net_sam_list_users(struct net_context *c, int argc, > static int net_sam_list_groups(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list groups.\n")); >+ return -1; >+ } >+ > return net_sam_do_list(c, argc, argv, pdb_search_groups(talloc_tos()), > "groups"); > } >@@ -1460,6 +1617,12 @@ static int net_sam_list_groups(struct net_context *c, int argc, > static int net_sam_list_localgroups(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list local groups.\n")); >+ return -1; >+ } >+ > return net_sam_do_list(c, argc, argv, > pdb_search_aliases(talloc_tos(), > get_global_sam_sid()), >@@ -1469,6 +1632,12 @@ static int net_sam_list_localgroups(struct net_context *c, int argc, > static int net_sam_list_builtin(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list builtin groups.\n")); >+ return -1; >+ } >+ > return net_sam_do_list(c, argc, argv, > pdb_search_aliases(talloc_tos(), > &global_sid_Builtin), >@@ -1478,6 +1647,12 @@ static int net_sam_list_builtin(struct net_context *c, int argc, > static int net_sam_list_workstations(struct net_context *c, int argc, > const char **argv) > { >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to list workstations.\n")); >+ return -1; >+ } >+ > return net_sam_do_list(c, argc, argv, > pdb_search_users(talloc_tos(), ACB_WSTRUST), > "workstations"); >@@ -1553,6 +1728,12 @@ static int net_sam_show(struct net_context *c, int argc, const char **argv) > return -1; > } > >+ if (getuid() != 0) { >+ d_fprintf(stderr, _("You need to be root " >+ "to show account information.\n")); >+ return -1; >+ } >+ > if (!lookup_name(talloc_tos(), argv[0], LOOKUP_NAME_LOCAL, > &dom, &name, &sid, &type)) { > d_fprintf(stderr, _("Could not find name %s\n"), argv[0]); >@@ -2139,11 +2320,6 @@ int net_sam(struct net_context *c, int argc, const char **argv) > {NULL, NULL, 0, NULL, NULL} > }; > >- if (getuid() != 0) { >- d_fprintf(stderr, _("You are not root, most things won't " >- "work\n")); >- } >- > return net_run_function(c, argc, argv, "net sam", func); > } > >-- >1.6.4.2 >
You cannot view the attachment while viewing its details because your browser does not support IFRAMEs.
View the attachment on a separate page
.
View Attachment As Raw
Flags:
vl
:
review-
Actions:
View
Attachments on
bug 7125
:
5457