[PATCH] Change system handling in smbd
Locked
 
|
Andreas,
I can't find a record of asking you about this patch, but before the beta, I was working on this tree: https://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/fix-system In short, it make the system token just that, SID_NT_SYSTEM. The unix portion remains as is, the sec_initial_uid() and it's primary group. I wondered if you could confirm that this doesn't break the special case that started you on modifying this area? Thanks, Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org  0001-s3-auth-Fix-system-token-as-just-being-SID_NT_SYSTEM.patch (2K) Download Attachment 0002-auth-Use-only-security_token_is_system-to-determine-.patch (3K) Download Attachment 0003-s3-auth-inline-make_session_info-functions-into-only.patch (5K) Download Attachment |
|
|
|
|
|
In reply to this post by Andreas Schneider-15
On Mon, 2012-06-11 at 12:13 +0200, Andreas Schneider wrote:
> On Monday 11 June 2012 19:53:18 Andrew Bartlett wrote: > > Andreas, > > Andrew, > > > I can't find a record of asking you about this patch, but before the > > beta, I was working on this tree: > > > > https://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/fix > > -system > > > > In short, it make the system token just that, SID_NT_SYSTEM. The unix > > portion remains as is, the sec_initial_uid() and it's primary group. > > > > I wondered if you could confirm that this doesn't break the special case > > that started you on modifying this area? > > the plan was to completely fake this structure. So don't call and getpw* > functions. Only use sec_initial_uid() and sec_initial_gid(). > > utok and security_token should be enough. Andrew Bartlett -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org 0001-s3-auth-Fix-system-token-as-just-being-SID_NT_SYSTEM.patch (2K) Download Attachment 0002-auth-Use-only-security_token_is_system-to-determine-.patch (3K) Download Attachment 0003-s3-auth-inline-make_session_info-functions-into-only.patch (5K) Download Attachment 0004-s3-auth-make_new_system_info_session-now-does-not-qu.patch (4K) Download Attachment |
|
|
|
|
|
On Tue, 2012-06-12 at 10:17 +0200, Andreas Schneider wrote:
> > On Tue 12.Jun.12 18:02, Andrew Bartlett wrote: > >Updated patches (currently under test) are at > >https://git.samba.org/?p=abartlet/samba.git/.git;a=shortlog;h=refs/heads/fix-system > > > > They look fine for me. Feel free to push them. There is a problem. While I can fix up the build issue, removing the getpwuid() and passdb dependency is harder, as it breaks spoolss tests. Annoyingly, this doesn't seem happen in an individual test, so far I've only reproduced it during a full make test: [485/671 in 13m52s] samba3.rpc.spoolss.driver(s3dc) Using seed 1339552309 Testing OpenPrinter(\\127.0.0.2) Testing GetPrinterData(Architecture) Testing ClosePrinter Testing OpenPrinter(\\127.0.0.2) Testing GetPrinterData(Architecture) Testing ClosePrinter Connecting printer driver share 'print$' on '127.0.0.2' Uploading printer driver files to \\127.0.0.2\print$ Uploading /usr/share/cups/drivers/x64/pscript5.dll to x64\pscript5.dll Uploading /usr/share/cups/drivers/x64/cups6.ppd to x64\cups6.ppd Uploading /usr/share/cups/drivers/x64/cupsui6.dll to x64\cupsui6.dll Uploading /usr/share/cups/drivers/x64/pscript.hlp to x64\pscript.hlp Testing AddPrinterDriverEx(torture_driver_deleter) level: 3, environment: 'Windows x64' Testing EnumPrinterDrivers(Windows x64) level 3 Connecting printer driver share 'print$' on '127.0.0.2' Uploading printer driver files to \\127.0.0.2\print$ Uploading /usr/share/cups/drivers/x64/pscript5.dll to x64\pscript5.dll Uploading /usr/share/cups/drivers/x64/cupsps6.dll to x64\cupsps6.dll Uploading /usr/share/cups/drivers/x64/cups6.ini to x64\cups6.ini Uploading /usr/share/cups/drivers/x64/pscript.hlp to x64\pscript.hlp Testing AddPrinterDriverEx(torture_driver_deleterin) level: 3, environment: 'Windows x64' Testing EnumPrinterDrivers(Windows x64) level 3 Testing DeletePrinterDriverEx(torture_driver_deleter) Testing DeletePrinterDriverEx(torture_driver_deleter) Connecting printer driver share 'print$' on '127.0.0.2' checking non-existent driver files at \\127.0.0.2\print$ checking for driver file at x64\3\cups6.ppd WARNING!: ../source4/torture/rpc/spoolss.c:8981: Expression `check_printer_driver_file(tctx, cli, d, d->info8.data_file) == expect_exist' failed: failed data_file check UNEXPECTED(failure): samba3.rpc.spoolss.driver.driver.del_driver_unused_files(s3dc) REASON: _StringException: _StringException: ../source4/torture/rpc/spoolss.c:9607: Expression `check_printer_driver_files(tctx, dcerpc_server_name(p), d1, 0)' failed: printer driver file check failed FAILED (1 failures, 0 errors and 0 unexpected successes in 0 testsuites) A summary with detailed information can be found in: ./st/summary SELFTEST FAILED -- Andrew Bartlett http://samba.org/~abartlet/ Authentication Developer, Samba Team http://samba.org 0001-s3-auth-Fix-system-token-as-just-being-SID_NT_SYSTEM.patch (978 bytes) Download Attachment 0002-auth-Use-only-security_token_is_system-to-determine-.patch (3K) Download Attachment 0003-s3-auth-inline-make_session_info-functions-into-only.patch (5K) Download Attachment 0004-s3-auth-make_new_system_info_session-not-query-passd.patch (5K) Download Attachment 0005-s3-auth-make_new_system_info_session-now-does-not-qu.patch (1K) Download Attachment |
|
|
|
Loading...
| Powered by Nabble | Edit this page |