The Samba-Bugzilla – Attachment 8879 Details for
Bug 9465
Unable to setup messaging listener for '/usr/local/samba/private/smbd.tmp/msg/msg.17364.2':NT_STATUS_ACCESS_DENIED
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
improved patch
0001-s3-rpc_server-Ensure-we-are-root-when-starting-and-u.patch (text/plain), 2.67 KB, created by
Andrew Bartlett
on 2013-05-12 06:45:17 UTC
(
hide
)
Description:
improved patch
Filename:
MIME Type:
Creator:
Andrew Bartlett
Created:
2013-05-12 06:45:17 UTC
Size:
2.67 KB
patch
obsolete
>From 62ef25b6ca8d9b535940ec5051cae07529290291 Mon Sep 17 00:00:00 2001 >From: Andrew Bartlett <abartlet@samba.org> >Date: Thu, 2 May 2013 16:29:21 +1200 >Subject: [PATCH] s3-rpc_server: Ensure we are root when starting and usiing > gensec > >This fixes bug 9465. > >Andrew Bartlett >--- > source3/rpc_server/dcesrv_auth_generic.c | 38 +++++++++++++++++++++++++++----- > 1 file changed, 32 insertions(+), 6 deletions(-) > >diff --git a/source3/rpc_server/dcesrv_auth_generic.c b/source3/rpc_server/dcesrv_auth_generic.c >index c4c08b2..b2b14de 100644 >--- a/source3/rpc_server/dcesrv_auth_generic.c >+++ b/source3/rpc_server/dcesrv_auth_generic.c >@@ -24,12 +24,12 @@ > #include "auth.h" > #include "auth/gensec/gensec.h" > >-NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx, >- uint8_t auth_type, uint8_t auth_level, >- DATA_BLOB *token_in, >- DATA_BLOB *token_out, >- const struct tsocket_address *remote_address, >- struct gensec_security **ctx) >+static NTSTATUS auth_generic_server_authtype_start_as_root(TALLOC_CTX *mem_ctx, >+ uint8_t auth_type, uint8_t auth_level, >+ DATA_BLOB *token_in, >+ DATA_BLOB *token_out, >+ const struct tsocket_address *remote_address, >+ struct gensec_security **ctx) > { > struct gensec_security *gensec_security = NULL; > NTSTATUS status; >@@ -62,6 +62,27 @@ NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx, > return NT_STATUS_OK; > } > >+NTSTATUS auth_generic_server_authtype_start(TALLOC_CTX *mem_ctx, >+ uint8_t auth_type, uint8_t auth_level, >+ DATA_BLOB *token_in, >+ DATA_BLOB *token_out, >+ const struct tsocket_address *remote_address, >+ struct gensec_security **ctx) >+{ >+ NTSTATUS status; >+ become_root(); >+ >+ /* this has to be done as root in order to create the messaging socket */ >+ status = auth_generic_server_authtype_start_as_root(mem_ctx, >+ auth_type, auth_level, >+ token_in, >+ token_out, >+ remote_address, >+ ctx); >+ unbecome_root(); >+ return status; >+} >+ > NTSTATUS auth_generic_server_step(struct gensec_security *gensec_security, > TALLOC_CTX *mem_ctx, > DATA_BLOB *token_in, >@@ -101,7 +122,12 @@ NTSTATUS auth_generic_server_get_user_info(struct gensec_security *gensec_securi > { > NTSTATUS status; > >+ /* this has to be done as root in order to get to the >+ * messaging sockets for IDMAP and privilege.ldb in the AD >+ * DC */ >+ become_root(); > status = gensec_session_info(gensec_security, mem_ctx, session_info); >+ unbecome_root(); > if (!NT_STATUS_IS_OK(status)) { > DEBUG(1, (__location__ ": Failed to get authenticated user " > "info: %s\n", nt_errstr(status))); >-- >1.7.11.7 >
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=8879">View the attachment on a separate page</a>.</b>
View Attachment As Raw
Actions:
View
Attachments on
bug 9465
:
8845
| 8879 |
8908